Assessing the Security of Internal Automotive Networks
Abstract
Context In order to address the growing need for connectivity in today’s cars, the
in-vehicle network has increased in complexity, now consisting of over 100 electrical
control units. Balancing the level of security with high performance is non-trivial,
and current networks have shown to sacrifice security measures for performance,
therefore leaving the networks sensitive to both manipulation and information re trieval.
Objective The first objective of this thesis was to assess the security of in-vehicle
networks and identify potential security threats that may be exercised with commodity hardware and without expert knowledge in vehicular networking. Secondly,
propose solutions to identified security vulnerabilities that act as a defence against
the exercised attacks.
Method The project was executed with the Design Science Research methodology, where an artefact is developed and evaluated through iterations. The artefact
consists of commodity hardware and open software as well as our approach to simulate an attack of an uninitiated tamperer. The applying artefact was evaluated by
testing it on vehicle test beds. The evaluation was also the basis for the assessment
and in extension the proposed solutions.
Results The in-vehicle network was susceptible to multiple attacks such as Man in-the-middle and Replay attacks. For instance, multiple components in the network
were successfully manipulated through replay attacks on the network. The replay attacks were conducted in combination with a minimization algorithm which enabled
reverse engineering of specific functions with high precision. This made it possible
to not only take full control but to block user input. Moreover, Man-in-the-middle
attacks on the Ethernet traffic yielded raw data indicating a lack of encryption and
also enabled us to map the network topology. To resolve the aforementioned issues,
this thesis proposes solutions at varying security levels that would have prevented
our attacks; such as CAN bus message counters, MACsec for low-level protection
against sniffing and TLS encryption for the confidentiality of raw data.
Conclusions The project has shown that it is indeed possible to extract and
manipulate data even with the limitations enforced in this project. In addition, it
showed that the tested in-vehicle networks lack resilience against unauthorized access
and manipulation. The proposed solutions protect against exercised attacks but are
subject to future research in terms of implementation and overhead measurements.
Degree
Student essay
Collections
View/ Open
Date
2021-09-14Author
Alkoutli, Anas
Anderlind, Joakim
Björnson, Carl-Johan
Drage, Mathias
Thowsen, Morgan
Welzel, Antonia
Keywords
Vehicle
Network Security
CAN
Ethernet
Language
eng