Risk Assessment and Security Countermeasures for Vehicular Instrument Clusters

The vehicular instrument cluster has the vital task of informing the driver on vehicle status or potential malfunctions. While this role is merely informative, the implications are far reaching as the driver needs to take decisions based on the reports provided by the instrument cluster. Past attacks on instrument clusters were rather concerned with mundane tasks, e.g., mileage modification, but giving false information to the driver on vehicle speed or triggering/hiding relevant alarms may have serious consequences as it can lead to severe traffic accidents. In this work we discuss risks associated to attacker actions on instrument clusters and envision a potential model based intrusion detection system to detect potential attacks. Rather than advocating a holistic approach, in which security is designed for the entire vehicle network, e.g. CAN or FlexRay, we follow a component-based approach in which particularities of the instrument cluster and redundancy of information are used to detect potential attacks.

[1]  Kang G. Shin,et al.  Fingerprinting Electronic Control Units for Vehicle Intrusion Detection , 2016, USENIX Security Symposium.

[2]  Björn Steurich,et al.  Speedometer manipulation — Putting a stop to fraud , 2013 .

[3]  Michele Colajanni,et al.  Evaluation of anomaly detection for in-vehicle networks through information-theoretic algorithms , 2016, 2016 IEEE 2nd International Forum on Research and Technologies for Society and Industry Leveraging a better tomorrow (RTSI).

[4]  Hovav Shacham,et al.  Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[5]  William B. Ribbens Understanding Automotive Electronics: An Engineering Perspective , 1982 .

[6]  Hampton C. Gabler,et al.  Lane Departure Warning and Prevention Systems in the U.S. Vehicle Fleet: Influence of Roadway Characteristics on Potential Safety Benefits , 2016 .

[7]  I. Yoo,et al.  An Engine Coolant Temperature Model and Application for Cooling System Diagnosis , 2000 .

[8]  Matti Valovirta,et al.  Experimental Security Analysis of a Modern Automobile , 2011 .

[9]  Bogdan Groza,et al.  Designing Security for In-vehicle Networks: A Body Control Module (BCM) Centered Viewpoint , 2016, 2016 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshop (DSN-W).

[10]  Bharat K. Bhargava,et al.  Incorporating attacker capabilities in risk estimation and mitigation , 2015, Comput. Secur..

[11]  Ludovic Apvrille,et al.  Security requirements for automotive on-board networks , 2009, 2009 9th International Conference on Intelligent Transport Systems Telecommunications, (ITST).

[12]  Motoyuki Akamatsu,et al.  Automotive Technology and Human Factors Research: Past, Present, and Future , 2013 .

[13]  Mehrdad Hosseini Zadeh,et al.  Active blind spot crash avoidance system: A haptic solution to blind spot collisions , 2010, 2010 IEEE International Symposium on Haptic Audio Visual Environments and Games.

[14]  Tom Denton,et al.  Automobile Electrical And Electronic Systems , 1995 .

[15]  Alexandros Asvestopoulos Intrusion protection of in-vehicle network: study and recommendations , 2015 .

[16]  Jason Staggs How to Hack Your Mini Cooper: Reverse Engineering CAN Messages on Passenger Automobiles , 2013 .

[17]  Antoine Boulanger,et al.  A simple intrusion detection method for controller area network , 2016, 2016 IEEE International Conference on Communications (ICC).