Security Issues in Controller Area Networks in Automobiles

TL;DR

This paper investigates the security vulnerabilities of the CAN protocol in modern vehicles by demonstrating a proof-of-concept attack on a BMW E90's instrument cluster using a rogue device to spoof messages.

Contribution

It provides a practical analysis of CAN protocol security flaws through a real-world attack simulation on a specific vehicle model.

Findings

CAN protocol is vulnerable to spoofing attacks

A rogue device can send malicious messages to vehicle components

Vehicle security can be compromised through simple, low-cost tools

Abstract

Modern vehicles may contain a considerable number of ECUs (Electronic Control Units) which are connected through various means of communication, with the CAN (Controller Area Network) protocol being the most widely used. However, several vulnerabilities such as the lack of authentication and the lack of data encryption have been pointed out by several authors, which ultimately render vehicles unsafe to their users and surroundings. Moreover, the lack of security in modern automobiles has been studied and analyzed by other researchers as well as several reports about modern car hacking have (already) been published. The contribution of this work aimed to analyze and test the level of security and how resilient is the CAN protocol by taking a BMW E90 (3-series) instrument cluster as a sample for a proof of concept study. This investigation was carried out by building and developing a rogue device using cheap commercially available components while being connected to the same CAN-Bus as a man in the middle device in order to send spoofed messages to the instrument cluster.