Home // VEHICULAR 2017, The Sixth International Conference on Advances in Vehicular Systems, Technologies and Applications // View article

Security Hardening with Plausibility Checks for Automotive ECUs

Authors:
Jürgen Dürrwang
Marcel Rumez
Johannes Braun
Reiner Kriesten

Keywords: Automotive Safety and Security; Vehicular Attacks; Plausibility Checks

Abstract:
The automotive industry relies increasingly on computer technology in their cars, which malicious attackers can exploit. Latest published attacks have further shown an increased attack surface by adding wireless interfaces to vehicle on-board systems. Most of these attacks are based on spoofing or sending tampered bus messages, which we were able to reproduce over the last years as well. We found additional vulnerabilities with the same attack vector in cars of international Original Equipment Manufacturers (OEMs). The discovered vulnerabilities can be dangerous to life while the driver doesn’t have any possibilities to prevent them. Based on this knowledge we developed an approach to prevent such attacks on Electronic Control Unit (ECU)-level. In this publication, we introduce a new type of countermeasure to reduce the attack surface of vehicles with less or no overhead. Therefore, we concentrate on plausibility checks in a new way, by employing hard-wired signals to determine the operational state of the car. As a result, we are hardening the security against attacks on legitimate functions.

Pages: 38 to 41

Copyright: Copyright (c) IARIA, 2017

Publication date: July 23, 2017

Published in: conference

ISSN: 2327-2058

ISBN: 978-1-61208-573-9

Location: Nice, France

Dates: from July 23, 2017 to July 27, 2017