Security threats to automotive CAN networks—Practical examples and selected short-term countermeasures

Hoppe, Tobias; Kiltz, Stefan; Dittmann, Jana

doi:10.1016/j.ress.2010.06.026

Cited by 244 publications

(213 citation statements)

References 4 publications

Supporting

Mentioning

201

Contrasting

Unclassified

Order By: Relevance

“…Recent studies have exposed severe security flaws in current ITS systems [37][38] [39], directly threatening the safety of an attacked vehicle and its passengers. The threat is exacerbated for C-ITS systems where external communication channels increase the attack surface [40].…”

Section: Related Workmentioning

confidence: 99%

A knowledge-in-the-loop approach to integrated safety & security for cooperative system-of-systems

Chen

Michaëlsson

Östberg

et al. 2015

2015 IEEE Seventh International Conference on Intelligent Computing and Information Systems (ICICIS)

View full text Add to dashboard Cite

A system-of-systems (SoS) is inherently open in configuration and evolutionary in lifecycle. For the next generation of cooperative cyber-physical system-of-systems, safety and security constitute two key issues of public concern that affect the deployment and acceptance. In engineering, the openness and evolutionary nature also entail radical paradigm shifts. This paper presents one novel approach to the development of qualified cyber-physical system-of-systems, with Cooperative Intelligent Transport Systems (C-ITS) as one target.The approach, referred to as knowledge-in-the-Ioop, aims to allow a synergy of well-managed lifecycles, formal quality assurance, and smart system features. One research goal is to enable an evolutionary development with continuous and traceable flows of system rationale from design-time to post deployment time and back, supporting automated knowledge inference and enrichment. Another research goal is to develop a formal approach to risk-aware dynamic treatment of safety and security as a whole in the context of system-of-systems. Key base technologies include: (1) EAST-ADL for the consolidation of system-wide concerns and for the creation of an ontology for advanced run-time decisions, (2) Learning Based-Testing for run time and post-deployment model inference, safety monitoring and testing, (3) Provable Isolation for run-time attack detection and enforcement of security in real-time operating systems.

show abstract

Section: Related Workmentioning

confidence: 99%

A knowledge-in-the-loop approach to integrated safety & security for cooperative system-of-systems

Chen

Michaëlsson

Östberg

et al. 2015

2015 IEEE Seventh International Conference on Intelligent Computing and Information Systems (ICICIS)

View full text Add to dashboard Cite

show abstract

“…Without loss of generality, we consider two trust groups in this work. 3 A major advantage of this trust group based key management is that the number of keys is independent of the number of ECUs, therefore improving the scalability of the system and reducing the costs of initializing and storing keys.…”

Section: A Trust Groupsmentioning

confidence: 99%

VeCure: A practical security framework to protect the CAN bus of vehicles

Wang

Sawhney

2014

2014 International Conference on the Internet of Things (IOT)

117

View full text Add to dashboard Cite

Vehicles are being revolutionized by integrating modern computing and communication technologies in order to improve both user experience and driving safety. As a result, vehicular systems that used to be closed systems are opening up various interfaces, such as Bluetooth, 3G/4G, GPS, etc., to the outside world, thus introducing new opportunities for cyber attacks. It has been recently demonstrated that modern vehicles are vulnerable to several remote attacks launched through Bluetooth and cellular interfaces, allowing the attacker to take full control of the vehicle. The common root cause of these attacks is the lack of message authentication for the vehicle's internal bus system, called Controller Area Network (CAN). In this work, we propose VeCure -a practical security framework for vehicular systems, which can fundamentally solve the message authentication issue of the CAN bus. VeCure is designed to be compatible with existing vehicle system architectures, and employs a trust group structure and a novel message authentication scheme with offline computation capability to minimize online message processing delay and deployment cost. We built a proof-of-concept prototype on a testbed using Freescale's automotive development boards. The experimental results show that VeCure only introduces 50us additional delay to process a message, which is at least 20-fold faster than any existing solution.

show abstract

“…Typical internal network is CAN protocol [9] and it has some potential vulnerabilities originated from its broadcast nature, fragility to DoS, no authenticator fields and weak access control. Practically, CAN protocol itself does not support security against them [11]. In addition, attack methods utilizing CAN protocol define read, spoof, drop, modify, flood, steal and replay [10], and these attack methods are able to control the vehicle through actual experiments [1], [2], [3], [11].…”

Section: A Security Threats To the Vehicular Electronicsmentioning

confidence: 99%

“…In order to cope with these threats, several practical approaches are researched including intrusion detection technique [11], software update for a secure ECU using certificate and signature [12], providing data integrity by generating message authentication code for four data frames and secure message authentication mechanism based on certificate [14].…”

Section: A Security Threats To the Vehicular Electronicsmentioning

confidence: 99%

Anti-theft Solutions for In-vehicle Electronic Devices

Lee

Yeuk

Kim

et al. 2014

2014 Eighth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing

View full text Add to dashboard Cite

Recently, security concerns to automobiles are rapidly increasing. When threats are found in a vehicular system, this may usually take time to acquire adequate countermeasures. Threats to a vehicle can be classified into three categories: theft of in-vehicle devices, penetration into the internal network and utilization of the external network. This paper surveys threats in each category and their countermeasures. Among these threats, an anti-theft system is researched, which tries to prevent theft of in-vehicle devices. According to a survey, the existing anti-theft system is still vulnerable and hence in-vehicle devices do not ensure safety and reliability. Therefore, this paper also proposes an enhanced anti-theft system and analyzes its security and feasibility. This study is expected to show a reference of a configuration for more enhanced anti-theft systems for in-vehicle devices.

show abstract

Security threats to automotive CAN networks—Practical examples and selected short-term countermeasures

Cited by 244 publications

References 4 publications

A knowledge-in-the-loop approach to integrated safety & security for cooperative system-of-systems

A knowledge-in-the-loop approach to integrated safety & security for cooperative system-of-systems

VeCure: A practical security framework to protect the CAN bus of vehicles

Anti-theft Solutions for In-vehicle Electronic Devices

Contact Info

Product

Resources

About