Automotive Electronics - Internals and Security Implications
3 likes1,657 views
Automotive electronics have become increasingly complex, with around 40 computers controlling various systems in modern vehicles. Networks like CAN, LIN, and FlexRay connect electronic control units (ECUs) to control things like the engine, brakes, entertainment systems and more. However, the widespread use of wireless technologies and lack of strong security measures leave these systems vulnerable to attacks. Researchers have demonstrated exploits like manipulating the braking system or engine via the CAN bus. Automakers need to implement better security practices like encryption, authentication and isolating critical networks to prevent potential harm from attacks on in-vehicle networks.
![1
Security Challenges in CAN
● No security i.e. encryption/decryption defined
● Broadcast nature
● No node authentication
● Limited defense to denial of service attacks
● Re-programing and reset (C/R based auth)
● Open diagnostic control
[1] Experimental Security Analysis of a Modern Automobile, Koscher et al. IEEE Security and Privacy '10
25](https://image.slidesharecdn.com/automotivesecurity-retreattalk-110205131126-phpapp01/85/Automotive-Electronics-Internals-and-Security-Implications-25-320.jpg)
![1
Security Analysis Setup
CarShark
[1] Experimental Security Analysis of a Modern Automobile, Koscher et al. IEEE Security and Privacy '10
26](https://image.slidesharecdn.com/automotivesecurity-retreattalk-110205131126-phpapp01/85/Automotive-Electronics-Internals-and-Security-Implications-26-320.jpg)
![1
Security Analysis
● Deviations from standards
– Network segregation, command filtering, firmware
updates
● Radio, cluster, body electronics control
● Engine and brake control
● Code injection
[1] Experimental Security Analysis of a Modern Automobile, Koscher et al. IEEE Security and Privacy '10
27](https://image.slidesharecdn.com/automotivesecurity-retreattalk-110205131126-phpapp01/85/Automotive-Electronics-Internals-and-Security-Implications-27-320.jpg)
![1
Security Analysis
[1] Experimental Security Analysis of a Modern Automobile, Koscher et al. IEEE Security and Privacy '10
28](https://image.slidesharecdn.com/automotivesecurity-retreattalk-110205131126-phpapp01/85/Automotive-Electronics-Internals-and-Security-Implications-28-320.jpg)
![1
Security Analysis
[1] Experimental Security Analysis of a Modern Automobile, Koscher et al. IEEE Security and Privacy '10
29](https://image.slidesharecdn.com/automotivesecurity-retreattalk-110205131126-phpapp01/85/Automotive-Electronics-Internals-and-Security-Implications-29-320.jpg)
Automotive Electronics - Internals and Security Implications
- 1. Automotive Electronics Internals and Security Implications Aanjhan Ranganathan
- 2. Some Facts ● Radio was the first electronic system ● Today, ~40 computers power your car. ● ~20 million lines of code. ● About 10 Km of wiring exists in a modern auto- mobile ● And weighs ~100 Kg 2
- 3. Drive-by Code Car multimedia Dynamic stability control Auto-transmission control Instrument cluster Airbag control Engine management Anti-lock breaking system Tyre pressure monitor Diagnostics Body sensors/electronics 3
- 4. ECU Module 4
- 5. Network Bus Protocols ● Controller Area Network (CAN) ● Local Interconnect Network (LIN) ● FlexRay ● Media Oriented Systems Transport (MOST) 5
- 6. Networking in an Auto ABS CM DIA EM Dash Board DS IC BE Air 6
- 7. Networking in an Auto EM ABS CM DIA Dash High Speed Network Low Speed Network Board DS Air IC BE 7
- 8. Car ECUs going wireless? EM ABS CM DIA Dash Board DS Air IC BE 8
- 9. * Tyre Pressure Monitoring System 315 or 433 MHz ASK or FSK Dash Board * Security and Privacy Vulnerabilities of In-Car Wireless Networks: A Tire Pressure Monitoring System Case Study, Rouf et al. Usenix Security 2010. 9
