The Monthly Newsletter of the IEEE Vehicular Technology Society—January 2018

 

header
Forward to a Colleague | RSS Join Our LinkedIn Group Join Our LinkedIn Group
spacer spacer
Connected Vehicles
Securing Vehicular Controller Area Networks: An Approach to Active Bus-Level Countermeasures
Hristos Giannopoulos, Alexander M. Wyglinski, and Joseph Chapman

With the increasing number of embedded processors and wireless interfaces being incorporated into modern automobiles, cybersecurity is emerging as a major concern for the automotive industry. Numerous remote attack surfaces and a high level of computer-controlled critical systems make security of automotive networks an increasingly complex technical challenge. 

Many researchers have demonstrated attacks that leverage a car's wireless interfaces to gain access to internal communication buses. With bus-level access, an attacker has the ability to control or manipulate critical systems, such as anti-lock brakes and cruise control, potentially affecting driver safety.

This article describes novel bus-level countermeasures for a controller area network (CAN) bus. The proposed methods use custom CAN hardware that leverages the error confinement functionality in the CAN specification to suppress and eventually control malicious transmissions on the bus. 


Other attempts to prevent unauthorized transmission have required custom CAN controllers on all electronic control units (ECUs). The methods described in this article require only a single custom controller, keeping cost low and making retrofitting legacy systems more practical. We successfully implemented and tested the proposed design on a reference CAN.

One of the most widely used automotive bus standards is CAN. Before the standard emerged, wiring between ECUs was typically point-to-point, resulting in complex, heavy, and expensive wiring harnesses. CANs were designed to reduce the complexity of automotive wiring harnesses by introducing a low-cost broadcast network to connect the increasing number of ECUs in modern cars. 

CANs simplified the connections by allowing all ECUs in a network to be connected by a two-wire shared bus. While a CAN provides real-time, high-speed communication between ECUs, it lacks provisions for authentication and confidentiality. 

Any ECU is able to send any properly formed CAN message. With no enforced source fields in the CAN frame, masquerade attacks are possible. Due to the broadcast nature of the bus, a single compromised ECU is able to send malicious instructions to other ECUs in the network.

Full article: IEEE Vehicular Technology Magazine, Volume 12, Number 4, December 2017

spacer
spacer
spacer spacer
Previous Article Previous Article
Next Article Next Article
Return to Top Return to Top
spacer spacer
Home Return Home
Print This Article Print This Article
spacer spacer
Share Share This Article Share Share Share
spacer
spacer
In This Issue
Message from the EiC
spacer
Society
Message from the President
Congratulating the IEEE Fellows Class of 2018
IEEE Connected and Automated Vehicles Summit – A 5G-Driven Event
spacer
From the IEEE VTS Resource Center
Industrial IoT-Connected Railways
spacer
Motor Vehicles
IEEE VTS Motor Vehicles Challenge 2018: Enter now!
spacer
Connected Vehicles
Securing Vehicular Controller Area Networks: An Approach to Active Bus-Level Countermeasures
spacer
Mobile Radio
The Benefits of Smart Wireless Technologies
spacer
Transportation Systems
New Lines, Trains, and Trolleys Around the World
spacer

Editor-in-Chief

Abbas Jamalipour

 
 
 
spacer
Bullet

Access the following IEEE VTS Website locations:

News

Member Resources

Conferences

Publications

Tech Communities

About Us

Bullet
Events in 2017:
27–30 August 2018
Bullet For the latest conference listings, visit the IEEE VTS Conference Calendar.

spacer
header
Copyright © IEEE

To ensure delivery, please add vts@ieee.org to your email address book or Safe Sender List. If you are still having problems receiving our emails, see our whitelisting page for more details.
Vehicular Technology Society Homepage IEEE Homepage