A Practical Wireless Attack on the Connected Car and Security Protocol for In-Vehicle CAN

Samuel Woo, Hyo Jin Jo, Dong Hoon Lee

Research output: Contribution to journalArticle

158 Citations (Scopus)

Abstract

Vehicle-IT convergence technology is a rapidly rising paradigm of modern vehicles, in which an electronic control unit (ECU) is used to control the vehicle electrical systems, and the controller area network (CAN), an in-vehicle network, is commonly used to construct an efficient network of ECUs. Unfortunately, security issues have not been treated properly in CAN, although CAN control messages could be life-critical. With the appearance of the connected car environment, in-vehicle networks (e.g., CAN) are now connected to external networks (e.g., 3G/4G mobile networks), enabling an adversary to perform a long-range wireless attack using CAN vulnerabilities. In this paper we show that a long-range wireless attack is physically possible using a real vehicle and malicious smartphone application in a connected car environment. We also propose a security protocol for CAN as a countermeasure designed in accordance with current CAN specifications. We evaluate the feasibility of the proposed security protocol using CANoe software and a DSP-F28335 microcontroller. Our results show that the proposed security protocol is more efficient than existing security protocols with respect to authentication delay and communication load.

Original languageEnglish
Article number6894181
Pages (from-to)993-1006
Number of pages14
JournalIEEE Transactions on Intelligent Transportation Systems
Volume16
Issue number2
DOIs
Publication statusPublished - 2015 Apr 1

Keywords

  • Connected car
  • controller area network (CAN)
  • in-vehicle network security
  • key management

ASJC Scopus subject areas

  • Automotive Engineering
  • Mechanical Engineering
  • Computer Science Applications

Fingerprint Dive into the research topics of 'A Practical Wireless Attack on the Connected Car and Security Protocol for In-Vehicle CAN'. Together they form a unique fingerprint.

  • Cite this