[ main page ] [ back ]

47/2012 : Enhancing Security in CAN Systems using a Star Coupling Router

RR Number
47/2012
Conference
7th IEEE International Symposium on Industrial Embedded Systems (SIES'12)
Author(s)
Roland Kammerer, Bernhard Frömel, Armin Wasicek
Abstract
Controller Area Network (CAN) is the most widely used protocol in the automotive domain. Bus-based CAN does not provide any security mechanisms to counter manipulations like eavesdropping, fabrication of messages, or denial–of–service attacks. The vulnerabilities in bus–based CAN are alarming, because safety–critical subsystems (e.g., the power train) often deploy a CAN bus, and hence a failure propagation from the security domain to the safety domain can take place. In this paper we propose a star coupling router and a trust model for this router to overcome some of the security deficiencies present in bus–based CAN systems. The CAN router establishes a partitioning of a CAN bus into separate CAN segments and allows to rigorously check the traffic within the CAN system, including the value and time domains. We evaluate the introduced trust model on a prototype implementation of the CAN router by performing attacks that would be successful on classic bus–based CAN, but are detected and contained on router–based CAN. The router can consequently increase the security in automotive applications and render some of the attacks described in the literature (e.g., fuzzying attack) on a car useless. Since the CAN router offers ports that are compatible to standard CAN, the router can be used to increase the security of legacy CAN based systems.
Bibtex
@article{ kammerer:2012-47,
  author =       "Roland Kammerer and Bernhard Frömel and Armin Wasicek",
  title =        "Enhancing Security in CAN Systems using a Star Coupling Router",
  journal =      "7th IEEE International Symposium on Industrial Embedded Systems (SIES'12) ",
  year =         "2012",
  month =        "Jun."
}
Download
Get canrouter_security.pdf - Adobe PDF-format, (425.8682 KB; posted at July 09 2013)

[ main page ] [ back ]