- 10. * Security Analysis of TPMS ● Difficulty of reverse engineering – Using GNU Radio, Matlab, USRP – Few days (experienced engineer) to few weeks (newbie) ● Sniffing feasibility – 40 m range – 110 sniffers if the car is travelling at 60 Kmph – Easier to trigger at 125 Khz ● Spoofing feasibility – Ability to trigger the TPMS monitor light – No packet authentication ● Security measures – Reliable software design – Encrypting the whole packet * Security and Privacy Vulnerabilities of In-Car Wireless Networks: A Tire Pressure Monitoring System Case Study, Rouf et al. Usenix Security 2010. 10
- 11. Controller Area Network ● Developed by Bosch ● 2-wire serial bus ● No limitations on the #nodes ● Message oriented protocol, no node addressing ● Broadcast and multicast support ● Physical and data link layer ● Speed upto 1 Mbps 11
- 12. CAN Bus Characteristics ● Wired-AND – “0” is dominant bit – “1” is recessive bit ● All nodes read-back the data on the bus once they have transmitted a bit. Specifically during the arbitration phase. 12
- 13. CAN – CSMA with CD/CR Arb Data X A 1 0 0 ... B 1 1 1 1 ... C 1 0 1 1 0 ... time 13
- 14. CAN – Error Handling ● Error Handling ● Fault confinement ● High speed and low speed nodes 14
- 15. FlexRay ● Time based scheduling (TDMA) ● Deterministic behaviour ● 2 channels ● 10 Mbps on each channel => 20 Mbps ● Complex protocol stack ● Supports multiple network topology ● Not YET in use widely 15
- 16. Local Interconnect Network (LIN) ● Slow (<20 Kbps) and used for less critical ECUs ● UART/SCI based ● Master – slave ● Less expensive than CAN controllers ● 1-wire, reduced harness complexity 16
- 17. Media Oriented System Transport (MOST) ● Physical layer – Mostly optical fibres ● Upto 24 Mbps ● Ring, star, daisy chain topologies possible ● Audio, video streaming applications 17
- 18. Car Multimedia ● No longer just radio ● Navigation, phone handling, video, audio, interactive vehicle status updates and a lot more 18
- 19. Car Multimedia (contd..) 19
- 20. In Summary 20
- 21. Diagnostics ● Identifying faults ● OBD II (On-Board Diagnostics v2.0 is the current standard) ● Over CAN ● Simple OBD-II scanners to high-end OBD-II diagnostic tools 21
- 22. OBD II Systems 22
- 23. Other Interfaces to OBDII 23
- 24. Mobile Applications DevToaster Torque 24
- 25. 1 Security Challenges in CAN ● No security i.e. encryption/decryption defined ● Broadcast nature ● No node authentication ● Limited defense to denial of service attacks ● Re-programing and reset (C/R based auth) ● Open diagnostic control [1] Experimental Security Analysis of a Modern Automobile, Koscher et al. IEEE Security and Privacy '10 25
- 26. 1 Security Analysis Setup CarShark [1] Experimental Security Analysis of a Modern Automobile, Koscher et al. IEEE Security and Privacy '10 26
- 27. 1 Security Analysis ● Deviations from standards – Network segregation, command filtering, firmware updates ● Radio, cluster, body electronics control ● Engine and brake control ● Code injection [1] Experimental Security Analysis of a Modern Automobile, Koscher et al. IEEE Security and Privacy '10 27
- 28. 1 Security Analysis [1] Experimental Security Analysis of a Modern Automobile, Koscher et al. IEEE Security and Privacy '10 28
- 29. 1 Security Analysis [1] Experimental Security Analysis of a Modern Automobile, Koscher et al. IEEE Security and Privacy '10 29
- 30. Manufacturer's Point of View “While we sincerely respect the opinions of the researchers, we also strongly believe their study makes conclusions which are based on limited knowledge, and in some cases, are incorrect.” Schader Electronics "The car described in the US paper certainly was not one of ours. We definitely use better than 16 bit encryption schemes." BMW "This gives any attacker an advantage and raises the need for a solution which can uphold its level of security for such a long period while new attacks are being developed" Secunet AG "This problem lies within the responsibility of the OEMs" Autosar 30
- 31. Conclusion ● Moore's law shall be applicable to automobiles. ● Not many care for privacy/vehicle tracking. Not necessary to be so sophisticated for this. ● Security is a concern. Especially when it comes to losing your car/wallet. ● Considerable change in infrastructure required. ● Security issues bound to increase with increasing electronics and code. 31
- 32. Thank You 32