Cybersecurity attacks on CAN bus based vehicles: a review and open challenges

2021 ◽  
Vol ahead-of-print (ahead-of-print) ◽  
Author(s):  
Faten Fakhfakh ◽  
Mohamed Tounsi ◽  
Mohamed Mosbah
Keyword(s):  
Can Bus ◽  
Performance Criteria ◽  
Connected Vehicles ◽  
Area Network ◽  
Research Papers ◽  
Content Type ◽  
Control Units ◽  
Vehicle Networks ◽  
Bus Networks ◽  
Validation Strategy

PurposeNowadays, connected vehicles are becoming quite complex systems which are made up of different devices. In such a vehicle, there are several electronic control units (ECUs) that represent basic units of computation. These ECUs communicate with each other over the Controller Area Network (CAN) bus protocol which ensures a high communication rate. Even though it is an efficient standard which provides communication for in-vehicle networks, it is prone to various cybersecurity attacks. This paper aims to present a systematic literature review (SLR) which focuses on potential attacks on CAN bus networks. Then, it surveys the solutions proposed to overcome these attacks. In addition, it investigates the validation strategies aiming to check their accuracy and correctness.Design/methodology/approachThe authors have adopted the SLR methodology to summarize existing research papers that focus on the potential attacks on CAN bus networks. In addition, they compare the selected papers by classifying them according to the adopted validation strategies. They identify also gaps in the existing literature and provide a set of open challenges that can significantly improve the existing works.FindingsThe study showed that most of the examined papers adopted the simulation as a validation strategy to imitate the system behavior and evaluate a set of performance criteria. Nevertheless, a little consideration has been given to the formal verification of the proposed systems.Originality/valueUnlike the existing surveys, this paper presents the first SLR that identifies local and remote security attacks that can compromise in-vehicle and inter-vehicle communications. Moreover, it compares the reviewed papers while focusing on the used validation strategies.

scholarly journals Development of Automatic Verification Environment for In-Vehicle Controller Area Network

2019 ◽  
Vol 7 (5) ◽  
pp. 05-10
Author(s):  
Tain-Lieng Kao ◽  
San-Yuan Wang ◽  
Ming-Hua Wu
Keyword(s):  
High Performance ◽  
Controller Area Network ◽  
Automatic Verification ◽  
Area Network ◽  
Automotive Systems ◽  
Control Units ◽  
Management Function ◽  
Vehicle Networks ◽  
Verification Process ◽  
Autopilot Systems

Due to the development of modern techniques, in the recent years, electronic vehicles and autopilot systems have beensignificant emerged in automobile and IT industrial. This leads the electronics automotive systems and auto-control systems consistedof a lot of high performance Electronic Control Units(ECUs) connected by controller area network (CAN). For realizing morecomplicated design in ECUs, this work integrates real-time OS and network management function. The results improve the CANbusnodes' designing level to as a gateway to interconnect CANbus nodes. As the number of CANbus nodes increase, the verification processis more and more complicated and takes much time. For speeding up the verification process, this work uses CANoe package toprogram the testing script for automotive verification environment. Then the engineer can connect the testing device by CAN to theenvironment for automatic verification. The engineer can define the network messages of the CANbus nodes and tune the design asthe validating progress. The testing results present as XML format and can be transferred to HTML pages for readability. Hence, thiswork realizes an automatic verification environment for CANbus in-vehicle networks.

scholarly journals SDAE+Bi-LSTM-Based Situation Awareness Algorithm for the CAN Bus of Intelligent Connected Vehicles

Electronics ◽  
2021 ◽  
Vol 11 (1) ◽  
pp. 110
Author(s):  
Lei Chen ◽  
Mengyao Zheng ◽  
Zhaohua Liu ◽  
Mingyang Lv ◽  
Lv Zhao ◽  
...  
Keyword(s):  
Situation Awareness ◽  
Can Bus ◽  
Threat Assessment ◽  
Assessment Model ◽  
Risk Level ◽  
Connected Vehicles ◽  
Area Network ◽  
Network Attacks ◽  
The Future ◽  
The Impact

