SlideShare uma empresa Scribd logo

DefCamp 2013 - In vehicle CAN network security

Transferir como PPTX, PDF
DefCamp
DefCamp
TecnologiaNegócios
1 de 31
In vehicle CAN network security An overview
Bogdan-Ioan Şuta • System manager at AtoS IT Solutions and Services • Former Embedded C developer at Hella Romania • Graduated Master in Automotive Embedded Software from "Politehnica" University of Timisoara • Interested in computers, cars and anything in between
Overview IN VEHICLE NETWORKS
In vehicle networks • Used for information sharing between ECUs (Electronic Control Unit) • Reduce the number of wires needed inside a vehicle between ECUs • Come in many forms: – By medium: two-wire, one-wire, optical, wireless – By protocol: Ethernet, CAN, LIN, FlexRay, MOST, K Line etc.
In vehicle networks
Overview CONTROLLER AREA NETWORK
Controller Area Network • • • • • Developed by Robert Bosch GmbH in 1983 Designed for electrically noisy environments Baud rates of up to 1Mb/s Broadcast type network Frames composed of (minimalistic): – ID field – used for arbitration – either 11 or 24 bits long – Data Field – actual transported data - up to 8 bytes – CRC Field – for error correction – 15 bits
HACKING VEHICLE NETWORKS
Hacking vehicle networks • MIT did it: – Comprehensive Experimental Analyses of Automotive Attack Surfaces http://youtu.be/bHfOziIwXic • Blogs made tutorials for it: – Hack a day http://hackaday.com/2013/10/21/can -hacking-introductions/ • Individuals also tried their luck: – http://secuduino.blogspot.ro/2011/04 /grupo-volkswagen-can-confort.html
Hacking vehicle networks • Various hardware is available to do it: – The OpenXC Platform http://openxcplatform.com/ – Arduino shields are available http://www.skpang.co.uk/catalog/arduinocanbus-shield-with-usd-card-holder-p-706.html – Custom – any microcontroller with a CAN controller with an CAN transceiver will work
At hacking the CAN bus MY ATTEMPTS
Proposition • Connect to the CAN bus • Identify messages being transmitted on the bus • Perform spoofing and flood attacks • Do not get into diagnostic based attacks (change odometer, disable immobilizer)
Setup • • • • • VW Passat 2001 Breadboard mBed LPC 1768 development board 2x Microchip MCP 2551 CAN tranceivers PC with TerraTerm used for communicating with the mBed • mBed programmed for CAN monitoring, flooding and spoofing • First connection attempt: – Male OBD-II connector connected to the diagnostic port of the CAR • Second attempt: – Twisted pair of conductors from a CAT-5 cable connected at the back of the VW Climatronic
FIRST ATTEMPT Using OBD connector
OBD Cable
First attempt: FAILED • Communication was not possible • Subject car does not have CAN on the OBD-II Connector • Only K line was present
SECOND ATTEMPT Direct connection
Connection to car
Second attempt: SUCCESS • A few tries and some info from: http://secuduino.blogspot.ro/2011/04/grupovolkswagen-can-confort.html • Connected to Convenience CAN • Baud rate of 100kb/s • Communication established 
A bit of sniffing… • Found CAN messages from – Door locks – Electric windows • Position of window • Status of button (pressed, not pressed) – Instruments backlighting value – Lots of other data that I couldn’t find a correlation
Some spoofing… • Sending commands that would originate from the Body Control Module
Power windows VIDEO
And some flooding • Sending a very high priority CAN message on the network continuously • Using hardware interrupts so no delays occur
Car door locks VIDEO
Security issues • No authentication of nodes • Messages are not scrambled • Security by obscurity
Counter measures • Researched and developed by many universities and companies: – Efficient Protocols For Secure Broadcast In Controller Area Networks - http://www.aut.upt.ro/~bgroza/Papers/CANSec.pdf – LiBrA-CAN: Lightweight Broadcast Authentication for Controller Area Networks http://www.aut.upt.ro/~bgroza/Papers/LIBRA.pdf – Broadcast Authentication in a Low Speed Controller Area Network http://www.aut.upt.ro/~bgroza/Papers/CANAut.pdf – Low cost multicast network authentication for embedded control systems http://128.2.129.29/research/publications/2012/CMUECE-2012-011.pdf – Many more
CONCLUSIONS
Conclusions • Hacking vehicle networks is EASY • Through trial and error much information can be obtained -> security by obscurity is not sufficient • With great power comes great responsibility – Getting information from the vehicle bus can enhance use of the vehicle – People with bad intentions can cause damages and injuries
Contributors • • • • • Ioan Dubar Alexandru Leipnik Bogdan Groza Alexandru George Andrei My parents
Thank you.

