Security solutions for the CAN bus , bringing authentication to in-vehicle networks

vehicle network, remains insecure. The growing number of attacks reported each year show that, invariantly, in-vehicle buses are not isolated from the outside world. By exploiting their lack of security, adversaries can gain control over virtually any functionality inside the car. We discuss the most promising approaches for assuring security on the CAN-bus after a first decade of attacks and security proposals. Most of the proposals are based on cryptographic mechanisms, but this is not all as some exploit the physical layer or even physical characteristics of the controllers. The surveyed solutions prove a significant degree of maturity and sophistication which suggests that the moment for adoption and standardization by the industry should come.

[1]  Ran Canetti,et al.  Efficient authentication and signing of multicast streams over lossy channels , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[2]  Philip Koopman,et al.  Low cost multicast authentication via validity voting in time-triggered embedded control networks , 2010, WESS '10.

[3]  Ingrid Verbauwhede,et al.  CANAuth - A Simple, Backward Compatible Broadcast Authentication Protocol for CAN bus , 2011 .

[4]  Matti Valovirta,et al.  Experimental Security Analysis of a Modern Automobile , 2011 .

[5]  Ingrid Verbauwhede,et al.  LiBrA-CAN: A Lightweight Broadcast Authentication Protocol for Controller Area Networks , 2012, CANS.

[6]  Bogdan Groza,et al.  Efficient Protocols for Secure Broadcast in Controller Area Networks , 2013, IEEE Transactions on Industrial Informatics.

[7]  Bogdan Groza,et al.  Source Identification Using Signal Characteristics in Controller Area Networks , 2014, IEEE Signal Processing Letters.

[8]  Alberto L. Sangiovanni-Vincentelli,et al.  Security-Aware Modeling and Efficient Mapping for CAN-Based Real-Time Distributed Automotive Systems , 2015, IEEE Embedded Systems Letters.

[9]  Jorge Guajardo,et al.  Physical Layer Group Key Agreement for Automotive Controller Area Networks , 2016, CHES.

[10]  Dong Hoon Lee,et al.  A Practical Security Architecture for In-Vehicle CAN-FD , 2016, IEEE Transactions on Intelligent Transportation Systems.

[11]  Kang G. Shin,et al.  Fingerprinting Electronic Control Units for Vehicle Intrusion Detection , 2016, USENIX Security Symposium.

[12]  Hiroaki Takada,et al.  CaCAN: Centralized Authentication System in CAN (Controller Area Network) , 2016 .