With a deep connection to the internet, the controller area network (CAN) bus of intelligent connected vehicles (ICVs) has suffered many network attacks. A deep situation awareness method is urgently needed to judge whether network attacks will occur in the future. However, traditional shallow methods cannot extract deep features from CAN data with noise to accurately detect attacks. To solve these problems, we developed a SDAE+Bi-LSTM based situation awareness algorithm for the CAN bus of ICVs, simply called SDBL. Firstly, the stacked denoising auto-encoder (SDAE) model was used to compress the CAN data with noise and extract the deep spatial features at a certain time, to reduce the impact of noise. Secondly, a bidirectional long short-term memory (Bi-LSTM) model was further built to capture the periodic features from two directions to enhance the accuracy of the future situation prediction. Finally, a threat assessment model was constructed to evaluate the risk level of the CAN bus. Extensive experiments also verified the improved performance of our SDBL algorithm.

scholarly journals A CAN-Bus Lightweight Authentication Scheme

Sensors ◽  
2021 ◽  
Vol 21 (21) ◽  
pp. 7069
Author(s):  
Jia-Ning Luo ◽  
Chang-Ming Wu ◽  
Ming-Hour Yang
Keyword(s):  
Can Bus ◽  
Denial Of Service ◽  
Driving Safety ◽  
Area Network ◽  
Delay Guarantee ◽  
Security Issues ◽  
Control Units ◽  
Safety Improvement ◽  
Bus Safety ◽  
Lightweight Authentication

The design of the Controller Area Network (CAN bus) did not account for security issues and, consequently, attacks often use external mobile communication interfaces to conduct eavesdropping, replay, spoofing, and denial-of-service attacks on a CAN bus, posing a risk to driving safety. Numerous studies have proposed CAN bus safety improvement techniques that emphasize modifying the original CAN bus method of transmitting frames. These changes place additional computational burdens on electronic control units cause the CAN bus to lose the delay guarantee feature. Consequently, we proposed a method that solves these compatibility and security issues. Simple and efficient frame authentication algorithms were used to prevent spoofing and replay attacks. This method is compatible with both CAN bus and CAN-FD protocols and has a lower operand when compared with other methods.

Development of Field Control System of Automated Guided Vehicle Based on Wireless Local Area Network and CAN Bus

2013 ◽  
Vol 579-580 ◽  
pp. 792-797
Author(s):  
Yan Wang ◽  
Zhong Da Yu ◽  
Chen Xing Bao ◽  
Dong Xiang Shao
Keyword(s):  
Control System ◽  
Real Time ◽  
Wireless Local Area Network ◽  
Local Area Network ◽  
Can Bus ◽  
Control Unit ◽  
Local Area ◽  
Automated Guided Vehicle ◽  
Area Network ◽  
Control Units

In this paper, we realize a real-time communication based on wireless local area network (WIFI) and controller area network (CAN) bus and develop a distributed control system for an automated guided vehicle (AGV). The system consists of two levels: (1) communication between AGVs and main computer based on WIFI, (2) communicationg between control units of AGV based on CAN bus. A real-time operating system μC/OS-II was used to control time, which significantly reduces the time for program and improves development efficiency. Finally, a small-size distributed AGV controller is developed as the main control unit of AGV and a distributed I/O system is developed based on it.

scholarly journals An Overview of CAN-BUS Development, Utilization, and Future Potential in Serial Network Messaging for Off-Road Mobile Equipment

2021 ◽  
Author(s):  
Hannah M. Boland ◽  
Morgan I. Burgett ◽  
Aaron J. Etienne ◽  
Robert M. Stwalley III
Keyword(s):  
Distributed Control ◽  
Precision Agriculture ◽  
Can Bus ◽  
Electronic System ◽  
Area Network ◽  
Network Information ◽  
Control Units ◽  
Smart Farming ◽  
Industry Applications ◽  
Future Potential

A Controller Area Network (CAN) is a serial network information technology that facilitates the passing of information between Electronic Control Units (ECUs, also known as nodes). Developed by BOSCH in 1986 to circumvent challenges in harness-connected systems and provide improved message handling in automobiles, the CAN interface allows broadcast communication between all connected ECUs within a vehicle’s integrated electronic system through distributed control and decentralized measuring equipment. Since the early uses of CAN in car engine management, improvements in bitrate, bandwidth, and standardization protocols (such as ISO 11898 and SAE J1939) have led to CAN utilization in various industry applications, such as factory automation, aviation, off-highway vehicles, and telematics. Alternative wired and wireless technologies have been used to connect and network with CAN-BUS (such as Ethernet, Bluetooth, Wi-Fi, ZigBee, etc.), further expanding the diversity of applications in which the serial network is employed. In this chapter, the past, present, and prospective future developments of CAN technology, with focused attention on applications in the agricultural and off-road sectors are broadly examined. CAN technology fundamentals, standards creation, modern day uses, and potential functionalities and challenges specific to CAN in the wake of precision agriculture and smart farming are discussed in detail.

