Skip to main content
SpringerLink
Log in

Security Threats to Automotive CAN Networks – Practical Examples and Selected Short-Term Countermeasures

  • Conference paper
Computer Safety, Reliability, and Security (SAFECOMP 2008)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 5219))

Included in the following conference series:

Abstract

The IT security of automotive systems is an evolving area of research. To analyse the current situation we performed several practical tests on recent automotive technology, focusing on automotive systems based on CAN bus technology. With respect to the results of these tests, in this paper we discuss selected countermeasures to address the basic weaknesses exploited in our tests and also give a short outlook to requirements, potential and restrictions of future, holistic approaches.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Kaspersky, E.: Viruses coming aboard?, Viruslist.com Weblog January 24, 2005 (June 2008), http://www.viruslist.com/en/weblog?discuss=158190454&return=1

  2. Barisani,A., Daniele, B.: Unusual Car Navigation Tricks: Injecting RDS-TMC Traffic Information Signals. In: Can Sec West, Vancouver (2007)

    Google Scholar 

  3. Car-2-Car Communication Consortium (June 2008), http://www.car-2-car.org/

  4. Lang, A., Dittmann, J., Kiltz, S., Hoppe, T.: Future Perspectives: The Car and its IP-Address - A Potential Safety and Security Risk Assessment. In: Saglietti, F., Oster, N. (eds.) SAFECOMP 2007. LNCS, vol. 4680. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  5. BOSCH CAN, Website (June 2008), http://www.can.bosch.com/

  6. Wolf, M., Weimerskirch, A., Wollinger, T.: State of the Art: Embedding Security in Vehicles. EURASIP Journal on Embedded Systems 2007, 16 (2007); Article ID 74706, 16 pages, 2007. doi:10.1155/2007/74706

    Article  Google Scholar 

  7. Press release of Ruhr-Universität Bochum: Remote keyless entry system for cars and buildings is hacked, may 31st, Link (2008), http://www.crypto.rub.de/imperia/md/content/projects/keeloq/keeloq_en.pdf

  8. HIS: Herstellerinitiative Software (June 2008), http://www.automotive-his.de/

  9. Vector Informatik (June 2008), http://www.vector-informatik.com/

  10. Hoppe, T., Dittmann, J.: Sniffing/Replay Attacks on CAN Buses: A Simulated Attack on the Electric Window Lift Classified using an Adapted CERT Taxonomy. In: 2nd Workshop on Embedded Systems Security (WESS 2007), A Workshop of the IEEE/ACM EMSOFT 2007 and the Embedded Systems Week, October 4 (2007)

    Google Scholar 

  11. Hoppe, T., Kiltz, S., Lang, A., Dittmann, J.: Exemplary Automotive Attack Scenarios: Trojan horses for Electronic Throttle Control System (ETC) and replay attacks on the power window system. In: Automotive Security - VDI-Berichte 2016, 23. VDI/VW Gemeinschaftstagung Automotive Security, Wolfsburg, Germany, 27-28 November 2007, pp. 165–183. VDI-Verlag (2007) ISBN 978-3-18-092016-0

    Google Scholar 

  12. Hoppe, T., Dittmann, J.: Vortäuschen von Komponentenfunktionalität im Automobil: Safety- und Komfort-Implikationen durch Security-Verletzungen am Beispiel des Airbags. In: Sicherheit 2008; Sicherheit - Schutz und Zuverlässigkeit, Saarbrücken, Germany, April 2008, pp. 341–353 (2008) ISBN 978-3-88579-222-2

    Google Scholar 

  13. FlexRay - The communication system for advanced automotive control applications (June 2008), http://www.flexray.com/

  14. Stakhanova, N., Basu, S., Wong, J.: A Taxonomy of Intrusion Response Systems. nternational Journal of Information and Computer Security 1(1), 169–184 (2007)

    Article  Google Scholar 

  15. Hoppe, T., Kiltz, S., Dittmann, J.: IDS als zukünftige Ergänzung automotiver IT-Sicherheit. In: DACH Security 2008, June 24-25, 2008, Technische Universität Berlin (to appear, 2008)

    Google Scholar 

  16. Website Kienzle-Automotive, product page of the Unfalldatenspeicher UDS system (June 2008), http://kienzle-automotive.com/index.php?108&tt_products=33

  17. Jan Pelzl: Secure Hardware in Automotive Applications. In: 5th escar conference – Embedded Security in Cars, November 6./7, Munich, Germany (2007)

    Google Scholar 

  18. Trusted Computing Group (June 2008), https://www.trustedcomputinggroup.org/

  19. Bogdanov, A., Eisenbarth, T., Wolf, M., Wollinger, T.: Trusted Computing for Automotive Systems; In: Automotive Security - VDI-Berichte 2016, 23. VDI/VW Gemeinschaftstagung Automotive Security, Wolfsburg, Germany, 27-28 November 2007. VDI-Verlag, pp. 227-237, (2007) ISBN 978-3-18-092016-0

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. ITI Research Group on Multimedia and Security, Otto-von-Guericke University of Magdeburg, Universitaetsplatz 2, 39106, Magdeburg, Germany

    Tobias Hoppe, Stefan Kiltz & Jana Dittmann

Authors
  1. Tobias Hoppe
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Stefan Kiltz
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jana Dittmann
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Computing Science, Newcastle University, Claremont Tower, NE1 7RU, Newcastle upon Tyne, UK

    Michael D. Harrison

  2. Health Sciences Research Institute, University of Warwick, Coventry, CV4 7AL, UK

    Mark-Alexander Sujan

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Hoppe, T., Kiltz, S., Dittmann, J. (2008). Security Threats to Automotive CAN Networks – Practical Examples and Selected Short-Term Countermeasures. In: Harrison, M.D., Sujan, MA. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2008. Lecture Notes in Computer Science, vol 5219. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-87698-4_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-87698-4_21

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-87697-7

  • Online ISBN: 978-3-540-87698-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation