Security on in-vehicle communication protocols: Issues, challenges, and future research directions

Martínez-Cruz, Alfonso; Ramírez-Gutiérrez, Kelsey A.; Feregrino-Uribe, Claudia; Morales-Reyes, Alicia

doi:10.1016/j.comcom.2021.08.027

Cited by 35 publications

(6 citation statements)

References 35 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Frequency-based attacks generally aim to compromise the operation of the entire bus, effectively causing it to stop functioning. The most obvious type of frequency-based attack is DoS (denial of service) [12]. This technique consists in sending messages with the highest priority and zero content in rapid succession.…”

Section: Main Cyberattack Techniquesmentioning

confidence: 99%

Automotive Cybersecurity Application Based on CARDIAN

Santonicola,

Adinolfi,

Coppola

et al. 2023

Future Internet

View full text Add to dashboard Cite

Nowadays, a vehicle can contain from 20 to 100 ECUs, which are responsible for ordering, controlling and monitoring all the components of the vehicle itself. Each of these units can also send and receive information to other units on the network or externally. For most vehicles, the controller area network (CAN) is the main communication protocol and system used to build their internal network. Technological development, the growing integration of devices and the numerous advances in the field of connectivity have allowed the vehicle to become connected, and the flow of information exchanged between the various ECUs (electronic control units) becomes increasingly important and varied. Furthermore, the vehicle itself is capable of exchanging information with other vehicles, with the surrounding environment and with the Internet. As shown by the CARDIAN project, this type of innovation allows the user an increasingly safe and varied driving experience, but at the same time, it introduces a series of vulnerabilities and dangers due to the connection itself. The job of making the vehicle safe therefore becomes critical. In recent years, it has been demonstrated in multiple ways how easy it is to compromise the safety of a vehicle and its passengers by injecting malicious messages into the CAN network present inside the vehicle itself. The purpose of this article is the construction of a system that, integrated within the vehicle network, is able to effectively recognize any type of intrusion and tampering.

show abstract

Section: Main Cyberattack Techniquesmentioning

confidence: 99%

Automotive Cybersecurity Application Based on CARDIAN

Santonicola,

Adinolfi,

Coppola

et al. 2023

Future Internet

View full text Add to dashboard Cite

show abstract

“…Usually, the master LIN nodes are connected to the CAN bus [16]. An attacker can reach the LIN bus through the CAN On-Board Diagnostic (OBD) port mounted in a vehicle cabin, using recent hacking techniques [15], [17].…”

Section: Lin Attack Vector Analysismentioning

confidence: 99%

“…Despite being of age, the LIN protocol is being spread in automotive applications following a positive trend of growth: starting from 200 million nodes in 2010 to reaching 700 million in 2020. Despite several studies confirming critical vulnerabilities associated with this protocol, [14]- [17], the research community has been scarcely active in proposing efficient countermeasures.…”

Section: Introductionmentioning

confidence: 99%

LIN-MM: Multiplexed Message Authentication Code for Local Interconnect Network message authentication in road vehicles

Oberti¹,

Sánchez²,

Savino³

et al. 2022

Preprint

View full text Add to dashboard Cite

The automotive market is profitable for cyberattacks with the constant shift toward interconnected vehicles. Electronic Control Units (ECUs) installed on cars often operate in a critical and hostile environment. Hence, both carmakers and governments have supported initiatives to mitigate risks and threats belonging to the automotive domain. The Local Interconnect Network (LIN) is one of the most used communication protocols in the automotive field. Today's LIN buses have just a few light security mechanisms to assure integrity through Message Authentication Codes (MAC). However, several limitations with strong constraints make applying those techniques to LIN networks challenging, leaving several vehicles still unprotected. This paper presents LIN Multiplexed MAC (LIN-MM), a new approach for exploiting signal modulation to multiplex MAC data with standard LIN communication. LIN-MM allows for transmitting MAC payloads, maintaining full-back compatibility with all versions of the standard LIN protocol.

show abstract

“…The motivation for this work is given as “How to design a mutual authentication protocol for the autonomous devices in the edge network?” [ 5 , 6 , 7 , 8 ]. Considering the independence feature of the autonomous devices for mutual authentication, they must not be restricted to a particular area network after the registration phase [ 9 , 10 ].…”

Section: Introductionmentioning

confidence: 99%

Autonomous Mutual Authentication Protocol in the Edge Networks

Sheu

Pardeshi

Chen

2022

Sensors

View full text Add to dashboard Cite

A distinct security protocol is necessary for the exponential growth in intelligent edge devices. In particular, the autonomous devices need to address significant security concern to function smoothly in the high market demand. Nevertheless, exponential increase in the connected devices has made cloud networks more complex and suffer from information processing delay. Therefore, the goal of this work is to design a novel server-less mutual authentication protocol for the edge networks. The aim is to demonstrate an autonomous mutual authentication amongst the connected smart devices within the edge networks. The solution addresses applications of autonomous cars, smart things, and Internet of Things (IoT) devices in the edge or wireless sensor networks (WSN), etc. In this paper, the design proposes use of a public-key system, octet-based balanced-tree transitions, challenge–response mechanism, device unique ID (UID), pseudo-random number generator (PRNG), time-stamps, and event specific session keys. Ultimately, server-less design requires less infrastructure and avoids several types of network-based communication attacks, e.g., impersonating, Man in the middle (MITM), IoT-DDOS, etc. Additionally, the system overhead is eliminated by no secret key requirements. The results provide sufficient evidence about the protocol market competitiveness and demonstrate better benchmark comparison results.

show abstract

Security on in-vehicle communication protocols: Issues, challenges, and future research directions

Cited by 35 publications

References 35 publications

Automotive Cybersecurity Application Based on CARDIAN

Automotive Cybersecurity Application Based on CARDIAN

LIN-MM: Multiplexed Message Authentication Code for Local Interconnect Network message authentication in road vehicles

Autonomous Mutual Authentication Protocol in the Edge Networks

Contact Info

Product

Resources

About