A Practical Wireless Attack on the Connected Car and Security Protocol for In-Vehicle CAN

Vehicle-IT convergence technology is a rapidly rising paradigm of modern vehicles, in which an electronic control unit (ECU) is used to control the vehicle electrical systems, and the controller area network (CAN), an in-vehicle network, is commonly used to construct an efficient network of ECUs. Unfortunately, security issues have not been treated properly in CAN, although CAN control messages could be life-critical. With the appearance of the connected car environment, in-vehicle networks (e.g., CAN) are now connected to external networks (e.g., 3G/4G mobile networks), enabling an adversary to perform a long-range wireless attack using CAN vulnerabilities. In this paper we show that a long-range wireless attack is physically possible using a real vehicle and malicious smartphone application in a connected car environment. We also propose a security protocol for CAN as a countermeasure designed in accordance with current CAN specifications. We evaluate the feasibility of the proposed security protocol using CANoe software and a DSP-F28335 microcontroller. Our results show that the proposed security protocol is more efficient than existing security protocols with respect to authentication delay and communication load.

[1]  Hovav Shacham,et al.  Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[2]  Erland Jonsson,et al.  Creating a Secure Infrastructure for Wireless Diagnostics and Software Updates in Vehicles , 2008, SAFECOMP.

[3]  Vincent Rijmen,et al.  The Design of Rijndael: AES - The Advanced Encryption Standard , 2002 .

[4]  D.K. Nilsson,et al.  Secure Firmware Updates over the Air in Intelligent Vehicles , 2008, ICC Workshops - 2008 IEEE International Conference on Communications Workshops.

[5]  Karl Henrik Johansson,et al.  Vehicle Applications of Controller Area Network , 2005, Handbook of Networked and Embedded Control Systems.

[6]  Alberto L. Sangiovanni-Vincentelli,et al.  Cyber-Security for the Controller Area Network (CAN) Communication Protocol , 2012, 2012 International Conference on Cyber Security.

[7]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.

[8]  Laci J. Jalics,et al.  Overview of Remote Diagnosis and Maintenance for Automotive Systems , 2005 .

[9]  Vincent Rijmen,et al.  The Design of Rijndael , 2002, Information Security and Cryptography.

[10]  Sandra Dominikus,et al.  A Highly Regular and Scalable AES Hardware Architecture , 2003, IEEE Trans. Computers.

[11]  Hendrik Schweppe Securing car2X applications with effective hardware-software co-design for vehicular on-board networks , 2011 .

[12]  Lucia Lo Bello,et al.  Automotive communications-past, current and future , 2005, 2005 IEEE Conference on Emerging Technologies and Factory Automation.

[13]  Radovan Miucic,et al.  Firmware Update Over The Air (FOTA) for Automotive Industry , 2007 .

[14]  Tomas Olovsson,et al.  Security aspects of the in-vehicle network in the connected car , 2011, 2011 IEEE Intelligent Vehicles Symposium (IV).

[15]  Bogdan Groza,et al.  Efficient Protocols for Secure Broadcast in Controller Area Networks , 2013, IEEE Transactions on Industrial Informatics.

[16]  Matti Valovirta,et al.  Experimental Security Analysis of a Modern Automobile , 2011 .

[17]  Ludovic Apvrille,et al.  Car2X Communication: Securing the Last Meter - A Cost-Effective Approach for Ensuring Trust in Car2X Applications Using In-Vehicle Symmetric Cryptography , 2011, 2011 IEEE Vehicular Technology Conference (VTC Fall).

[18]  Alexandre Saad,et al.  Automotive Software Engineering and Concepts , 2003, GI Jahrestagung.

[19]  André Weimerskirch,et al.  State of the Art: Embedding Security in Vehicles , 2007, EURASIP J. Embed. Syst..

[20]  Matthias Schumann,et al.  Real-Time Data Collection for Product Carbon Footprints in Transportation Processes Based on OBD2 and Smartphones , 2011, 2011 44th Hawaii International Conference on System Sciences.

[21]  Ingrid Verbauwhede,et al.  Minimum area cost for a 30 to 70 Gbits/s AES processor , 2004, IEEE Computer Society Annual Symposium on VLSI.

[22]  Erland Jonsson,et al.  Efficient In-Vehicle Delayed Data Authentication Based on Compound Message Authentication Codes , 2008, 2008 IEEE 68th Vehicular Technology Conference.

[23]  Kan Yasuda,et al.  Multilane HMAC - Security beyond the Birthday Limit , 2007, INDOCRYPT.

[24]  Jana Dittmann,et al.  Security threats to automotive CAN networks - Practical examples and selected short-term countermeasures , 2008, Reliab. Eng. Syst. Saf..