Abstract

As a novel way to protect connected cars, we are developing a Security Information and Event Management System (SIEM) called Security Management of Services in Connected Cars (SeMaCoCa) located in the backend of the connected car. For that we defined a connected car architecture and possible use cases which serve as a basis for the research. Using data from the connected cars and additional information, attacks on individual vehicles or fleets should be recognized. A combination of rule-based-, machine-learning-, deep learning-, real-time-based-, security-algorithms and algorithms for big data are used. Furthermore, we aim for a privacy-friendly solution that does not require the backend operator to have access to cleartext data. The new security system should be able to recognise misbehaviour under the conditions of a permanently growing number and variety of connected cars, upcoming services on the market and related constantly to changing user behavior. The challenge for the security system is, that under these conditions no stable system state exists, that the system can rely on. In this paper, we introduce the architecture of SeMaCoCa, user stories and the idea behind the approach of the system.