A Survey on CAN Bus Protocol: Attacks, Challenges, and Potential Solutions

The vehicles are equipped with electronic control units that control their functions. These units communicate with each other via in-vehicle communication protocols like CAN bus. Although CAN is the most common in-vehicle communication protocol, its lack of encryption and authentication can cause serious security shortcomings. In the literature, many attacks are reported related to CAN bus and the number increases with rising connectivity in the cars. In this paper, we present CAN protocol and analyze its security vulnerabilities. Then we survey the implemented attacks and proposed solutions in the literature.

[1]  Qiyan Wang,et al.  VeCure: A practical security framework to protect the CAN bus of vehicles , 2014, 2014 International Conference on the Internet of Things (IOT).

[2]  Stefano Zanero,et al.  A Stealth, Selective, Link-Layer Denial-of-Service Attack Against Automotive Networks , 2017, DIMVA.

[3]  Bogdan Groza,et al.  Source Identification Using Signal Characteristics in Controller Area Networks , 2014, IEEE Signal Processing Letters.

[4]  Matti Valovirta,et al.  Experimental Security Analysis of a Modern Automobile , 2011 .

[5]  Tadayoshi Kohno,et al.  Automobile Driver Fingerprinting , 2016, Proc. Priv. Enhancing Technol..

[6]  Indrakshi Ray,et al.  Practical DoS Attacks on Embedded Networks in Commercial Vehicles , 2016, ICISS.

[7]  Mario Farrugia,et al.  Security issues in controller area networks in automobiles , 2017, 2017 18th International Conference on Sciences and Techniques of Automatic Control and Computer Engineering (STA).

[8]  Suhaib A. Fahmy,et al.  Zero latency encryption with FPGAs for secure time-triggered automotive networks , 2014, 2014 International Conference on Field-Programmable Technology (FPT).

[9]  Dong Hoon Lee,et al.  A Practical Wireless Attack on the Connected Car and Security Protocol for In-Vehicle CAN , 2015, IEEE Transactions on Intelligent Transportation Systems.

[10]  Hovav Shacham,et al.  Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[11]  Jana Dittmann,et al.  Security threats to automotive CAN networks - Practical examples and selected short-term countermeasures , 2008, Reliab. Eng. Syst. Saf..

[12]  Bogdan Groza,et al.  Security Solutions for the Controller Area Network: Bringing Authentication to In-Vehicle Networks , 2018, IEEE Vehicular Technology Magazine.

[13]  Fang Li,et al.  Research on CAN Network Security Aspects and Intrusion Detection Design , 2017, ICVS 2017.

[14]  Philipp Mundhenk,et al.  Security for automotive electrical/electronic (E/E) architectures , 2018 .

[15]  Dong Hoon Lee,et al.  VoltageIDS: Low-Level Communication Characteristics for Automotive Intrusion Detection System , 2018, IEEE Transactions on Information Forensics and Security.

[16]  Armin Wasicek,et al.  Enhancing security in CAN systems using a star coupling router , 2012, 7th IEEE International Symposium on Industrial Embedded Systems (SIES'12).

[17]  James F. Plusquellic,et al.  Secure communication over CANBus , 2017, 2017 IEEE 60th International Midwest Symposium on Circuits and Systems (MWSCAS).

[18]  Nathalie Japkowicz,et al.  Frequency-based anomaly detection for the automotive CAN bus , 2015, 2015 World Congress on Industrial Control Systems Security (WCICSS).

[19]  Tomas Olovsson,et al.  In-Vehicle CAN Message Authentication: An Evaluation Based on Industrial Criteria , 2017, 2017 IEEE 86th Vehicular Technology Conference (VTC-Fall).