Talks and Poster Presentations (with Proceedings-Entry):
R. Kammerer, B. Frömel, A. Wasicek:
"Enhancing Security in CAN Systems using a Star Coupling Router";
Talk: 7th IEEE International Symposium on Industrial Embedded Systems (SIES'12),
- 2012-06-22; in: "Proceedings of the 7th IEEE International Symposium on Industrial Embedded Systems (SIES'12)",
Controller Area Network (CAN) is the most widely used protocol in the automotive domain. Bus-based CAN does not provide any security mechanisms to counter manipulations like eavesdropping, fabrication of messages, or denial-of-service attacks. The vulnerabilities in bus-based CAN are alarming, because safety-critical subsystems (e.g., the power train) often deploy a CAN bus, and hence a failure propagation from the security domain to the safety domain can take place. In this paper we propose a star coupling router and a trust model for this router to overcome some of the security deficiencies present in bus-based CAN systems. The CAN router establishes a partitioning of a CAN bus into separate CAN segments and allows to rigorously check the traffic within the CAN system, including the value and time domains. We evaluate the introduced trust model on a prototype implementation of the CAN router by performing attacks that would be successful on classic bus-based CAN, but are detected and contained on router-based CAN. The router can consequently increase the security in automotive applications and render some of the attacks described in the literature (e.g., fuzzying attack) on a car useless. Since the CAN router offers ports that are compatible to standard CAN, the router can be used to increase the security of legacy CAN based systems.
CAN, CAN Router, Security
"Official" electronic version of the publication (accessed through its Digital Object Identifier - DOI)
Electronic version of the publication:
Created from the Publication Database of the Vienna University of Technology.