Abstract
Tachographs are used in most heavy vehicles in Europe to control drivers’ hours, and for secondary purposes ranging from accident investigation and environmental enforcement to the prevention of fraud. Their effectiveness is under threat from increasing levels of sophisticated fraud and manipulation. We examine this in the context of recent EU proposals to move to smartcard-based tachograph systems, which are aimed at cutting fraud and improving the level of enforcement generally. We conclude that the proposed new regime will be extremely vulnerable to the wholesale forgery of smartcards and to system-level manipulation, which in turn could lead to a large-scale breakdown in control. We present this as an interesting and important problem to the security community.
This paper reports research funded by the Department of the Environment, Transport and the Regions during 1997–98.
Chapter PDF
References
RJ Anderson, “Why Cryptosystems Fail”, in Proceedings of the 1st ACM Conference on Computer and Communications Security (November 1993) pp 215–227
RJ Anderson, MG Kuhn, “Tamper Resistance — a Cautionary Note”, in The Second USENIX Workshop on Electronic Commerce Proceedings (Nov 1996) pp 1–11
E Bovenlander, invited talk on smartcard security, Eurocrypt 97
’Licensing of Trusted Third Parties for the Provision of Encryption Services’, Department of Trade and Industry, March 1997
EU Regulation 3820/85 (drivers’ rules)
’Council Regulation (EEC) no 3821/85 of 20 December 1985 on recording equipment in road transport’ No L 370/8, 31/12/85
’Draft Council Regulation Amending Council Regulation (EEC) no 3821/85 and Council Directive 88/599/EEC on Recording Equipment in Road Transport’, EU, The Council, Interinstitutional file no 94/0187 (SYN), 2 July 1997
Euraxiat — Security Analysis, March 1997
“False Records: Analogue Tachographs”, G Geldart, Vehicle Inspectorate, 22nd January 1998
Hampshire police training video
“Sleep related vehicle accidents”, JA Horne, LA Reyner, in British Medical Journal v 310 (4/3/95) pp 565–567
“Falling Asleep at the Wheel”, J Horne, L Reyner, preprint, 29/2/96; distributed at Falling Asleep at the Wheel, Loughborough University 18-19/11/96
“Ex-radio chief ‘masterminded’ TV cards scam’ Irish Independent 17/2/98
“Vulnerability Assessment of Security Seals”, RG Johnson, ARE Garcia, in Journal of Security Administration v 20 no 1 (June 97) pp 15–27
’Driver Card 16kByte version 00.01.01’, 24/11/97
’Workshop, Control and Company Card version 00.01.01’, 24/11/97
’External Interface version 00.01.01’, 25/11/97
’Card Issuing version 00.02.00’, 25/11/97
O Kocar, “Hardwaresicherheit von Mikrochips in Chipkarten”, in Datenschutz und Datensicherheit v 20 no 7 (July 96) pp 421–424
“Falling Asleep at the Wheel”, JS Martin, report on conference of the same name, Loughborough University 18–19/11/96
“Principal frauds used on the current tachographs”, J Martin, UK response to ERTICO consultation document on tachograph falsification
’Principales fraudes partant atteinte à l’intégrité du chronotachygraphe’, Ministère de l’équipement, des Transports et du Tourisme, Direction des Transports Terrestres, Sous-direction des transports routiers, bureau R3 (France)
“Denial of Service: An Example”, RM Needham, in Communications of the ACM v 37 no 11 (Nov 94) pp 42–46
“Spying tags could stop fuel fraud”, N Nuttall, in The Times (Interface Section) 28/1/98 p 7
’Common Criteria for IT Security Evaluation — Smartcard Integrated Circuit Protection Profile’, registered at the French Certification Body under the number PP/9704; Motorola, Philips, Siemens, SGS-Thomson, Texas Instruments, October 1997.
“Driver sleepiness as a causal factor in accidents on the M180/A180 in South Humberside: A Preliminary Analysis”, L Reyner, at Falling Asleep at the Wheel, Loughborough University 18–19/11/96
’Tachosmart 3 Digital Tachograph — Final report’, Thomson CSF, 1996
“Ministers unveil plans to toughen drink-drive laws”, in The Times 2/2/98 p 2
“Commission wants black box, smart cards to enforce road safety”, A Torres, Reuters news item 0804 (2/9/94)
’A Report on the Fitment of Tachograph Interruptors’, 10/8/95, Vehicle Inspectorate, Wighill Lane, Walton, Wetherby, West Yorkshire
’Integrated Circuit Chip Card — Security Guidelines Summary for IC Chip Design, Operating System and Application Design, Implementation Verification’ v 2.1, 4/11/97
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1998 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Anderson, R. (1998). On the security of digital tachographs. In: Quisquater, JJ., Deswarte, Y., Meadows, C., Gollmann, D. (eds) Computer Security — ESORICS 98. ESORICS 1998. Lecture Notes in Computer Science, vol 1485. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0055859
Download citation
DOI: https://doi.org/10.1007/BFb0055859
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-65004-1
Online ISBN: 978-3-540-49784-4
eBook Packages: Springer Book Archive