Preventing Memory Errors in Networked Vehicle Services Through Diversification

Car-to-X communication stands for the communication of di↵erent vehicles (vehicle-to-vehicle) as well as for the communication of vehicles and infrastructure (vehicle-to-infrastructure). The development of these technologies promotes the emergence of new car infotainment and telematic services of added value for users. The side e↵ect is the exposure of vehicles to a number of new threats, such as memory errors. Among other consequences, the exploitation of memory errors may lead to code-reuse attacks, where intruders reuse existing non-malicious code with malicious purposes, such as gaining complete car control. Since memory error exploits usually rely on highly specific processor characteristics, the same exploit rarely works on di↵erent hardware architectures. This paper proposes a strategy to thwart memory error exploitation by combining the diversification of HWthrough processor emulation with the creation of Service variants using o↵-the-shelf cross-compilation suites.