CAN Obfuscation

In einer Veröffentlichung auf dem „2nd ACM Computer Science in Cars Symposium (CSCS 2018) – Future Challenges in Artificial Intelligence & Security for Autonomous Vehicles“ präsentieren Forscher der INSicherheit – Ingolstädter Forschungsgruppe Angewandte IT-Sicherheit im September in München ein neuartiges IT-Sicherheitskonzept zum Schutz des CAN Bus in Fahrzeugen. Das Verfahren kommt ohne aufwendige Kryptographie aus und schützt insbesondere vor Malware-Angriffe auf autonome Fahrzeuge.

Abstract der Veröffentlichung:

„Autonomous driving poses new challenges for IT security in ve- hicles. Challenges arise from the increased number of external data sources, the increased interconnection of vehicles as well as from the missing “human in the loop”. The increased attack sur- face will likely result in manifold attacks and the missing human control will could lead to large scale attacks that go unnoticed and uncontrolled. Malware attacks targeting a large number of driver- less autonomous vehicles are very attractive for attackers, e.g., to not only steal one vehicle but to steal a whole fleet of vehicles by directing them to a place where they can be easily picked up by the car thieves. Security is hard to realize in autonomous vehicles as the automotive domain is very cost sensitive, especially with ECUs (electronic control units) used throughout a vehicle, and regulations for cyber security are missing up to date. Adding large computational or memory overhead by security mechanisms is problematic in the automotive domain. Obfuscation is a security mechanism that does not come with a large computational or memory overhead. This paper presents CANORa (CAN Obfusca- tion by Randomization), a security mechanism for protection of an integral part of a vehicle, the CAN bus. The CAN bus is of high importance for the security of a vehicle as it links many safety critical ECUs (e.g., ECU for braking) with each other. If an attacker can gain full control of the CAN bus, he can drive the vehicle. Hence, a successful attack on the CAN bus must be considered to be the worst case for automotive security. CANORa has a very small memory and computational footprint. Hence, it can be effi- ciently implemented even on today’s ECUs. The use of CANORa helps to avoid large scale malware attacks on driverless autono- mous vehicles as described above. A prototype implementation of CANORa demonstrates the practical feasibility of this approach.“

Eine Vorabdruck erscheint in Kürze auf Researchgate.

Veröffentlicht in Allgemein.