Recomendados

CAN, BY MD.ABDULLAH
CAN, BY MD.ABDULLAHCAN, BY MD.ABDULLAH
CAN, BY MD.ABDULLAHsameer abdullah
 
Halderman ch049 lecture
Halderman ch049 lectureHalderman ch049 lecture
Halderman ch049 lecturemcfalltj
 
CAN (Controller Area Network) Bus Protocol
CAN (Controller Area Network) Bus ProtocolCAN (Controller Area Network) Bus Protocol
CAN (Controller Area Network) Bus ProtocolAbhinaw Tiwari
 
Controller area network protocol
Controller area network protocolController area network protocol
Controller area network protocolSneha Nalla
 
Local Interconnect Network
Local Interconnect NetworkLocal Interconnect Network
Local Interconnect NetworkJabez Winston
 
Canbus presentation
Canbus presentationCanbus presentation
Canbus presentationKurt von Ahnen
 
Design flow for Controller Area Network systems
Design flow for Controller Area Network systemsDesign flow for Controller Area Network systems
Design flow for Controller Area Network systemsAlexios Lekidis
 
Controller Area Network (Basic Level Presentation)
Controller Area Network (Basic Level Presentation)Controller Area Network (Basic Level Presentation)
Controller Area Network (Basic Level Presentation)Vikas Kumar
 

Recomendados

CAN, BY MD.ABDULLAH
CAN, BY MD.ABDULLAHCAN, BY MD.ABDULLAH
CAN, BY MD.ABDULLAHsameer abdullah
 
Halderman ch049 lecture
Halderman ch049 lectureHalderman ch049 lecture
Halderman ch049 lecturemcfalltj
 
CAN (Controller Area Network) Bus Protocol
CAN (Controller Area Network) Bus ProtocolCAN (Controller Area Network) Bus Protocol
CAN (Controller Area Network) Bus ProtocolAbhinaw Tiwari
 
Controller area network protocol
Controller area network protocolController area network protocol
Controller area network protocolSneha Nalla
 
Local Interconnect Network
Local Interconnect NetworkLocal Interconnect Network
Local Interconnect NetworkJabez Winston
 
Canbus presentation
Canbus presentationCanbus presentation
Canbus presentationKurt von Ahnen
 
Design flow for Controller Area Network systems
Design flow for Controller Area Network systemsDesign flow for Controller Area Network systems
Design flow for Controller Area Network systemsAlexios Lekidis
 
Controller Area Network (Basic Level Presentation)
Controller Area Network (Basic Level Presentation)Controller Area Network (Basic Level Presentation)
Controller Area Network (Basic Level Presentation)Vikas Kumar
 
Can Protocol For Automobiles
Can Protocol For AutomobilesCan Protocol For Automobiles
Can Protocol For AutomobilesSofcon India Pvt Ltd.
 
Ca npp t
Ca npp tCa npp t
Ca npp tDarshan k s
 
Controller area network
Controller area networkController area network
Controller area networkCraig Kielb
 
Can bus m.n.r
Can bus m.n.rCan bus m.n.r
Can bus m.n.rMNR85
 
Controller area network (CAN bus) ppt
Controller area network (CAN bus) pptController area network (CAN bus) ppt
Controller area network (CAN bus) pptRaziuddin Khazi
 
Controller Area Network(CAN)
Controller Area Network(CAN)Controller Area Network(CAN)
Controller Area Network(CAN)Ashutosh Bhardwaj
 
Controller area network (can bus)
Controller area network (can bus)Controller area network (can bus)
Controller area network (can bus)nassim unused
 
Canbus
CanbusCanbus
CanbusRobertCowles5
 
Can protocol implementation for data communication (2)
Can protocol implementation for data communication (2)Can protocol implementation for data communication (2)
Can protocol implementation for data communication (2)karuna418
 
CAN Bus
CAN BusCAN Bus
CAN BusAnoop Mathew
 
CAN- controlled area network
CAN- controlled area networkCAN- controlled area network
CAN- controlled area networkPantech ProLabs India Pvt Ltd
 
Control Area Network (CAN) based accident avoidance system
Control Area Network (CAN) based accident avoidance systemControl Area Network (CAN) based accident avoidance system
Control Area Network (CAN) based accident avoidance systemNitin Jagtap
 
Canbus
CanbusCanbus
CanbusSURYAPRAKASH S
 
Control Area Network
Control Area NetworkControl Area Network
Control Area Networkvenkat thangella
 
D1 b ducati slide rev03_eng
D1 b ducati slide rev03_engD1 b ducati slide rev03_eng
D1 b ducati slide rev03_engKurt von Ahnen
 
CAN Networks
CAN NetworksCAN Networks
CAN Networksjdholly
 
Can bus
Can busCan bus
Can busمحمدعبد الحى
 
Automotive bus technologies
Automotive bus technologiesAutomotive bus technologies
Automotive bus technologiesRadwa Tarek
 
Lin bus
Lin busLin bus
Lin busمحمدعبد الحى
 
CONNECTED vehicle ECU.pptx
CONNECTED vehicle ECU.pptxCONNECTED vehicle ECU.pptx
CONNECTED vehicle ECU.pptxVairaPrakash2
 
Google Advertising Network Car Dealer Examples
Google Advertising Network Car Dealer ExamplesGoogle Advertising Network Car Dealer Examples
Google Advertising Network Car Dealer ExamplesRalph Paglia
 
Trend of Next-Gen In-Vehicle Network Standard and Current State of Security(F...
Trend of Next-Gen In-Vehicle Network Standard and Current State of Security(F...Trend of Next-Gen In-Vehicle Network Standard and Current State of Security(F...
Trend of Next-Gen In-Vehicle Network Standard and Current State of Security(F...FFRI, Inc.
 

