Difference between revisions of "Projects:2020s1-1290 Car Hacking"
(→Interoperability and mapping of the CAN and FlexRay protocol) |
(→Interoperability and mapping of the CAN and FlexRay protocol) |
||
| Line 35: | Line 35: | ||
From the simulation and investigation of a FlexRay-CAN gateway, it was found that the vulnerabilities of one network can be used to exploit the other. Gateways are designed to be fast and lightweight, with messages sent across the gateway with minimal latency. Furthermore, the simulation can be used for planning future network designs and the gateway design can be used to further investigate CAN and FlexRay vulnerabilities and vulnerabilities that result from connecting CAN and FlexRay networks. | From the simulation and investigation of a FlexRay-CAN gateway, it was found that the vulnerabilities of one network can be used to exploit the other. Gateways are designed to be fast and lightweight, with messages sent across the gateway with minimal latency. Furthermore, the simulation can be used for planning future network designs and the gateway design can be used to further investigate CAN and FlexRay vulnerabilities and vulnerabilities that result from connecting CAN and FlexRay networks. | ||
| − | [[File:CAN-FlexRay.gif |thumb| 400px | + | |
| − | [[File:FlexRay-CAN.gif|thumb| 400px | + | {| class="wikitable" |
| + | |- | ||
| + | | [[File:CAN-FlexRay.gif |thumb| 400px| A simulation demonstrating CAN packets sent to a FlexRay network]] || [[File:FlexRay-CAN.gif|thumb| 400px | A simulation demonstrating FlexRay packets sent to a CAN network]] | ||
| + | |} | ||
| + | |||
<br><br><br><br><br><br><br><br><br><br> | <br><br><br><br><br><br><br><br><br><br> | ||
Revision as of 14:06, 18 October 2020
Contents
Abstract
Numerous systems that utilise a shared bus architecture have not been designed with security in mind. Consequently, security is either an afterthought or the system has minimal security features implemented. Three examples of shared bus protocols that were created with minimal security considerations are CAN, FlexRay, and USB. The CAN bus and the FlexRay bus are both vehicle bus standards that enable electronic control units to communicate with each other. Meanwhile, the USB is a standard that allows connection, communication, and power supply between computers, peripherals, and other computers. The security of systems that implement these protocols can be critical for the protection of sensitive data, property, and the safety of individuals.
Introduction
The aim of this project is to investigate shared bus protocols and their vulnerabilities to nondestructive attacks. In order to achieve this, the project will focus on aspects of three different protocols. Adam Watts will focus on how the security of CAN-based communication in vehicles could be improved, Alexis Jennings will create a FlexRay and CAN gateway, and Robbie will investigate an aspect of USB security. It has been shown in several previous studies that CAN-based communication is vulnerable to numerous attacks, thus improving the security of CAN-based communication is vital to improving the security of the vehicle. Similarly, a FlexRay and CAN gateway will be developed to allow an investigation into the vulnerabilities of connecting several bus systems that follow different protocols together. In addition, this project will explore the USB protocol and attempt to demonstrate input injection on behalf of another connected USB device. Although none of these protocols prioritise security, severe consequences could occur if attacked by an adversary.
Background
What is CAN?
CAN (Controller Area Network) is the most widely used communication protocol used in vehicles between ECUs (Electronic Control Units). An ECU can send messages to another ECU over the CAN bus. The data sent over the CAN bus is broadcast to all other ECUs in the network, and the ECU can determine whether it would like to process the message or ignore it. Benefits of the CAN protocol include it is robust, efficient, fully centralised and simple and low cost.
What is FlexRay?
To continue to improve safety, increase performance, reduce environmental impact and increase the comfort of the vehicle, the reliability and volume of data must increase between the vehicle’s ECUs. The FlexRay protocol can meet these requirements. FlexRay can also meet the error tolerance and time-determinism requirements for X-by-wire systems. X-by-wire refers to the replacement of mechanical systems with electronic ones. These replaced systems can include braking and steering.
What is USB injection?
Project Aims and Method
Aim 1
One stream of the project aims to investigate the interoperability and mapping of the CAN and FlexRay protocols. This includes studying the use of FlexRay-CAN gateways in vehicles. The gateway allows FlexRay messages to be sent across a CAN network and vice versa. This research will allow the vulnerabilities of FlexRay-CAN gateways to be investigated.
Initially, a simulation was designed to investigate the timings of a FlexRay network connected to a CAN network. A FlexRay Evaluation Board that is capable of acting as a FlexRay-CAN gateway was also studied.
Aim 2
Aim 3
Outcomes
Interoperability and mapping of the CAN and FlexRay protocol
From the simulation and investigation of a FlexRay-CAN gateway, it was found that the vulnerabilities of one network can be used to exploit the other. Gateways are designed to be fast and lightweight, with messages sent across the gateway with minimal latency. Furthermore, the simulation can be used for planning future network designs and the gateway design can be used to further investigate CAN and FlexRay vulnerabilities and vulnerabilities that result from connecting CAN and FlexRay networks.
CANflex
USB exploit successful
Conclusion
With widespread reliance on CAN and USB, rolling out effective vulnerability countermeasures to all existing instances is infeasible. However, vulnerabilities and practices explored in our research are worth taking into consideration in the design of critical systems that may need to depend on these technologies.
References
Project Team:
Student Researchers:
Alexis Jennings
Robert Dumitru
Adam Watts
Supervisors:
Dr. Matthew Sorell
Yuval Yarom
Aaron Frishling (DSTG)
Bradley Cooney (DSTG)
Daniel Coscia (DSTG)
