Projects:2020s1-1290 Car Hacking

From Projects
Revision as of 01:48, 17 October 2020 by A1703495 (talk | contribs)
Jump to: navigation, search

Abstract

Numerous systems that utilise a shared bus architecture have not been designed with security in mind. Consequently, security is either an afterthought or the system has minimal security features implemented. Three examples of shared bus protocols that were created with minimal security considerations are CAN, FlexRay, and USB. The CAN bus and the FlexRay bus are both vehicle bus standards that enable electronic control units to communicate with each other. Meanwhile, the USB is a standard that allows connection, communication, and power supply between computers, peripherals, and other computers. The security of systems that implement these protocols can be critical for the protection of sensitive data, property, and the safety of individuals.

Introduction

The aim of this project is to investigate shared bus protocols and their vulnerabilities to nondestructive attacks. In order to achieve this, the project will focus on aspects of three different protocols. Adam Watts will focus on how the security of CAN-based communication in vehicles could be improved, Alexis Jennings will create a FlexRay and CAN gateway, and Robbie will investigate an aspect of USB security. It has been shown in several previous studies that CAN-based communication is vulnerable to numerous attacks, thus improving the security of CAN-based communication is vital to improving the security of the vehicle. Similarly, a FlexRay and CAN gateway will be developed to allow an investigation into the vulnerabilities of connecting several bus systems that follow different protocols together. In addition, this project will explore the USB protocol and attempt to demonstrate input injection on behalf of another connected USB device. Although none of these protocols prioritise security, severe consequences could occur if attacked by an adversary.

Background

What is CAN?

CAN (Controller Area Network) is the most widely used communication protocol used in vehicles between ECUs (Electronic Control Units). An ECU can send messages to another ECU over the CAN bus. The data sent over the CAN bus is broadcast to all other ECUs in the network, and the ECU can determine whether it would like to process the message or ignore it. Benefits of the CAN protocol include it is robust, efficient, fully centralised and simple and low cost.

What is FlexRay?

To continue to improve safety, increase performance, reduce environmental impact and increase the comfort of the vehicle, the reliability and volume of data must increase between the vehicle’s ECUs. The FlexRay protocol can meet these requirements. FlexRay can also meet the error tolerance and time-determinism requirements for X-by-wire systems.

What is USB injection?

Motivations

Project Aims and Method

The project can be divided into three aims:

Aim 1

Aim 2

Aim 3

Outcomes

Interoperability and mapping of the CAN and FlexRay protocol

CANflex

USB exploit successful

Conclusion

With widespread reliance on CAN and USB, rolling out effective vulnerability countermeasures to all existing instances is infeasible. However, vulnerabilities and practices explored in our research are worth taking into consideration in the design of critical systems that may need to depend on these technologies.


References

Project Team:

Student Researchers:

Alexis Jennings
Robert Dumitru
Adam Watts

Supervisors:

Dr. Matthew Sorell
Yuval Yarom
Aaron Frishling (DSTG)
Bradley Cooney (DSTG)
Daniel Coscia (DSTG)