OCTANE (Open Car Testbed and Network Experiments): Bringing Cyber-Physical Security Research to Researchers and Students

Security research and teaching using cyber-physical systems (e.g., automotive networks) is challenging because of the need to replicate the interactions between the hardware components and the control software of the systems. These interactions are challenging to replicate because of the dynamic inputs in real-world environments that cause various interactions of the hardware components and control software within the network. In particular, automotive networks are challenging for security research and teaching because although the protocols of the automotive networks are standardized (e.g., CAN, LIN), the implementation details by each automotive manufacturer are not standardized and are generally not publicly available. In this paper we present Open Car Testbed And Network Experiments (OCTANE), which reduces the barrier of entry into the security research and teaching of automotive networks by providing a software package and a hardware framework for the reverse engineering and testing of automotive networks. OCTANE provides a platform for security research and teaching by replicating the interactions between the hardware components and control software of the systems so that the user can focus on the security aspects of the automotive network instead of the tool configuration and setup.

[1]  Jana Dittmann,et al.  Security threats to automotive CAN networks - Practical examples and selected short-term countermeasures , 2008, Reliab. Eng. Syst. Saf..

[2]  Hovav Shacham,et al.  Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[3]  Ulf E. Larson,et al.  Securing vehicles against cyber attacks , 2008, CSIIRW '08.

[4]  Christof Paar,et al.  Security in Automotive Bus Systems , 2004 .

[5]  Dominique Paret,et al.  Multiplexed Networks for Embedded Systems , 2007 .

[6]  Rahul Mangharam,et al.  AutoPlug: An automotive test-bed for electronic controller unit testing and verification , 2011, 2011 14th International IEEE Conference on Intelligent Transportation Systems (ITSC).

[7]  Erland Jonsson,et al.  A First Simulation of Attacks in the Automotive Network Communications Protocol FlexRay , 2008, CISIS.

[8]  Matti Valovirta,et al.  Experimental Security Analysis of a Modern Automobile , 2011 .

[9]  Donal Heffernan,et al.  Expanding Automotive Electronic Systems , 2002, Computer.

[10]  Marko Wolf Security Engineering For Vehicular It Systems , 2009 .

[11]  Tomas Olovsson,et al.  Security aspects of the in-vehicle network in the connected car , 2011, 2011 IEEE Intelligent Vehicles Symposium (IV).

[12]  Christof Paar,et al.  Embedded Security in Cars: Securing Current and Future Automotive IT Applications , 2005 .

[13]  Hiroshi Honda,et al.  Body Electronics Area Network (BEAN) , 1997 .

[14]  Bogdan Groza,et al.  Secure Broadcast with One-Time Signatures in Controller Area Networks , 2011, 2011 Sixth International Conference on Availability, Reliability and Security.

[15]  Erland Jonsson,et al.  An Approach to using Honeypots in In-Vehicle Networks , 2008, 2008 IEEE 68th Vehicular Technology Conference.

[16]  Hideki Imai,et al.  Formally verifiable features in embedded vehicular security systems , 2009, 2009 IEEE Vehicular Networking Conference (VNC).

[17]  Jodi Poe,et al.  Auto Repair Reference Center , 2008 .

[18]  André Weimerskirch,et al.  State of the Art: Embedding Security in Vehicles , 2007, EURASIP J. Embed. Syst..

[19]  Y. Roudier,et al.  Security and privacy for in-vehicle networks , 2012, 2012 IEEE 1st International Workshop on Vehicular Communications, Sensing, and Computing (VCSC).