Mais conteúdo relacionado

Mais procurados

Controller area network
Controller area networkController area network
Controller area networkCraig Kielb
 
Can bus m.n.r
Can bus m.n.rCan bus m.n.r
Can bus m.n.rMNR85
 
Controller area network (CAN bus) ppt
Controller area network (CAN bus) pptController area network (CAN bus) ppt
Controller area network (CAN bus) pptRaziuddin Khazi
 
Controller Area Network(CAN)
Controller Area Network(CAN)Controller Area Network(CAN)
Controller Area Network(CAN)Ashutosh Bhardwaj
 
Controller area network (can bus)
Controller area network (can bus)Controller area network (can bus)
Controller area network (can bus)nassim unused
 
Can protocol implementation for data communication (2)
Can protocol implementation for data communication (2)Can protocol implementation for data communication (2)
Can protocol implementation for data communication (2)karuna418
 
Control Area Network (CAN) based accident avoidance system
Control Area Network (CAN) based accident avoidance systemControl Area Network (CAN) based accident avoidance system
Control Area Network (CAN) based accident avoidance systemNitin Jagtap
 
D1 b ducati slide rev03_eng
D1 b ducati slide rev03_engD1 b ducati slide rev03_eng
D1 b ducati slide rev03_engKurt von Ahnen
 
CAN Networks
CAN NetworksCAN Networks
CAN Networksjdholly
 
Automotive bus technologies
Automotive bus technologiesAutomotive bus technologies
Automotive bus technologiesRadwa Tarek
 
CONNECTED vehicle ECU.pptx
CONNECTED vehicle ECU.pptxCONNECTED vehicle ECU.pptx
CONNECTED vehicle ECU.pptxVairaPrakash2
 

Mais procurados (20)

Can Protocol For Automobiles
Can Protocol For AutomobilesCan Protocol For Automobiles
Can Protocol For Automobiles
 
Ca npp t
Ca npp tCa npp t
Ca npp t
 
Controller area network
Controller area networkController area network
Controller area network
 
Can bus m.n.r
Can bus m.n.rCan bus m.n.r
Can bus m.n.r
 
Controller area network (CAN bus) ppt
Controller area network (CAN bus) pptController area network (CAN bus) ppt
Controller area network (CAN bus) ppt
 
Controller Area Network(CAN)
Controller Area Network(CAN)Controller Area Network(CAN)
Controller Area Network(CAN)
 
Controller area network (can bus)
Controller area network (can bus)Controller area network (can bus)
Controller area network (can bus)
 
Canbus
CanbusCanbus
Canbus
 
Can protocol implementation for data communication (2)
Can protocol implementation for data communication (2)Can protocol implementation for data communication (2)
Can protocol implementation for data communication (2)
 
CAN Bus
CAN BusCAN Bus
CAN Bus
 
CAN- controlled area network
CAN- controlled area networkCAN- controlled area network
CAN- controlled area network
 
Control Area Network (CAN) based accident avoidance system
Control Area Network (CAN) based accident avoidance systemControl Area Network (CAN) based accident avoidance system
Control Area Network (CAN) based accident avoidance system
 
Canbus
CanbusCanbus
Canbus
 
Control Area Network
Control Area NetworkControl Area Network
Control Area Network
 
D1 b ducati slide rev03_eng
D1 b ducati slide rev03_engD1 b ducati slide rev03_eng
D1 b ducati slide rev03_eng
 
CAN Networks
CAN NetworksCAN Networks
CAN Networks
 
Can bus
Can busCan bus
Can bus
 
Automotive bus technologies
Automotive bus technologiesAutomotive bus technologies
Automotive bus technologies
 
Lin bus
Lin busLin bus
Lin bus
 
CONNECTED vehicle ECU.pptx
CONNECTED vehicle ECU.pptxCONNECTED vehicle ECU.pptx
CONNECTED vehicle ECU.pptx
 

Destaque

Google Advertising Network Car Dealer Examples
Google Advertising Network Car Dealer ExamplesGoogle Advertising Network Car Dealer Examples
Google Advertising Network Car Dealer ExamplesRalph Paglia
 
Trend of Next-Gen In-Vehicle Network Standard and Current State of Security(F...
Trend of Next-Gen In-Vehicle Network Standard and Current State of Security(F...Trend of Next-Gen In-Vehicle Network Standard and Current State of Security(F...
Trend of Next-Gen In-Vehicle Network Standard and Current State of Security(F...FFRI, Inc.
 
