A Study of Automotive Security : CAN Bus Intrusion detection Systems, Attack Surface, and Regulations

Abstract

The innovation in the automotive sector enhanced the technology implemented in vehicles by the manufacturers. Consequently, the overall driving experience improved, thanks to the introduction of better safety, utility, and entertainment systems. Moreover, automobiles began collecting and exchanging data with the external world through different communication protocols. However, these additions have started to attract attention from security experts. More importantly, malevolent attackers have exploited the technologies and their related attack points to carry out malicious activities to cause data security and safety issues. These issues have led to establishing standards and regulations (ISO 21434, UNECE 155, etc.) that redefine vehicle design and development by incorporating security protocols and requirements necessary to create secure automobiles. However, these documents analyze the problem at a high level and do not dwell on practical solutions implementation analysis. This work presents an in-depth study of in-vehicle communication concerns via Controller Area Network (CAN) bus safety problems analysis with different proposed solutions. Specifically, a survey of Intrusion Detection Systems developed in the literature is brought up: simulation of three CAN bus intrusion detection systems against various attacks. The results show effectiveness against disruptive attacks, i.e., with numerous messages sent in a short period of time, but conversely have difficulty detecting more targeted attacks with few transmitted packets. The solutions analysis is an excellent starting point for security engineers to be able to develop Intrusion Detection Systems for the CAN bus capable of detecting attacks that will become increasingly complex and difficult to counter over time.