Paul Carsten
ABSTRACT
Vehicles made within the past years have gradually become more and more complex. As a result, the embedded computer systems that monitor and control these systems have also grown in size and complexity. Unfortunately, the technology that protects them from external attackers has not improved at a similar rate. In this paper we discuss the vulnerabilities of modern in-vehicle networks, focusing on the Controller Area Network (CAN) communications protocol as a primary attack vector. We discuss the vulnerabilities of CAN, the types of attacks that can be used against it, and some of the solutions that have been proposed to overcome these attacks.
- Fernandez, John D., and Andres E. Fernandez. "SCADA systems: vulnerabilities and remediation." Journal of Computing Sciences in Colleges20.4 (2005): 160--168. Google Scholar
Digital Library
- Nilsson, Dennis K., Phu H. Phung, and Ulf E. Larson. "Vehicle ECU classification based on safety-security characteristics." Road Transport Information and Control-RTIC 2008 and ITS United Kingdom Members' Conference, IET. IET, 2008.Google Scholar
- Wolf, Marko, André Weimerskirch, and Christof Paar. "Security in automotive bus systems." Workshop on Embedded Security in Cars. 2004.Google Scholar
- Texas Instruments. Introduction to the Controller Area Network (CAN). SLOA101A. Dallas, TX. 2008.Google Scholar
- Checkoway, Stephen, et al. "Comprehensive Experimental Analyses of Automotive Attack Surfaces." USENIX Security Symposium. 2011. Google ScholarDigital Library
- Koscher, Karl, et al. "Experimental security analysis of a modern automobile."Security and Privacy (SP), 2010 IEEE Symposium on. IEEE, 2010. Google ScholarDigital Library
- Kleberger, Pierre, Tomas Olovsson, and Erland Jonsson. "Security aspects of the in-vehicle network in the connected car." Intelligent Vehicles Symposium (IV), 2011 IEEE. IEEE, 2011.Google Scholar
- Vasilev, Pavel. Driver's Efficiency Analyzer. Diss. Cornell University, 2012.Google Scholar
- Pagliery, Jose. "Your car is a giant computer-and it can be hacked." CNN Money. Web. 2 June, 2014.Google Scholar
- Miller, Charlie, and Chris Valasek. "Adventures in Automotive Networks and Control Units." Last Accessed from http://illmatics. com/car_ hacking. pdf on13 (2013).Google Scholar
- Hoppe, Tobias, Stefan Kiltz, and Jana Dittmann. "Security threats to automotive CAN networks--practical examples and selected short-term countermeasures." Computer Safety, Reliability, and Security. Springer Berlin Heidelberg, 2008. 235--248. Google ScholarDigital Library
- Phung, Phu H., and Dennis Kengo Nilsson. "A model for safe and secure execution of downloaded vehicle applications." (2010): 06--06.Google Scholar
- Groza, Adrian, Bogdan Iancu, and Anca Marginean. "A multi-agent approach towards cooperative overtaking in vehicular networks." Proceedings of the 4th International Conference on Web Intelligence, Mining and Semantics (WIMS14). ACM, 2014. Google ScholarDigital Library
- . "Vehicle-to-vehicle safety application research plan." USDOT. Oct 2011.Google Scholar
- Larson, Ulf E., and Dennis K. Nilsson. "Securing vehicles against cyber attacks." Proceedings of the 4th annual workshop on Cyber security and information intelligence research: developing strategies to meet the cyber security and information intelligence challenges ahead. ACM, 2008. Google ScholarDigital Library
- Kargl, Frank. "Securing the intelligent vehicles of the future." (2013).Google Scholar
- Gerdes, Ryan M., Chris Winstead, and Kevin Heaslip. "CPS: an efficiency-motivated attack against autonomous vehicular transportation." Proceedings of the 29th Annual Computer Security Applications Conference. ACM, 2013. Google ScholarDigital Library
- Schulze, Sandro, et al. "On the Need of Data Management in Automotive Systems." BTW. Vol. 144. 2009.Google Scholar
- Ling, Congli, and Dongqin Feng. "An Algorithm for Detection of Malicious Messages on CAN Buses." 2012 National Conference on Information Technology and Computer Science. Atlantis Press, 2012.Google Scholar
- Oguma, Hisashi, et al. "New attestation based security architecture for in-vehicle communication." Global Telecommunications Conference, 2008. IEEE GLOBECOM 2008. IEEE. IEEE, 2008.Google Scholar
Index Terms
- In-Vehicle Networks: Attacks, Vulnerabilities, and Proposed Solutions
Recommendations
Cyberattacks and Countermeasures for In-Vehicle Networks
As connectivity between and within vehicles increases, so does concern about safety and security. Various automotive serial protocols are used inside vehicles such as Controller Area Network (CAN), Local Interconnect Network (LIN), and FlexRay. CAN Bus ...
Context-aware Anomaly Detector for Monitoring Cyber Attacks on Automotive CAN Bus
CSCS '19: Proceedings of the 3rd ACM Computer Science in Cars SymposiumAutomotive electronics is rapidly expanding. An average vehicle contains million lines of software codes, running on 100 of electronic control units (ECUs), in supporting number of safety, driver assistance and infotainment functions. These ECUs are ...
Cyber security attacks to modern vehicular systems
Security is a fundamental concern in modern vehicular systems. The advancement in modern vehicular systems provides many benefits such as reducing traffic congestion and improving safety and fuel economy via vehicular networks. However, many vehicular ...
Comments