Vulnerability of FlexRay and Countermeasures

The Controller Area Network (CAN) is the most widely used in-vehicle communication protocol, which still lacks the implementation of suitable security mechanisms such as message authentication and encryption. This makes the CAN bus vulnerable to numerous cyber attacks. Various Intrusion Detection Systems (IDSs) have been developed to detect these attacks. However, the high generalization capabilities of Artificial Intelligence (AI) make AI-based IDS an excellent countermeasure against automotive cyber attacks. This article surveys AI-based in-vehicle IDS over the period of 2016-2022 (August) with a novel taxonomy. It reviews the detection techniques, attack types, features, and benchmark datasets. Furthermore, the paper discusses the security of AI models, necessary steps to develop AI-based IDSs in the CAN bus, identifies the limitations of existing proposals and gives recommendations for future research directions.

show abstract

“…FlexRay is more expensive compared to the CAN network. However, it is more vulnerable to DoS and spoofing attacks [79].…”

Section: In-vehicle Networkmentioning

confidence: 99%

AI-Based Intrusion Detection Systems for In-Vehicle Networks: A Survey

Rajapaksha¹,

Kalutarage

Al-Kadri

et al. 2023

ACM Comput. Surv.

View full text Add to dashboard Cite

show abstract

“…Attack-specific solutions do also exist: for instance, in [14] the authors attempt to address the message flooding attacks over the CAN bus. Flexray security is also a hot research topic, both in terms of security issues and countermeasures [15,16] and in security solutions [17,18], including those relying on cryptographybased services, e.g., authentication [19].…”

Section: Intra-vehicle Communication Bus Securitymentioning

confidence: 99%

A Hybrid-Cryptography Engine for Securing Intra-Vehicle Communications

Tiberti,

Civino,

Gavioli

et al. 2023

Applied Sciences

View full text Add to dashboard Cite

While technological advancements and their deep integration in connected and automated vehicles is a central aspect in the evolving trend of automotive industry, they also depict a growing size attack surface for malicious actors: the latter ones typically aim at exploiting known and unknown security vulnerabilities, with potentially disastrous consequences on the safety of vehicles, people, and infrastructures. In recent years, remarkable efforts have been spent to mitigate security vulnerabilities in intelligent and connected vehicles, in particular in the inside of vehicles, the so-called intra-vehicle networks. Despite those efforts, securing intra-vehicle networks remains a non-trivial task due to their heterogeneous and increasingly complex context. Starting from the above remarks and motivated by the industrial research and innovation project EMERGE, in this paper we report on a novel cryptographic hardware-software solution that we have designed and developed for securing the intra-vehicle network of intelligent connected vehicles: the Crypto-Engine. The Crypto-Engine relies on a lightweight hybrid-key cryptographic scheme to provide confidentiality and authentication without compromising the normal communication performance. We tested the Crypto-Engine and demonstrated that, once configured according to application-defined performance requirements, it can authenticate parties and secure the communications with a negligible overhead.

show abstract

“…Various attacks that can be mounted against this protocol were explained by Shrestha and Kim [19]. Spoofing attacks against this protocol were experimented with by Kishikawa et al [81]. Similarly, various types of attacks on this protocol were explained by Nilsson et al [26].…”

Section: Security Issues and Countermeasures For Flexray 431 Security...mentioning

confidence: 99%

Security Issues with In-Vehicle Networks, and Enhanced Countermeasures Based on Blockchain

2021

View full text Add to dashboard Cite

Modern vehicles are no longer simply mechanical devices. Connectivity between the vehicular network and the outside world has widened the security holes that hackers can use to exploit a vehicular network. Controller Area Network (CAN), FlexRay, and automotive Ethernet are popular protocols for in-vehicle networks (IVNs) and will stay in the industry for many more years. However, these protocols were not designed with security in mind. They have several vulnerabilities, such as lack of message authentication, lack of message encryption, and an ID-based arbitration mechanism for contention resolution. Adversaries can use these vulnerabilities to launch sophisticated attacks that may lead to loss of life and damage to property. Thus, the security of the vehicles should be handled carefully. In this paper, we investigate the security vulnerabilities with in-vehicle network protocols such as CAN, automotive Ethernet, and FlexRay. A comprehensive survey on security attacks launched against in-vehicle networks is presented along with countermeasures adopted by various researchers. Various algorithms have been proposed in the past for intrusion detection in IVNs. However, those approaches have several limitations that need special attention from the research community. Blockchain is a good approach to solving the existing security issues in IVNs, and we suggest a way to improve IVN security based on a hybrid blockchain.

show abstract

Vulnerability of FlexRay and Countermeasures

Cited by 6 publications

References 0 publications

AI-Based Intrusion Detection Systems for In-Vehicle Networks: A Survey

AI-Based Intrusion Detection Systems for In-Vehicle Networks: A Survey

A Hybrid-Cryptography Engine for Securing Intra-Vehicle Communications

Security Issues with In-Vehicle Networks, and Enhanced Countermeasures Based on Blockchain

Contact Info

Product

Resources

About