In the used car market, mileage is one of the principal criteria used for evaluating the overall condition of a vehicle. For this reason, mileage fraud continues to occur. Futhermore, the number of malicious brokers who obtain a monetary advantage by manipulating vehicle mileage is increasing. As many used cars with manipulated mileage are sold each year, buyers have suffered significant monetary damages. Although the number of mileage fraud reports has remained steady, governments and OEMs have no technical countermeasures to prevent it, beyond asking used car buyers to pay careful attention when purchasing used cars. This paper classifies odometer system architectures according to the types of sensors and controllers used to measure and transmit vehicle speed, and defines the assets to be protected in a secured odometer. Based on this classification, we analyze potential security threats related to mileage fraud. Finally, we propose realistic security requirements to prevent mileage fraud, within a resource constrained automotive controller environment.

在二手车市场中，行驶里程是用于评估车辆整体状况的主要标准之一。因此，里程欺诈继续发生。此外，通过操纵车辆里程获得金钱利益的恶意经纪人的数量正在增加。由于每年都会出售许多操纵里程的二手车，因此买家遭受了重大的金钱损失。尽管里程欺诈报告的数量一直保持稳定，但政府和OEM没有采取任何技术对策来阻止这种情况，除了要求二手车购买者在购买二手车时要格外注意。本文根据用于测量和传输车速的传感器和控制器的类型对里程表系统架构进行分类，并定义了在安全里程表中要保护的资产。基于此分类，我们分析与里程欺诈有关的潜在安全威胁。最后，在资源受限的汽车控制器环境中，我们提出了切合实际的安全要求，以防止里程欺诈。