Security threats to automotive CAN networksPractical examples and selected short-term countermeasures

Reliability Engineering and System Safety

Volumn 96, Issue 1, 2011, Pages 11-25

  Hoppe, Tobias ^a   Kiltz, Stefan ^a   Dittmann, Jana ^a  

^a OTTO VON GUERICKE UNIVERSITY   (Germany)

Author keywords

Automotive intrusion detection; Automotive IT; Automotive IT forensics; Countermeasures; Interplay between security and safety; Practical attack scenarios

Indexed keywords

ATTACK SCENARIOS; AUTOMOTIVE INTRUSION DETECTION; AUTOMOTIVE IT; AUTOMOTIVE IT-FORENSICS; COUNTERMEASURES; INTERPLAY BETWEEN SECURITY AND SAFETY;

CONTROL SYSTEMS; INFORMATION TECHNOLOGY; SECURITY SYSTEMS;

INTRUSION DETECTION;

EID: 78649321196     PISSN: 09518320     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.ress.2010.06.026     Document Type: Conference Paper

References (26)

1. Eugene Kaspersky, Viruses coming aboard? Viruslist.com 〈http://www.viruslist.com/en/weblog?discuss=158190454&return=1〉 ; 2008 [accessed 12.07.10].
2. Andrea Barisani, Daniele Bianco. Unusual car navigation tricks: injecting RDS-TMC traffic information signals. In: CanSecWest, Vancouver, 2007.
3. Car-2-Car Communication Consortium, 〈http://www.car-2-car.org/〉 ; 2008.
4. Andreas Lang, Jana Dittmann, Stefan Kiltz, Tobias Hoppe, Future perspectives: the car and its IP-addressa potential safety and security risk assessment. In: Computer safety, reliability, and security, Proceedings of the 26th international conference SAFECOMP 2007, Nuremberg, Germany, September 2007, vol. 4680. Springer LNCS. pp. 4053. isbn 978-3-540-75100-7.
5. BOSCH CAN, 〈http://www.can.bosch.com/〉 ; 2010
6. Howard, John D Longstaff, Thomas A, A common language for computer security incidents (SAND98-8667)/Sandia National Laboratories; 1998 (isbn 0-201-63346-9).
7. Marko Wolf, Andr Weimerskirch, Thomas Wollinger, State of the art: embedding security in vehicles. EURASIP Journal on Embedded Systems 2007; (2007): 16 pages. Article ID 74706, doi:10.1155/2007/74706.
8. Marco Wolf, Security engineering for vehicular IT systemsimproving trustworthiness and dependability of automotive IT applications. ViewegTeubner; 2009. isbn 978-3-834-80795-3.
9. Press release of Ruhr-Universitt Bochum. Remote keyless entry system for cars and buildings is hacked 〈http://www.crypto.rub.de/imperia/md/content/ projects/keeloq/keeloq-en.pdf〉 ; 31 May 31 2008.
10. HIS: Herstellerinitiative Software, 〈http://www.automotive-his.de/ 〉 ; 2010.
11. Vector Informatik, 〈http://www.vector-informatik.com/〉 ; 2010.
12. Tobias Hoppe, Jana Dittmann, Sniffing/replay attacks on CAN buses: a simulated attack on the electric window lift classified using an adapted CERT taxonomy. In: 2nd Workshop on embedded systems security (WESS'2007), a workshop of the IEEE/ACM EMSOFT'2007 and the Embedded Systems Week October 4; 2007.
13. Tobias Hoppe, Stefan Kiltz, Andreas Lang, Jana Dittmann, Exemplary automotive attack scenarios: trojan horses for electronic throttle control system (ETC) and replay attacks on the power window system. In: Automotive SecurityVDI-Berichte 2016, 23. VDI/VW Gemeinschaftstagung Automotive Security, Wolfsburg, Germany, 2728 November 2007. VDI-Verlag; 2007. pp. 165183. isbn 978-3-18-092016-0.
14. Tobias Hoppe, Jana Dittmann, Vortuschen von Komponentenfunktionalitt im Automobil: Safety- und Komfort-Implikationen durch Security-Verletzungen am Beispiel des Airbags. In: Sicherheit 2008 "SicherheitSchutz und Zuverlssigkeit" Saarbrcken, Germany, April 2008; 2008. pp. 341353. isbn 978-3-88579-222-2.
15. Tobias Hoppe, Stefan Kiltz, and Jana Dittmann Security threats to automotive CAN networkspractical examples and selected short-term countermeasures Michael D. Harrison, Mark-Alexander Sujan, Computer safety, reliability, and security, Proceedings of the 27th international conference SAFECOMP 2008, Newcastle, UK, September 2008 vol. 5219 2008 Springer LNCS pp. 23548
16. Tobias Hoppe, Stefan Kiltz, and Jana Dittmann Automotive IT-Security as a challenge: basic attacks from the black box perspective on the example of privacy threats Bettina Buth, Gerd Rabe, Till Seyfarth, Computer safety, reliability, and security, Proceedings of the 28th international conference SAFECOMP 2009, Hamburg, Germany, September 2009 vol. 5775 2009 Springer LNCS pp. 14558
17. FlexRay, The communication system for advanced automotive control applications. 〈http://www.flexray.com/〉 ; 2010.
18. Tobias Hoppe, Stefan Kiltz, and Jana Dittmann Applying intrusion detection to automotive ITearly insights and remaining challenges Journal of Information Assurance and Security (JIAS) 4 6 2009 226 235
19. Stefan Kiltz, Mario Hildebrandt, and Jana Dittmann Forensische Datenarten undanalysen in automotiven Systemen Patrick Horster (Hrsg), DACH Security 2009 2009
20. N. Stakhanova, S. Basu, and J. Wong A taxonomy of intrusion response systems International Journal of Information and Computer Security 1 1 2007 169 184
21. Hubert Zimmermann OSI reference modelthe ISO model of architecture for open systems interconnection IEEE Transaction on Communications 2010
22. Eoghan Casey Digital evidence and computer crime 2004 Academic Press
23. Stefan Kiltz, Tobias Hoppe, Jana Dittmann, A new forensic model and its application to the collection, extraction and long term storage of screen content off a memory dump, In: 16th International conference on digital signal processing (DSP2009), IEEE Catalog Number CFP09452-CDR, 57 July 2009, Santorini/Greece. isbn 978-1-4244-3298-1.
24. Jan Pelzl, Secure hardware in automotive applications. In: 5th Escar conferenceembedded security in cars, November 6/7 2007, Munich, Germany.
25. Trusted Computing Group, 〈https://www.trustedcomputinggroup.org/ 〉 ; 2010.
26. Bogdanov A, Eisenbarth T, Wolf M, Wollinger T, Trusted computing for automotive systems. In: Automotive securityVDI-Berichte 2016, 23. VDI/VW Gemeinschaftstagung Automotive Security, Wolfsburg, Germany, 2728, November 2007, VDI-Verlag; 2007. pp. 227237. isbn 978-3-18-092016-0