2025 USENIX Security Test of Time Award: Securing Automotive Systems

The 2025 USENIX Security Test of Time Award was given to the research paper “Comprehensive Experimental Analyses of Automotive Attack Surfaces,” published on August 10, 2011. This paper was a game-changer in the field of cybersecurity, particularly in the area of automotive security.
The paper was authored by several researchers, including Stefphen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, and Stefan Savage, who is the co-director of CNS and a professor in the Department of Computer Science and Engineering at UC San Diego.

Their research focused on identifying vulnerabilities in automotive systems, which could potentially be exploited by attackers. The team conducted a comprehensive analysis of various attack surfaces, including those related to cars’ software, hardware, and communication systems.
One of the most significant contributions of this research was the discovery of cybersecurity vulnerabilities in cars, which forced the automotive industry to invest heavily in security. For instance, General Motors went from having a few cybersecurity experts to creating a team of over 100.
The team’s work also led to the creation of new programs and laboratories focused on automotive cybersecurity, such as the National Highway and Traffic Safety Administration’s laboratory dedicated to cybersecurity testing.

The 2025 USENIX Security Test of Time Award recognizes the impact and significance of this research, which has had a lasting influence on the field of cybersecurity