scholarly journals CA-CRE: Classification Algorithm-Based Controller Area Network Payload Format Reverse-Engineering Method

Electronics ◽  
2021 ◽  
Vol 10 (19) ◽  
pp. 2442
Author(s):  
Cheongmin Ji ◽  
Taehyoung Ko ◽  
Manpyo Hong
Keyword(s):  
Reverse Engineering ◽  
Controller Area Network ◽  
Third Party ◽  
Area Network ◽  
Electronic Control ◽  
Plain Text ◽  
Security Research ◽  
Control Units ◽  
Vehicle Networks ◽  
Gain Access

In vehicles, dozens of electronic control units are connected to one or more controller area network (CAN) buses to exchange information and send commands related to the physical system of the vehicles. Furthermore, modern vehicles are connected to the Internet via telematics control units (TCUs). This leads to an attack vector in which attackers can control vehicles remotely once they gain access to in-vehicle networks (IVNs) and can discover the formats of important messages. Although the format information is kept secret by car manufacturers, CAN is vulnerable, since payloads are transmitted in plain text. In contrast, the secrecy of message formats inhibits IVN security research by third-party researchers. It also hinders effective security tests for in-vehicle networks as performed by evaluation authorities. To mitigate this problem, a method of reverse-engineering CAN payload formats is proposed. The method utilizes classification algorithms to predict signal boundaries from CAN payloads. Several features were uniquely chosen and devised to quantify the type-specific characteristics of signals. The method is evaluated on real-world and synthetic CAN traces, and the results show that our method can predict at least 10% more signal boundaries than the existing methods.

scholarly journals Cyberattacks and Countermeasures for In-Vehicle Networks

2021 ◽  
Vol 54 (1) ◽  
pp. 1-37 ◽  
Author(s):  
Emad Aliwa ◽  
Omer Rana ◽  
Charith Perera ◽  
Peter Burnap
Keyword(s):  
Real Time ◽  
Can Bus ◽  
Mitigation Strategies ◽  
Area Network ◽  
Frame Size ◽  
Control Units ◽  
Time Sensitivity ◽  
Small Frame ◽  
Entry Points ◽  
Attack Surface

As connectivity between and within vehicles increases, so does concern about safety and security. Various automotive serial protocols are used inside vehicles such as Controller Area Network (CAN), Local Interconnect Network (LIN), and FlexRay. CAN Bus is the most used in-vehicle network protocol to support exchange of vehicle parameters between Electronic Control Units (ECUs). This protocol lacks security mechanisms by design and is therefore vulnerable to various attacks. Furthermore, connectivity of vehicles has made the CAN Bus vulnerable not only from within the vehicle but also from outside. With the rise of connected cars, more entry points and interfaces have been introduced on board vehicles, thereby also leading to a wider potential attack surface. Existing security mechanisms focus on the use of encryption, authentication, and vehicle Intrusion Detection Systems (IDS), which operate under various constraints such as low bandwidth, small frame size (e.g., in the CAN protocol), limited availability of computational resources, and real-time sensitivity. We survey and classify current cryptographic and IDS approaches and compare these approaches based on criteria such as real-time constraints, types of hardware used, changes in CAN Bus behaviour, types of attack mitigation, and software/ hardware used to validate these approaches. We conclude with mitigation strategies limitations and research challenges for the future.

scholarly journals Identify a Spoofing Attack on an In-Vehicle CAN Bus Based on the Deep Features of an ECU Fingerprint Signal

Smart Cities ◽  
2020 ◽  
Vol 3 (1) ◽  
pp. 17-30
Author(s):  
Yun Yang ◽  
Zongtao Duan ◽  
Mark Tehranipoor
Keyword(s):  
Autonomous Vehicles ◽  
Short Term Memory ◽  
Can Bus ◽  
Area Network ◽  
Gate Arrays ◽  
Control Units ◽  
Field Programmable ◽  
Programmable Gate Arrays ◽  
Long Short Term Memory ◽  
High Computational Complexity