Blending Automated and Manual Testing
Blending Automated and Manual TestingBlending Automated and Manual Testing
Blending Automated and Manual TestingDenim Group
 
Fuzzing 101 Webinar on Zero Day Management
Fuzzing 101 Webinar on Zero Day ManagementFuzzing 101 Webinar on Zero Day Management
Fuzzing 101 Webinar on Zero Day ManagementCodenomicon
 
Software Security Education at Scale
Software Security Education at ScaleSoftware Security Education at Scale
Software Security Education at ScaleChris Theisen
 
Automated Attack Surface Approximation [FSE - SRC 2015]
Automated Attack Surface Approximation [FSE - SRC 2015]Automated Attack Surface Approximation [FSE - SRC 2015]
Automated Attack Surface Approximation [FSE - SRC 2015]Chris Theisen
 
Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Inje...
Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Inje...Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Inje...
Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Inje...Yuji Kosuga
 
Unmasking Anonymous: An Eyewitness Account of a Hacktivist Attack
Unmasking Anonymous: An Eyewitness Account of a Hacktivist AttackUnmasking Anonymous: An Eyewitness Account of a Hacktivist Attack
Unmasking Anonymous: An Eyewitness Account of a Hacktivist AttackImperva
 
Autonomous Hacking: The New Frontiers of Attack and Defense
Autonomous Hacking: The New Frontiers of Attack and DefenseAutonomous Hacking: The New Frontiers of Attack and Defense
Autonomous Hacking: The New Frontiers of Attack and DefensePriyanka Aash
 
A DevOps Guide to Web Application Security
A DevOps Guide to Web Application SecurityA DevOps Guide to Web Application Security
A DevOps Guide to Web Application SecurityImperva Incapsula
 
Attacks Against Captcha Systems - DefCamp 2012
Attacks Against Captcha Systems - DefCamp 2012Attacks Against Captcha Systems - DefCamp 2012
Attacks Against Captcha Systems - DefCamp 2012DefCamp
 
Automated and Effective Testing of Web Services for XML Injection Attacks
Automated and Effective Testing of Web Services for XML Injection AttacksAutomated and Effective Testing of Web Services for XML Injection Attacks
Automated and Effective Testing of Web Services for XML Injection AttacksLionel Briand
 
Storage Area Network(SAN)
Storage Area Network(SAN)Storage Area Network(SAN)
Storage Area Network(SAN)Krishna Kahar
 
Crowd-Sourced Threat Intelligence
Crowd-Sourced Threat IntelligenceCrowd-Sourced Threat Intelligence
Crowd-Sourced Threat IntelligenceAlienVault
 
Implementing An Automated Incident Response Architecture
Implementing An Automated Incident Response ArchitectureImplementing An Automated Incident Response Architecture
Implementing An Automated Incident Response ArchitecturePriyanka Aash
 

Destaque (17)

Google Advertising Network Car Dealer Examples
Google Advertising Network Car Dealer ExamplesGoogle Advertising Network Car Dealer Examples
Google Advertising Network Car Dealer Examples
 
Trend of Next-Gen In-Vehicle Network Standard and Current State of Security(F...
Trend of Next-Gen In-Vehicle Network Standard and Current State of Security(F...Trend of Next-Gen In-Vehicle Network Standard and Current State of Security(F...
Trend of Next-Gen In-Vehicle Network Standard and Current State of Security(F...
 
Storage Managment
Storage ManagmentStorage Managment
Storage Managment
 
Blending Automated and Manual Testing
Blending Automated and Manual TestingBlending Automated and Manual Testing
Blending Automated and Manual Testing
 
Fuzzing 101 Webinar on Zero Day Management
Fuzzing 101 Webinar on Zero Day ManagementFuzzing 101 Webinar on Zero Day Management
Fuzzing 101 Webinar on Zero Day Management
 
Software Security Education at Scale
Software Security Education at ScaleSoftware Security Education at Scale
Software Security Education at Scale
 
Automated Attack Surface Approximation [FSE - SRC 2015]
Automated Attack Surface Approximation [FSE - SRC 2015]Automated Attack Surface Approximation [FSE - SRC 2015]
Automated Attack Surface Approximation [FSE - SRC 2015]
 
Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Inje...
Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Inje...Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Inje...
Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Inje...
 
