The ever more exposure of modern vehicles to computer networks has led, in recent years, to increase risks due to cyberattacks. The internal computer network of vehicles, used to connect several electronic components present on cars, is even more threatened as it is potentially exposed to external attacks. Securing the Controller Area Network (CAN) protocol, used to govern those networks, is becoming increasingly important to ensure a safe driving experience. CAN is an ISO standard that dates back to 1983, over the years it has undergone very few changes coming to be outdated. It has been designed to minimize latency and data transmission errors through two essential features: small frames and unencrypted information transfer. The latter feature, in particular, appears to be the weak point of this protocol. Securing the communication channel is needed, but it must be done by preserving all the main features that ensure the performance of this protocol, in particular the low latency. Furthermore, the modification cannot introduce low-level alterations. CAN security can be improved by acting at a higher level. In this work we investigate the feasibility of using symmetric encryption algorithms for securing messages exchanged on the CAN-bus. In particular, this paper evaluates the effectiveness of using lightweight ciphers, designed with the aim of introducing encryption also on devices, which have limited hardware and software resources, such as microcontrollers.
On the impact of lightweight ciphers in automotive networks
Castiglione A.;Palmieri F.;Colace F.;Lombardi M.
;Santaniello D.
2020-01-01
Abstract
The ever more exposure of modern vehicles to computer networks has led, in recent years, to increase risks due to cyberattacks. The internal computer network of vehicles, used to connect several electronic components present on cars, is even more threatened as it is potentially exposed to external attacks. Securing the Controller Area Network (CAN) protocol, used to govern those networks, is becoming increasingly important to ensure a safe driving experience. CAN is an ISO standard that dates back to 1983, over the years it has undergone very few changes coming to be outdated. It has been designed to minimize latency and data transmission errors through two essential features: small frames and unencrypted information transfer. The latter feature, in particular, appears to be the weak point of this protocol. Securing the communication channel is needed, but it must be done by preserving all the main features that ensure the performance of this protocol, in particular the low latency. Furthermore, the modification cannot introduce low-level alterations. CAN security can be improved by acting at a higher level. In this work we investigate the feasibility of using symmetric encryption algorithms for securing messages exchanged on the CAN-bus. In particular, this paper evaluates the effectiveness of using lightweight ciphers, designed with the aim of introducing encryption also on devices, which have limited hardware and software resources, such as microcontrollers.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
