| Title | Towards Protection Mechanisms for Secure and Efficient CAN Operation |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Andel, Todd R., Todd McDonald, J., Brown, Adam J., Trigg, Tyler H., Cartsten, Paul W. |
| Conference Name | 2019 IEEE International Conference on Consumer Electronics (ICCE) |
| Keywords | access controller, authentication, authorisation, automobiles, Automotive engineering, automotive security, broadband services, CAN bus, CAN data-link layer, CAN Security, Clocks, composability, computer network security, confinement, controller area networks, Cyber Attacks, Cyber-physical systems, efficient CAN operation, error detection, fault confinement mechanism, Industry 4.0, iterative research, message priority, numerous proposed solutions, privacy, protection mechanisms, Protocols, pubcrawl, real-time message deliverability, Real-time Systems, Resiliency, secure CAN operation, security solutions, telecommunication traffic, Timing |
| Abstract | Cyber attacks against automobiles have increased over the last decade due to the expansion in attack surfaces. This is the result of modern automobiles having connections such as Bluetooth, WiFi, and other broadband services. While there has been numerous proposed solutions in the literature, none have been widely adopted as maintaining real-time message deliverability in the Controller Area Networks (CAN) outweighs proposed security solutions. Through iterative research, we have developed a solution which mitigates an attacker's impact on the CAN bus by using CAN's inherent features of arbitration, error detection and signaling, and fault confinement mechanism. The solution relies on an access controller and message priority thresholds added to the CAN data-link layer. The results provide no time delay for non-malicious traffic and mitigates bus impact of a subverted node attempting to fabricate messages at an unauthorized priority level. |
| DOI | 10.1109/ICCE.2019.8661987 |
| Citation Key | andel_towards_2019 |
Towards Protection Mechanisms for Secure and Efficient CAN Operation