Feasible Car Cyber

Protection

Gil Litichever

CEO, Arilou

About Arilou

A team of cyber security experts experienced in

Embedded cyber security

Mission critical systems

Attack and protect perspectives

Dedicated high end security systems

Security integration into existing systems

The modern car

Sophisticated and computerized

Decentralized electronic system

Usually consists of dozens of computers (ECUs – electronic

control units) and sensors

New functionalities – hundreds MBs of code

Connected by one or more network segments

Autonomous cars

The modern car

CAN bus protocol

A protocol from the 80’s

Very simple

Not secured in any manner

Priority according to ID

Who is the sender?

Known attacks

Disable an automotive using the internet

Attack using wireless tire pressure sensors

Attack using On-Star

Attack using the infotainment system – gain control over

the vehicle

Attack motivation

Access to the automotive internal communication network

Public safety

Car theft

Personal data theft

Extortion

Damaging competitors’ business and reputation

Chip tuning

…

Infotainment Hack

internet

Hacking a system

Protection overview

• HSM

Evita

• Encryption schemes

• Intrusion detection system - IDS

Battelle, SWRI

CAN bus firewall

A rule based CAN bus Firewall

Whitelist

Rate limit

Architecture

As general rule does not require redesign of ECU’s software or

vehicle’s network

Connected Car – V2X

• Inherent communication interface with other vehicles and

infrastructure

Wireless Access in Vehicular Environments - WAVE

Based on 802.11p (Wi-Fi) and IEEE 1609

• Two layers of protection:

Protect the medium (part of IEEE 1609)

Protect the vehicle from “legal” messages

Propagating virus

IEEE 1609

• IEEE 1609 – standards for a communication – the high

communication layer of WAVE

1609.1 -Resource Management

1609.2 -Security Services for Applications and Management

Messages

1609.3 -Networking Services

1609.4 -Multi-channel Operation

V2X medium protection

• Covered by 1609

Based on encryption and authentication using certificates

• Incomplete – still there are problems:

Anyone can communicate with the vehicle, how do we know

it is really the vehicle in front of us

Hacking the infrastructure

Propagating virus – hostile vehicle

Vehicle protection from V2X

• Not in the standard

• V2X as a medium for generic non legal messages

• Damage from “legal” messages

Example: A vehicle following another vehicle

When manual override is too late

Questions?