An in-vehicle controller area network (CAN) bus is vulnerable because of increased sharing among modern autonomous vehicles and the weak protocol design principle. Spoofing attacks on a CAN bus can be difficult to detect and have the potential to enable devastating attacks. To effectively identify spoofing attacks, we propose the authentication of sender identities using a recurrent neural network with long short-term memory units (RNN-LSTM) based on the features of a fingerprint signal. We also present a way to generate the analog fingerprint signals of electronic control units (ECUs) to train the proposed RNN-LSTM classifier. The proposed RNN-LSTM model is accelerated on embedded Field-Programmable Gate Arrays (FPGA) to allow for real-time detection despite high computational complexity. A comparison of experimental results with the latest studies demonstrates the capability of the proposed RNN-LSTM model and its potential as a solution to in-vehicle CAN bus security.

Two-Step Algorithm to Detect Cyber-Attack Over the Can-Bus: A Preliminary Case Study in Connected Vehicles

2021 ◽  
Author(s):  
Marco Lombardi ◽  
Francesco Pascale ◽  
Domenico Santaniello
Keyword(s):  
Can Bus ◽  
Detection System ◽  
Detection Algorithm ◽  
Connected Vehicles ◽  
Cyber Attack ◽  
Multimedia Services ◽  
Control Units ◽  
The Status ◽  
Step Algorithm

Abstract Modern vehicles are connected to the network and between each other through smart sensors and smart objects commonly present on board. This situation has allowed manufacturers to send over-the-air updates, receive diagnostic information, and offer various multimedia services. More generally, at present, all this is indicated by the term 'Vehicle to Everything' (V2X), which indicates a system of communication between a vehicle to any entity that may influence the vehicle and vice versa. However, it introduces problems regarding the vehicle's IT security. It is possible, for example, by tampering with one of the Electronic Control Units (ECUs) to take partial or total control of the vehicle. In this paper, we introduce a preliminary study case to guarantee cybersecurity inside connected vehicles. In particular, an Intrusion Detection System over the CAN-Bus to allow the possible malicious massages. In particular, through the use of a two-step detection algorithm that exploits both the variation of the status parameters of the various ECUs over time and the Bayesian networks can identify a possible attack. The first experimental results seem encouraging.

scholarly journals Design of CAN Bus Communication Interfaces for Forestry Machines

Computers ◽  
2021 ◽  
Vol 10 (11) ◽  
pp. 144
Author(s):  
Geoffrey Spencer ◽  
Frutuoso Mateus ◽  
Pedro Torres ◽  
Rogério Dionísio ◽  
Ricardo Martins
Keyword(s):  
Can Bus ◽  
New Products ◽  
Experimental System ◽  
Area Network ◽  
Electronic Control ◽  
Transportation Industry ◽  
Remote Diagnosis ◽  
Sensors And Actuators ◽  
Remote Communication ◽  
Control Units

This paper presents the initial developments of new hardware devices targeted for CAN (Controller Area Network) bus communications in forest machines. CAN bus is a widely used protocol for communications in the automobile area. It is also applied in industrial vehicles and machines due to its robustness, simplicity, and operating flexibility. It is ideal for forestry machinery producers who need to couple their equipment to a machine that allows the transportation industry to recognize the importance of standardizing communications between tools and machines. One of the problems that producers sometimes face is a lack of flexibility in commercialized hardware modules; for example, in interfaces for sensors and actuators that guarantee scalability depending on the new functionalities required. The hardware device presented in this work is designed to overcome these limitations and provide the flexibility to standardize communications while allowing scalability in the development of new products and features. The work is being developed within the scope of the research project “SMARTCUT—Remote Diagnosis, Maintenance and Simulators for Operation Training and Maintenance of Forest Machines”, to incorporate innovative technologies in forest machines produced by the CUTPLANT S.A. It consists of an experimental system based on the PIC18F26K83 microcontroller to form a CAN node to transmit and receive digital and analog messages via CAN bus, tested and validated by the communication between different nodes. The main contribution of the paper focuses on the presentation of the development of new CAN bus electronic control units designed to enable remote communication between sensors and actuators, and the main controller of forest machines.

Sign in / Sign up

Export Citation Format

Share Document