Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network and security trends in connected cars

Published byLucie Havlová Modified over 5 years ago

Similar presentations

Presentation on theme: "Network and security trends in connected cars"— Presentation transcript:

1 Network and security trends in connected cars
Alexios Lekidis

2 Why automotive security is challenging?
Related to safety Complexity of in-vehicle networks

3 Overview of in-vehicle architectures
Threat landscape Suggested security mechanisms

4 Overview of in-vehicle architectures
Threat landscape Suggested security mechanisms

5 Automotive architecture
Consists of different data networks: Legacy systems where new technologies are take many years to replace old ones Low cost technologies with multiple resource-constraints Changing a simple component requires possible changes and testing of the entire system

6 Entering the in-vehicle network
central gateway GPS interface Diagnostic interface USB interface GSM/GPRS interface Bluetooth interface DSRC interface CAN MOST protocol FlexRay LIN Engine control Steering control Instrument cluster Head Unit Audio Video Transmission control Air Bag control Climate control Navigation Power train sensors Breaking system Door locking Telephone

7 In-vehicle protocol usage
Abbreviation Description CAN Controller Area Network Inexpensive low-speed serial bus CAN FD With Flexible Data Rate Extension to CAN FlexRay N/A General purpose high speed protocol with safety-critical features LIN Local Interconnect Network Low cost in-vehicle sub-network MOST Media Oriented Systems Transport High speed multimedia interface Automotive Ethernet Ongoing development for infotainment and active safety

8 Background on Controller Area Network (CAN)
Serial communication protocol Multi master message model Any node receives/transmits messages No addressing  use of ID CSMA/CA Priority determined by ID (low ID = high prio) Messages are sent/received: Periodically On request Also used in trucks, ships, railway systems, elevators, …

9 Overview of in-vehicle architectures
Threat landscape Suggested security mechanisms

10 Attack surfaces OBDII Tire Pressure Monitoring Head Sensor Keyless
Unit Keyless entry Medium observation in broadcasted messages Direct access Central Gateway Telematics Control Unit Short-range access Long-range access

11 Attack scenario OBDII Sniff the telematics system IP address
Random generator of Bluetooth PIN / WiFi WPA password Brake Control Unit Central Gateway Telematics Control Unit Head Unit

12 Move to safety Bus from telematics system
OBDII Move to safety Bus from telematics system Brake Control Unit Central Gateway Telematics Control Unit Head Unit

13 Disengage brakes or kill engine
OBDII Disengage brakes or kill engine Brake Control Unit Central Gateway Telematics Control Unit Head Unit

14 Overview of in-vehicle architectures
Threat landscape Suggested security mechanisms

15 Categories of security mechanisms
Physical Security tampering protection mechanisms and tamper proof devices Digital signatures and Certificates Firewall Gateway Honeypot Software security Intrusion detection systems Intrusion prevention systems

16 Digital signatures and Certificates
Pros: - Widely adopted as it provides a fast design/implementation security solution Cons: 1) Performance requirements can only be met when dedicated hardware is provided Accelerates the algorithmic execution 2) Infected ECUs can still send valid compromised messages

17 Firewall Based on the definition of CAN in Automation (CiA) 447 profile Pros: 1) Verification of message validity 2) Whitelist IP rules Cons: 1) Frequent rule update required Security update on the cars are not frequent 2) Bypassed by impersonation of legitimate ECU attacks

18 Intrusion detection/prevention systems (IDS/IPS)
Monitoring V2X and in-vehicle activity and detection of suspicious and anomalous behavior Flow of data exchange Deep data inspection and analysis Can operate in the level of: Host application Communication network Pros: - Protection against zero-day attacks - Frequent update Cons: - Requires to learn the normal system behavior to detect anomalies Hybrid approach Signatures Behavior Normal network data parsed by IDS Abnormal network data parsed by IDS Alerts/logs

19 Vehicle cybersecurity in a glance
Traffic encryption Firewall protection Anomaly detection (i.e. IDS) Misuse/threat distinction Incident response Vehicle cybersecurity in a glance

20 Reaction upon attack detection
Turning the car into “limb” mode Partial networking functionality Main ECUs functioning with lower performance Car can be restored when any malicious activity is prevented Indications to the manufacturer Alarms to the driver?

21 Security research in automotive systems
APPSTACLE: open standard APplication Platform for carS and TrAnsportation vehiCLEs Goals: open and secure cloud platform interconnecting a wide range of vehicles to the cloud via open in-car and Internet connection supported by an integrated open source software development ecosystem ForeScout IDS systems for end-to-end security in automotive environments Detection of known and unknown in-vehicle threats Support of different in-vehicle networks

Download ppt "Network and security trends in connected cars"

Similar presentations

Intrusion Detection Systems (I) CS 6262 Fall 02. Definitions Intrusion Intrusion A set of actions aimed to compromise the security goals, namely A set.

Intrusion Detection Systems (I) CS 6262 Fall 02. Definitions Intrusion Intrusion A set of actions aimed to compromise the security goals, namely A set.
The Fully Networked Car Geneva, 3-4 March 2010 Security risk analysis approach for on-board vehicle networks 1 Alastair Ruddle Consultant, MIRA Limited.

The Fully Networked Car Geneva, 3-4 March 2010 Security risk analysis approach for on-board vehicle networks 1 Alastair Ruddle Consultant, MIRA Limited.
Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.

Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.
Chapter 19: Computer and Network Security Techniques Business Data Communications, 6e.

Chapter 19: Computer and Network Security Techniques Business Data Communications, 6e.
1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.

5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
Department Of Computer Engineering

Department Of Computer Engineering
1 Computer Networks Course: CIS 3003 Fundamental of Information Technology.

1 Computer Networks Course: CIS 3003 Fundamental of Information Technology.
Chapter 1: Overview Lecturer: Alias Mohd Telecommunications Department Faculty of Electrical Engineering UTM SET 4573: Data Communication and Switching.

Chapter 1: Overview Lecturer: Alias Mohd Telecommunications Department Faculty of Electrical Engineering UTM SET 4573: Data Communication and Switching.
Michael Westra, CISSP June 2012 2012 BSides Detroit Security Presentation: Vehicle Hacking “If you think technology can solve your security problems, then.

Michael Westra, CISSP June BSides Detroit Security Presentation: Vehicle Hacking “If you think technology can solve your security problems, then.
Common Devices Used In Computer Networks

Common Devices Used In Computer Networks
Version 4.0. Objectives Describe how networks impact our daily lives. Describe the role of data networking in the human network. Identify the key components.

Version 4.0. Objectives Describe how networks impact our daily lives. Describe the role of data networking in the human network. Identify the key components.
Chapter 6 of the Executive Guide manual Technology.

Chapter 6 of the Executive Guide manual Technology.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.

11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
CSCI 530 Lab Intrusion Detection Systems IDS. A collection of techniques and methodologies used to monitor suspicious activities both at the network and.

CSCI 530 Lab Intrusion Detection Systems IDS. A collection of techniques and methodologies used to monitor suspicious activities both at the network and.
2 nd Annual review Florence 15 th November 2013 Railway security demonstrator.

2 nd Annual review Florence 15 th November 2013 Railway security demonstrator.

Similar presentations

Ads by Google