Unmasking Anonymous: An Eyewitness Account of a Hacktivist Attack
Unmasking Anonymous: An Eyewitness Account of a Hacktivist AttackUnmasking Anonymous: An Eyewitness Account of a Hacktivist Attack
Unmasking Anonymous: An Eyewitness Account of a Hacktivist Attack
 
Autonomous Hacking: The New Frontiers of Attack and Defense
Autonomous Hacking: The New Frontiers of Attack and DefenseAutonomous Hacking: The New Frontiers of Attack and Defense
Autonomous Hacking: The New Frontiers of Attack and Defense
 
A DevOps Guide to Web Application Security
A DevOps Guide to Web Application SecurityA DevOps Guide to Web Application Security
A DevOps Guide to Web Application Security
 
Attacks Against Captcha Systems - DefCamp 2012
Attacks Against Captcha Systems - DefCamp 2012Attacks Against Captcha Systems - DefCamp 2012
Attacks Against Captcha Systems - DefCamp 2012
 
Automated and Effective Testing of Web Services for XML Injection Attacks
Automated and Effective Testing of Web Services for XML Injection AttacksAutomated and Effective Testing of Web Services for XML Injection Attacks
Automated and Effective Testing of Web Services for XML Injection Attacks
 
Storage Area Network(SAN)
Storage Area Network(SAN)Storage Area Network(SAN)
Storage Area Network(SAN)
 
Crowd-Sourced Threat Intelligence
Crowd-Sourced Threat IntelligenceCrowd-Sourced Threat Intelligence
Crowd-Sourced Threat Intelligence
 
Implementing An Automated Incident Response Architecture
Implementing An Automated Incident Response ArchitectureImplementing An Automated Incident Response Architecture
Implementing An Automated Incident Response Architecture
 
Slideshare ppt
Slideshare pptSlideshare ppt
Slideshare ppt
 

Semelhante a DefCamp 2013 - In vehicle CAN network security

Cyber Security in Transportation
Cyber Security in TransportationCyber Security in Transportation
Cyber Security in TransportationOren Elimelech
 
Current state of automotive network security
Current state of automotive network securityCurrent state of automotive network security
Current state of automotive network securityFFRI, Inc.
 
Feasible car cyber defense - ESCAR 2010
Feasible car cyber defense - ESCAR 2010Feasible car cyber defense - ESCAR 2010
Feasible car cyber defense - ESCAR 2010Iddan Halevy
 
Automobile Computer Security.ppt
Automobile Computer Security.pptAutomobile Computer Security.ppt
Automobile Computer Security.pptNiraj Bhatta
 
Overview of automotive network protocol
Overview of automotive network protocolOverview of automotive network protocol
Overview of automotive network protocolpoojashinde212
 
Automotive electronics Systems by Ravikumar Chilmula
Automotive electronics Systems by Ravikumar ChilmulaAutomotive electronics Systems by Ravikumar Chilmula
Automotive electronics Systems by Ravikumar ChilmulaRavikumar Chilmula
 
J1939 and OBD2 Stack Integrations With IoT Platform for Fleet Safety
J1939 and OBD2 Stack Integrations With IoT Platform for Fleet SafetyJ1939 and OBD2 Stack Integrations With IoT Platform for Fleet Safety
J1939 and OBD2 Stack Integrations With IoT Platform for Fleet SafetyEmbitel Technologies (I) PVT LTD
 
Hackers are the new highway threat
Hackers are the new highway threatHackers are the new highway threat
Hackers are the new highway threatHarman Innovation
 
Countering Cybersecurity Risk in Today's IoT World
Countering Cybersecurity Risk in Today's IoT WorldCountering Cybersecurity Risk in Today's IoT World
Countering Cybersecurity Risk in Today's IoT WorldBrad Nicholas
 
Aplicacions de 5G al IoT i la Indústria 4.0: mMTC i URLLC
Aplicacions de 5G al IoT i la Indústria 4.0: mMTC i URLLCAplicacions de 5G al IoT i la Indústria 4.0: mMTC i URLLC
Aplicacions de 5G al IoT i la Indústria 4.0: mMTC i URLLCTICAnoia
 
ITS "Intelligent Transportation System" Guided Vehicle using IOT Project
ITS "Intelligent Transportation System" Guided Vehicle using IOT ProjectITS "Intelligent Transportation System" Guided Vehicle using IOT Project
ITS "Intelligent Transportation System" Guided Vehicle using IOT ProjectMohamed Abd Ela'al
 
20160531 Testing Expo_Benefits and Requirements of Automotive Ethernet
20160531 Testing Expo_Benefits and Requirements of Automotive Ethernet20160531 Testing Expo_Benefits and Requirements of Automotive Ethernet
20160531 Testing Expo_Benefits and Requirements of Automotive EthernetGuenther Trautzl
 

Semelhante a DefCamp 2013 - In vehicle CAN network security (20)

Cyber Security in Transportation
Cyber Security in TransportationCyber Security in Transportation
Cyber Security in Transportation
 
Wfcs2019
Wfcs2019Wfcs2019
Wfcs2019
 
The role obd in Usage Based Insurance in 2015
The role obd in Usage Based Insurance in 2015The role obd in Usage Based Insurance in 2015
The role obd in Usage Based Insurance in 2015
 
Current state of automotive network security
Current state of automotive network securityCurrent state of automotive network security
Current state of automotive network security
 
AUTOMOTIVE CYBER SECURITY PPT
AUTOMOTIVE CYBER SECURITY PPTAUTOMOTIVE CYBER SECURITY PPT
AUTOMOTIVE CYBER SECURITY PPT
 
automotivecybersecurityppt.pdf
automotivecybersecurityppt.pdfautomotivecybersecurityppt.pdf
automotivecybersecurityppt.pdf
 
