3. General
• Intro to modern car
• The rising threat
• Current solutions
• Suggested solution
4. The modern car
• Sophisticated and computerized
• Decentralized electronic system
Usually consists of dozens of computers (ECUs –
electronic control units) and sensors
New functionalities – hundreds MBs of code
Connected by one or more network segments
• Autonomous cars
6. The rising threat
• ECUs controlled mechanisms
Brakes
Stability control
Airbags
…
• CAN bus connected
• Rising wave of cyber attacks
7. CAN bus protocol
• A protocol from the 80’s
• Very simple
• Not secured in any manner
Priority according to ID
Who is the sender?
8. Known attacks - TODO
•Disable an automotive using the internet
•Attack using wireless tire pressure sensors
•Attack using On-Star
•Attack using the infotainment system – gain
control over the vehicle
9. Attack motivation
• Access to the automotive internal
communication network
Car theft
Stealing personal data
Extortion
Damaging business competitors reputation
…
10. Hacking a system
• Demonstrated by US researchers - hack using
RDS, Bluetooth and more
• Hack a widespread infotainment system using
hostile files
With no prior knowledge
No budget
Goal: estimate the possibility of such scenario
12. Hacking process
• Understand inner working and get binaries
• Reversing the binaries – focus on input parsing
• Finding exploitable vulnerabilities
• Implementing the exploit
14. Conclusion
Cars were designed for safety and
functionality – not for Security
15. The challenge
• Huge number of suppliers
• Lots of external interfaces
• Every cent counts
• Time critical communication
• Legacy systems
• Zero tolerance for mistakes
18. Cryptography Difficulties
• Key exchange and management
• Symmetric keys:
Identical to all units – vulnerable
Not identical – complicated to manage
• Asymmetric keys:
Time and computing complexity – cost
PK infrastructure needed
• Maintenance nightmare – for a mission critical solution
• Export restrictions
• The industry is too decentralized
• Does not solve vulnerabilities
Exploit can use the crypto mechanisms to encrypt
The more sophisticated the system the larger the attack surface
19. CAN bus firewall
• A rule based CAN bus Firewall
Whitelist
Rate limit
Authentication
• Independent device
Single non-expensive chip
aftermarket or integrated SOC
Military grade
Thoroughly tested
• Architecture
As general rule does not require redesign of ECU’s
software or vehicle’s network
20. Features
• Physical forms
Standalone device with two CAN bus connections
Integrated chip in an ECU
• Configuration
CLI (RS-232) interface
GUI
Non volatile memory
• Protection
Secure software
Rule based filter
Rate limit against DOS