DIAS explored the subject in various dimensions including market and security analysis, identification of the detection methods and countermeasures, testing and demonstration of the success of measures and integration into future legislation. The whole effort was divided into certain work packages (WP) which covered a variety of activities designed to define and demonstrate the best available technology and to provide guidelines for legislation.
Market and threat analysis has been performed to identify current tampering practices, determine existing EPSs’ vulnerabilities, and quantify the risks and impacts of tampering on system functionality. Performing such a market assessment led to insights into the most effective cheating devices and their impact on emissions, OBD and vehicle systems and signals. The cheating devices were categorized per working principle and application and prioritized for subsequent testing to disclose the working principles of the tampering and the vulnerabilities of existing EPSs. It is strongly indicated that the main motive for tampering is to avoid costs for repair of malfunctions of the emissions control systems (SCR, DPF, EGR for diesel engines but possibly also TWC for older gasoline engines).
The vulnerabilities derived from tampering market and threat analysis were addressed by developing technical solutions for tampering detection (by monitoring and plausibility checks of EPS-related signals), prevention (by securing flashing process, SW execution, key management, and data exchange, and applying intrusion detection system and firewall) and reporting (by providing options for reporting schemes, infrastructure, and tampering-related compliance certification).
The success of DIAS solutions was demonstrated through traditional penetration testing (internal evaluation), but also through two hacking events by independent experts (external evaluation) and no critical remaining vulnerabilities were observed.
Ultimately, based on the findings during the whole period of the project, an anti-tampering framework was proposed that incorporates guidelines for future anti-tampering legislation and engages several entities involved in anti-tampering. European Union Member States enforce the tampering-related EU regulatory framework. Vehicle manufacturers provide vehicle anti-tampering solutions for tampering prevention, detection and reporting for and after the Type Approval. Type approval and other authorities (i.e. Periodic Technical Inspection, Roadside Inspection) ensure and control the implementation of these solutions. Workshops ensure legitimate use of diagnostic tools and report tampering, and at last, vehicle owners ensure proper and timely maintenance and proper “reverting” actions if tampering is concluded.
Throughout the project, the consortium was working on generating awareness about the project, its objectives, and expected outcomes through different channels, and on identifying key stakeholders to consolidate a strong message for the potential interest and relation of our target audiences. In addition, the digital network has been an essential channel to amplify the reach to stakeholders, always placing first a creative and relevant content strategy. The storytelling around DIAS has been based on the demonstration of the tampering countermeasure success in events, webinars and through scientific publications. In addition, the consortium has generated several dissemination materials with a special focus on promoting the results in a friendly way through the development of videos, targeting developers and end-users to promote and demonstrate the capabilities of DIAS.
