Review of the Security of Backward-Compatible Automotive Inter-ECU Communication

TL;DR

This paper systematically reviews security threats and countermeasures for automotive inter-ECU communication via the CAN bus, highlighting limitations and proposing a simple, cost-effective defense strategy against key attack types.

Contribution

It provides a comprehensive review of existing security measures for CAN bus communication and introduces a practical, incremental solution to improve vehicular cybersecurity.

Findings

Existing security measures have notable limitations.

A simple, cost-effective defense can mitigate many attacks.

The proposed solution is easy to deploy incrementally.

Abstract

Advanced electronic units inside modern vehicles have enhanced the driving experience, but also introduced a myriad of security problems due to the inherent limitations of the internal communication protocol. In the last two decades, a number of security threats have been identified and accordingly, security measures have been proposed. While a large body of research on the vehicular security domain is focused on exposing vulnerabilities and proposing counter measures, there is an apparent paucity of research aimed at reviewing existing works on automotive security and at extracting insights. This paper provides a systematic review of security threats and countermeasures for the ubiquitous CAN bus communication protocol. It further exposes the limitations of the existing security measures, and discusses a seemingly-overlooked, simple, cost-effective and incrementally deployable solution which can provide a reasonable defense against a major class of packet injection attacks and many denial of service attacks.