An approach to specification-based attack detection for in-vehicle networks

Author

Larson, Ulf E. ; Nilsson, Dennis K. ; Jonsson, Erland

Author_Institution

Dept. of Comput. Sci. & Eng., Chalmers Univ. of Technol., Goteborg

fYear

2008

fDate

4-6 June 2008

Firstpage

220

Lastpage

225

Abstract

An upcoming trend for automotive manufacturers is to create seamless interaction between a vehicle and fleet management to provide remote diagnostics and firmware updates over the air. To allow this, the previously isolated in-vehicle network must be connected to an external network, and can thus be exposed to a whole new range of threats known as cyber attacks. In this paper we explore the applicability of a specification-based approach to detect cyber attacks within the in-vehicle network. We derive information to create security specifications for communication and ECU behavior from the CANopen draft standard 3.01 communication protocol and object directory sections. We also provide a set of example specifications, propose a suitable location for the attack detector, and evaluate the detection using a set of attack actions.

Keywords

controller area networks; security of data; traffic information systems; CANopen draft standard 3.01 communication protocol; automotive manufacturers; cyber attacks; firmware updates; fleet management; invehicle networks; object directory sections; remote diagnostics; security specifications; specification-based approach; specification-based attack detection; Automotive engineering; Communication standards; Communication system control; Control systems; Data security; Information security; Microprogramming; Protection; Protocols; Vehicle detection;

fLanguage

English

Publisher

ieee

Conference_Titel

Intelligent Vehicles Symposium, 2008 IEEE

Conference_Location

Eindhoven

ISSN

1931-0587

Print_ISBN

978-1-4244-2568-6

Electronic_ISBN

1931-0587

Type

conf

DOI

10.1109/IVS.2008.4621263

Filename

4621263