Ulf E. Larson

Secure Firmware Updates over the Air in Intelligent Vehicles

Modern intelligent vehicles have electronic control units containing firmware that enables various functions in the vehicle. New firmware versions are constantly developed to remove bugs and improve functionality. Automobile manufacturers have traditionally performed firmware updates over cables but in the near future they are aiming at conducting firmware updates over the air, which would allow faster updates and improved safety for the driver. In this paper, we present a protocol for secure firmware updates over the air. The protocol provides data integrity, data authentication, data confidentiality, and freshness. In our protocol, a hash chain is created of the firmware, and the first packet is signed by a trusted source, thus authenticating the whole chain. Moreover, the packets are encrypted using symmetric keys. We discuss the practical considerations that exist for implementing our protocol and show that the protocol is computationally efficient, has low memory overhead, and is suitable for wireless communication. Therefore, it is well suited to the limited hardware resources in the wireless vehicle environment.

An approach to specification-based attack detection for in-vehicle networks

An upcoming trend for automotive manufacturers is to create seamless interaction between a vehicle and fleet management to provide remote diagnostics and firmware updates over the air. To allow this, the previously isolated in-vehicle network must be connected to an external network, and can thus be exposed to a whole new range of threats known as cyber attacks. In this paper we explore the applicability of a specification-based approach to detect cyber attacks within the in-vehicle network. We derive information to create security specifications for communication and ECU behavior from the CANopen draft standard 3.01 communication protocol and object directory sections. We also provide a set of example specifications, propose a suitable location for the attack detector, and evaluate the detection using a set of attack actions.

Efficient In-Vehicle Delayed Data Authentication Based on Compound Message Authentication Codes

Modern vehicles contain an in-vehicle network consisting of a number of electronic control units (ECUs). These ECUs are responsible for most of the functionality in the vehicle, including vehicle control and maneuverability. To date, no security features exist in this network since it has been isolated. However, an upcoming trend among automobile manufacturers is to establish a wireless connection to the vehicle to provide remote diagnostics and software updates. As a consequence, the in-vehicle network is exposed to external communication, and a potential entry point for attackers is introduced. Messages sent on the in-vehicle network lack integrity protection and data authentication; thus, the network is vulnerable to injection and modification attacks. Due to the real-time constraints and the limited resources in the ECUs, achieving data authentication is a challenge. In this paper, we propose an efficient delayed data authentication using compound message authentication codes. A message authentication code is calculated on a compound of successive messages and sent together with the subsequent messages, resulting in a delayed authentication. This data authentication could be used to detect and possibly recover from injection and modification attacks in the in-vehicle network.

Securing vehicles against cyber attacks

The automobile industry has grown to become an integral part of our everyday life. As vehicles evolve, the primarily mechanical solutions for vehicle control are gradually replaced by electronics and software solutions forming in-vehicle computer networks. An emerging trend is to introduce wireless technology in the vehicle domain by attaching a wireless gateway to the in-vehicle network. By allowing wireless communication, real-time information exchange between vehicles and between infrastructure and vehicles become reality. This communication allows for road condition reporting, decision making, and remote diagnostics and firmware updates over-the-air. However, allowing external parties wireless access to the in-vehicle network creates a potential entry-point for cyber attacks. In this paper, we investigate the security issues of allowing external wireless communication. We use a defense-in-depth perspective and discuss security challenges for each of the prevention, detection, deflection, countermeasures, and recovery layers.

A First Simulation of Attacks in the Automotive Network Communications Protocol FlexRay

The automotive industry has over the last decade gradually replaced mechanical parts with electronics and software solutions. Modern vehicles contain a number of electronic control units (ECUs), which are connected in an in-vehicle network and provide various vehicle functionalities. The next generation automotive network communications protocol FlexRay has been developed to meet the future demands of automotive networking and can replace the existing CAN protocol. Moreover, the upcoming trend of ubiquitous vehicle communication in terms of vehicle-to-vehicle and vehicle-to-infrastructure communication introduces an entry point to the previously isolated in-vehicle network. Consequently, the in-vehicle network is exposed to a whole new range of threats known as cyber attacks. In this paper, we have analyzed the FlexRay protocol specification and evaluated the ability of the FlexRay protocol to withstand cyber attacks. We have simulated a set of plausible attacks targeting the ECUs on a FlexRay bus. From the results, we conclude that the FlexRay protocol lacks sufficient protection against the executed attacks, and we therefore argue that future versions of the specification should include security protection.