UGM CAN PXI
UGM CAN PXIUGM CAN PXI
UGM CAN PXI
 
Feasible car cyber defense - ESCAR 2010
Feasible car cyber defense - ESCAR 2010Feasible car cyber defense - ESCAR 2010
Feasible car cyber defense - ESCAR 2010
 
Automobile Computer Security.ppt
Automobile Computer Security.pptAutomobile Computer Security.ppt
Automobile Computer Security.ppt
 
Wireless Technology -IoT Projects
Wireless Technology -IoT ProjectsWireless Technology -IoT Projects
Wireless Technology -IoT Projects
 
Overview of automotive network protocol
Overview of automotive network protocolOverview of automotive network protocol
Overview of automotive network protocol
 
11.chapters
11.chapters11.chapters
11.chapters
 
Automotive electronics Systems by Ravikumar Chilmula
Automotive electronics Systems by Ravikumar ChilmulaAutomotive electronics Systems by Ravikumar Chilmula
Automotive electronics Systems by Ravikumar Chilmula
 
Embedded Systems in Automotive
Embedded Systems in Automotive Embedded Systems in Automotive
Embedded Systems in Automotive
 
J1939 and OBD2 Stack Integrations With IoT Platform for Fleet Safety
J1939 and OBD2 Stack Integrations With IoT Platform for Fleet SafetyJ1939 and OBD2 Stack Integrations With IoT Platform for Fleet Safety
J1939 and OBD2 Stack Integrations With IoT Platform for Fleet Safety
 
Hackers are the new highway threat
Hackers are the new highway threatHackers are the new highway threat
Hackers are the new highway threat
 
Countering Cybersecurity Risk in Today's IoT World
Countering Cybersecurity Risk in Today's IoT WorldCountering Cybersecurity Risk in Today's IoT World
Countering Cybersecurity Risk in Today's IoT World
 
Aplicacions de 5G al IoT i la Indústria 4.0: mMTC i URLLC
Aplicacions de 5G al IoT i la Indústria 4.0: mMTC i URLLCAplicacions de 5G al IoT i la Indústria 4.0: mMTC i URLLC
Aplicacions de 5G al IoT i la Indústria 4.0: mMTC i URLLC
 
ITS "Intelligent Transportation System" Guided Vehicle using IOT Project
ITS "Intelligent Transportation System" Guided Vehicle using IOT ProjectITS "Intelligent Transportation System" Guided Vehicle using IOT Project
ITS "Intelligent Transportation System" Guided Vehicle using IOT Project
 
20160531 Testing Expo_Benefits and Requirements of Automotive Ethernet
20160531 Testing Expo_Benefits and Requirements of Automotive Ethernet20160531 Testing Expo_Benefits and Requirements of Automotive Ethernet
20160531 Testing Expo_Benefits and Requirements of Automotive Ethernet
 

Mais de DefCamp

Remote Yacht Hacking
Remote Yacht HackingRemote Yacht Hacking
Remote Yacht HackingDefCamp
 
Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!DefCamp
 
The Charter of Trust
The Charter of TrustThe Charter of Trust
The Charter of TrustDefCamp
 
Internet Balkanization: Why Are We Raising Borders Online?
Internet Balkanization: Why Are We Raising Borders Online?Internet Balkanization: Why Are We Raising Borders Online?
Internet Balkanization: Why Are We Raising Borders Online?DefCamp
 
Bridging the gap between CyberSecurity R&D and UX
Bridging the gap between CyberSecurity R&D and UXBridging the gap between CyberSecurity R&D and UX
Bridging the gap between CyberSecurity R&D and UXDefCamp
 
Secure and privacy-preserving data transmission and processing using homomorp...
Secure and privacy-preserving data transmission and processing using homomorp...Secure and privacy-preserving data transmission and processing using homomorp...
Secure and privacy-preserving data transmission and processing using homomorp...DefCamp
 
Drupalgeddon 2 – Yet Another Weapon for the Attacker
Drupalgeddon 2 – Yet Another Weapon for the AttackerDrupalgeddon 2 – Yet Another Weapon for the Attacker
Drupalgeddon 2 – Yet Another Weapon for the AttackerDefCamp
 
Economical Denial of Sustainability in the Cloud (EDOS)
Economical Denial of Sustainability in the Cloud (EDOS)Economical Denial of Sustainability in the Cloud (EDOS)
Economical Denial of Sustainability in the Cloud (EDOS)DefCamp
 
Trust, but verify – Bypassing MFA
Trust, but verify – Bypassing MFATrust, but verify – Bypassing MFA
Trust, but verify – Bypassing MFADefCamp
 
Threat Hunting: From Platitudes to Practical Application
Threat Hunting: From Platitudes to Practical ApplicationThreat Hunting: From Platitudes to Practical Application
Threat Hunting: From Platitudes to Practical ApplicationDefCamp
 
