Intrusion protection of in-vehicle network: study and recommendations
Abstract: Modern vehicles include several electronic control units (ECUs), organized in a controller area network (CAN), and interact with external networks for reasons such as comfort, infotainment, and autonomy. The security risks from this increasing external interaction are alarming for the safety-critical vehicle systems, since possible attackers have more options for intrusion. For example, an attack might result in malfunctioning braking system and put lives in danger. This thesis examines the type of counter measures for the commercial vehicle system of Scania to make intrusions impractical, and compares it to the case of passenger vehicles. This study focuses on the infotainment ECU and its Bluetooth interface, by first examining in practice the vulnerabilities that make an intrusion to the commercial vehicle feasible. The attacks considered are broken down into steps to first exploit the Bluetooth interface, then the communications between the infotainment and instrument cluster ECUs, and finally performing a flooding attack on the internal network. Tests on a test bench and on a truck simulated the attacks to examine their feasibility. The feasibility evaluation of the attack steps that could not be tested, due to resource and time limitations, is supported by previous studies. To examine and evaluate the attacks this study uses attack trees, which represent an attack as series of steps (combined in alternative or complementary steps) in a tree-like structure. Afterwards, this study examines counter measures some of which are found in literature, to mitigate the vulnerabilities that can enable the attacks considered, e.g. DoS attack on CAN bus. The findings and suggestions of the study are compared and related to the general case of the automotive industry. In conclusion, this thesis explores security issues of a particular ECU in Scania’s electrical system combining practical work with previous studies, and can be used as a starting point for further research, for example, in-depth testing of all attack steps.
AT THIS PAGE YOU CAN DOWNLOAD THE WHOLE ESSAY. (follow the link to the next page)