A Defense-in-Depth Approach to Securing the Wireless Vehicle Infrastructure

The automobile industry has grown to become an integral part of our everyday life. As vehicles evolve, the primarily mechanical solutions for vehicle control are gradually replaced by electronics and software solutions forming in-vehicle computer networks. An emerging trend is to introduce wireless technology in the vehicle domain by attaching a wireless gateway to the in-vehicle network. By allowing wireless communication, real-time information exchange between vehicles and between infrastructure and vehicles become reality. This communication allows for road condition reporting, decision making, and remote diagnostics and _rmware updates over-the-air. However, allowing external parties wireless access to the in-vehicle network creates a potential entry-point for cyber attackers. In this paper, we investigate the security issues of allowing external wireless communication. We use a defense-in-depth perspective and discuss security challenges and propose solutions for each of the prevention, detection, de_ection, and forensics approaches. We stress the important need for applying security using the defense-in-depth principle.

Creating a Secure Infrastructure for Wireless Diagnostics and Software Updates in Vehicles

A set of guidelines for creating a secure infrastructure for wireless diagnostics and software updates in vehicles is presented. The guidelines are derived from a risk assessment for a wireless infrastructure. From the outcome of the risk assessment, a set of security requirements to counter the identified security risks were developed. The security requirements can be viewed as guidelines to support a secure implementation of the wireless infrastructure. Moreover, we discuss the importance of defining security policies.

METAL – a tool for extracting attack manifestations

As manual analysis of attacks is time consuming and requires expertise, we developed a partly automated tool for extracting manifestations of intrusive behaviour from audit records, METAL (Manifestation Extraction Tool for Analysis of Logs). The tool extracts changes in audit data that are caused by an attack. The changes are determined by comparing data generated during normal operation to data generated during a successful attack. METAL identifies all processes that may be affected by the attack and the specific system call sequences, arguments and return values that are changed by the attack and makes it possible to analyse many attacks in a reasonable amount of time. Thus it is quicker and easier to find groups of attacks with similar properties and the automation of the process makes attack analysis considerably easier. We tested the tool in analyses of five different attacks and found that it works well, is considerably less time consuming and gives a better overview of the attacks than manual analysis.

Combining Physical and Digital Evidence in Vehicle Environments

Traditional forensic investigations of vehicles aims at gathering physical evidence since most crimes involving vehicles are physical. However, in the near future digital crimes on vehicles will most likely surge, and therefore it will be necessary to also gather digital evidence. In this paper, we investigate the possibilities of combining physical and digital evidence in forensic investigations of vehicle crime scenes. We show that digital evidence can be used to improve the investigation of physical crimes and, respectively, that physical evidence can be used to improve the investigation of digital crimes. We also recognize that by gathering purely physical or digital evidence certain crimes cannot be solved. Finally, we show that by combining physical and digital evidence it is possible to distinguish between different types of physical and digital crime.

Low-cost key management for hierarchical wireless vehicle networks

We have analyzed a hypothetical scenario for hierarchical wireless vehicle networks consisting of a central portal and a large number of vehicles. Vehicles join the network, establish connections to the portal, transfer data, and then leave the network. An efficient approach to provide authentication between a vehicle and the portal is to use the same pre-established symmetric link key for multiple occasions instead of performing a rigorous key agreement for every new occasion. However, since the same key is used for extended periods of time, the risk of cryptanalysis and offline bruteforcing of the link key increases. Therefore, there is a need to establish new keys between the portal and the vehicles (rekeying) in a secure and efficient manner. Moreover, to provide authenticity of the portal, the portal has a public and private key pair, and the public key is preinstalled in the vehicles. To reduce the risk of cryptanalysis of the private key of the portal, the public and private key pair of the portal must also be rekeyed. In this paper, we propose low-cost key management protocols for rekeying of the link keys and the public/private key pair of the portal.