Building application security with 0 money down
Building application security with 0 money downBuilding application security with 0 money down
Building application security with 0 money downDefCamp
 
Implementation of information security techniques on modern android based Kio...
Implementation of information security techniques on modern android based Kio...Implementation of information security techniques on modern android based Kio...
Implementation of information security techniques on modern android based Kio...DefCamp
 
Lattice based Merkle for post-quantum epoch
Lattice based Merkle for post-quantum epochLattice based Merkle for post-quantum epoch
Lattice based Merkle for post-quantum epochDefCamp
 
The challenge of building a secure and safe digital environment in healthcare
The challenge of building a secure and safe digital environment in healthcareThe challenge of building a secure and safe digital environment in healthcare
The challenge of building a secure and safe digital environment in healthcareDefCamp
 
Timing attacks against web applications: Are they still practical?
Timing attacks against web applications: Are they still practical?Timing attacks against web applications: Are they still practical?
Timing attacks against web applications: Are they still practical?DefCamp
 
Tor .onions: The Good, The Rotten and The Misconfigured
Tor .onions: The Good, The Rotten and The Misconfigured Tor .onions: The Good, The Rotten and The Misconfigured
Tor .onions: The Good, The Rotten and The Misconfigured DefCamp
 
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...DefCamp
 
We will charge you. How to [b]reach vendor’s network using EV charging station.
We will charge you. How to [b]reach vendor’s network using EV charging station.We will charge you. How to [b]reach vendor’s network using EV charging station.
We will charge you. How to [b]reach vendor’s network using EV charging station.DefCamp
 
Connect & Inspire Cyber Security
Connect & Inspire Cyber SecurityConnect & Inspire Cyber Security
Connect & Inspire Cyber SecurityDefCamp
 
The lions and the watering hole
The lions and the watering holeThe lions and the watering hole
The lions and the watering holeDefCamp
 

Mais de DefCamp (20)

Remote Yacht Hacking
Remote Yacht HackingRemote Yacht Hacking
Remote Yacht Hacking
 
Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!Mobile, IoT, Clouds… It’s time to hire your own risk manager!
Mobile, IoT, Clouds… It’s time to hire your own risk manager!
 
The Charter of Trust
The Charter of TrustThe Charter of Trust
The Charter of Trust
 
Internet Balkanization: Why Are We Raising Borders Online?
Internet Balkanization: Why Are We Raising Borders Online?Internet Balkanization: Why Are We Raising Borders Online?
Internet Balkanization: Why Are We Raising Borders Online?
 
Bridging the gap between CyberSecurity R&D and UX
Bridging the gap between CyberSecurity R&D and UXBridging the gap between CyberSecurity R&D and UX
Bridging the gap between CyberSecurity R&D and UX
 
Secure and privacy-preserving data transmission and processing using homomorp...
Secure and privacy-preserving data transmission and processing using homomorp...Secure and privacy-preserving data transmission and processing using homomorp...
Secure and privacy-preserving data transmission and processing using homomorp...
 
Drupalgeddon 2 – Yet Another Weapon for the Attacker
Drupalgeddon 2 – Yet Another Weapon for the AttackerDrupalgeddon 2 – Yet Another Weapon for the Attacker
Drupalgeddon 2 – Yet Another Weapon for the Attacker
 
Economical Denial of Sustainability in the Cloud (EDOS)
Economical Denial of Sustainability in the Cloud (EDOS)Economical Denial of Sustainability in the Cloud (EDOS)
Economical Denial of Sustainability in the Cloud (EDOS)
 
Trust, but verify – Bypassing MFA
Trust, but verify – Bypassing MFATrust, but verify – Bypassing MFA
Trust, but verify – Bypassing MFA
 
Threat Hunting: From Platitudes to Practical Application
Threat Hunting: From Platitudes to Practical ApplicationThreat Hunting: From Platitudes to Practical Application
Threat Hunting: From Platitudes to Practical Application
 
Building application security with 0 money down
Building application security with 0 money downBuilding application security with 0 money down
Building application security with 0 money down
 
Implementation of information security techniques on modern android based Kio...
Implementation of information security techniques on modern android based Kio...Implementation of information security techniques on modern android based Kio...
Implementation of information security techniques on modern android based Kio...
 
Lattice based Merkle for post-quantum epoch
Lattice based Merkle for post-quantum epochLattice based Merkle for post-quantum epoch
Lattice based Merkle for post-quantum epoch
 
The challenge of building a secure and safe digital environment in healthcare
The challenge of building a secure and safe digital environment in healthcareThe challenge of building a secure and safe digital environment in healthcare
The challenge of building a secure and safe digital environment in healthcare
 
Timing attacks against web applications: Are they still practical?
Timing attacks against web applications: Are they still practical?Timing attacks against web applications: Are they still practical?
Timing attacks against web applications: Are they still practical?
 
Tor .onions: The Good, The Rotten and The Misconfigured
Tor .onions: The Good, The Rotten and The Misconfigured Tor .onions: The Good, The Rotten and The Misconfigured
Tor .onions: The Good, The Rotten and The Misconfigured
 
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...
 
We will charge you. How to [b]reach vendor’s network using EV charging station.
We will charge you. How to [b]reach vendor’s network using EV charging station.We will charge you. How to [b]reach vendor’s network using EV charging station.
We will charge you. How to [b]reach vendor’s network using EV charging station.
 
Connect & Inspire Cyber Security
Connect & Inspire Cyber SecurityConnect & Inspire Cyber Security
Connect & Inspire Cyber Security
 
The lions and the watering hole
The lions and the watering holeThe lions and the watering hole
The lions and the watering hole
 

Último

Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 

Último (20)

Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 

DefCamp 2013 - In vehicle CAN network security

  • 1. In vehicle CAN network security An overview
  • 2. Bogdan-Ioan Şuta • System manager at AtoS IT Solutions and Services • Former Embedded C developer at Hella Romania • Graduated Master in Automotive Embedded Software from "Politehnica" University of Timisoara • Interested in computers, cars and anything in between
  • 4. In vehicle networks • Used for information sharing between ECUs (Electronic Control Unit) • Reduce the number of wires needed inside a vehicle between ECUs • Come in many forms: – By medium: two-wire, one-wire, optical, wireless – By protocol: Ethernet, CAN, LIN, FlexRay, MOST, K Line etc.
  • 7. Controller Area Network • • • • • Developed by Robert Bosch GmbH in 1983 Designed for electrically noisy environments Baud rates of up to 1Mb/s Broadcast type network Frames composed of (minimalistic): – ID field – used for arbitration – either 11 or 24 bits long – Data Field – actual transported data - up to 8 bytes – CRC Field – for error correction – 15 bits
  • 9. Hacking vehicle networks • MIT did it: – Comprehensive Experimental Analyses of Automotive Attack Surfaces http://youtu.be/bHfOziIwXic • Blogs made tutorials for it: – Hack a day http://hackaday.com/2013/10/21/can -hacking-introductions/ • Individuals also tried their luck: – http://secuduino.blogspot.ro/2011/04 /grupo-volkswagen-can-confort.html
  • 10. Hacking vehicle networks • Various hardware is available to do it: – The OpenXC Platform http://openxcplatform.com/ – Arduino shields are available http://www.skpang.co.uk/catalog/arduinocanbus-shield-with-usd-card-holder-p-706.html – Custom – any microcontroller with a CAN controller with an CAN transceiver will work
  • 11. At hacking the CAN bus MY ATTEMPTS
  • 12. Proposition • Connect to the CAN bus • Identify messages being transmitted on the bus • Perform spoofing and flood attacks • Do not get into diagnostic based attacks (change odometer, disable immobilizer)
  • 13. Setup • • • • • VW Passat 2001 Breadboard mBed LPC 1768 development board 2x Microchip MCP 2551 CAN tranceivers PC with TerraTerm used for communicating with the mBed • mBed programmed for CAN monitoring, flooding and spoofing • First connection attempt: – Male OBD-II connector connected to the diagnostic port of the CAR • Second attempt: – Twisted pair of conductors from a CAT-5 cable connected at the back of the VW Climatronic
  • 14.
  • 17. First attempt: FAILED • Communication was not possible • Subject car does not have CAN on the OBD-II Connector • Only K line was present
  • 20. Second attempt: SUCCESS • A few tries and some info from: http://secuduino.blogspot.ro/2011/04/grupovolkswagen-can-confort.html • Connected to Convenience CAN • Baud rate of 100kb/s • Communication established 
  • 21. A bit of sniffing… • Found CAN messages from – Door locks – Electric windows • Position of window • Status of button (pressed, not pressed) – Instruments backlighting value – Lots of other data that I couldn’t find a correlation
  • 22. Some spoofing… • Sending commands that would originate from the Body Control Module
  • 24. And some flooding • Sending a very high priority CAN message on the network continuously • Using hardware interrupts so no delays occur
  • 26. Security issues • No authentication of nodes • Messages are not scrambled • Security by obscurity
  • 27. Counter measures • Researched and developed by many universities and companies: – Efficient Protocols For Secure Broadcast In Controller Area Networks - http://www.aut.upt.ro/~bgroza/Papers/CANSec.pdf – LiBrA-CAN: Lightweight Broadcast Authentication for Controller Area Networks http://www.aut.upt.ro/~bgroza/Papers/LIBRA.pdf – Broadcast Authentication in a Low Speed Controller Area Network http://www.aut.upt.ro/~bgroza/Papers/CANAut.pdf – Low cost multicast network authentication for embedded control systems http://128.2.129.29/research/publications/2012/CMUECE-2012-011.pdf – Many more
  • 29. Conclusions • Hacking vehicle networks is EASY • Through trial and error much information can be obtained -> security by obscurity is not sufficient • With great power comes great responsibility – Getting information from the vehicle bus can enhance use of the vehicle – People with bad intentions can cause damages and injuries