Nowadays with the help of advanced technology, modern vehicles are not only made up of mechanical devices
but also consist of highly complex electronic devices and connections to the outside world. There are around 70 Electronic
Control Units (ECUs) in modern vehicle which are communicating with each other over the standard communication
protocol known as Controller Area Network (CAN-Bus) that provides the communication rate up to 1Mbps. There are
different types of in-vehicle network protocol and bus system namely Controlled Area Network (CAN), Local
Interconnected Network (LIN), Media Oriented System Transport (MOST), and FlexRay. Even though CAN-Bus is
considered as de-facto standard for in-vehicle network communication, it inherently lacks the fundamental security features
by design like message authentication. This security limitation has paved the way for adversaries to penetrate into the
vehicle network and do malicious activities which can pose a dangerous situation for both driver and passengers. In
particular, nowadays vehicular networks are not only closed systems, but also they are open to different external interfaces
namely Bluetooth, GPS, to the outside world. Therefore, it creates new opportunities for attackers to remotely take full
control of the vehicle. The objective of this research is to survey the current limitations of CAN-Bus protocol in terms of
secure communication and different solutions that researchers in the society of automotive have provided to overcome the
CAN-Bus limitation on different layers.
Published In:IJCSN Journal Volume 6, Issue 6
Date of Publication : December 2017
Pages : 720-727
Figures :05
Tables : 01
Omid Avatefipour : is currently pursuing his
Master’s program in Computer Engineering at
University of Michigan-Dearborn. His research
interests include in-vehicle network
communication protocol security, Embedded
Systems, Data mining, Intelligent Control
systems and Robotics. He has work
experience at Vector CANTech company as
Embedded Software Engineer and at Valeo North Amercia
company as System Software Engineering in Advanced
Engineering Research & Development department. He has also
worked as researcher in Information System, Security, and
Forensics (ISSF) laboratory at Department of Electrical and
Computer Engineering (ECE), University of Michigan – Dearborn.
Additionally, he was working as primary researcher in the
laboratory of Control and Robotics at institute of Advanced
Science and Technology, IRAN SSP Research & Development
center.
Hafiz Malik : is Associate Processor in the
Electrical and Computer Engineering (ECE)
Department at University of Michigan –
Dearborn. His research in
cybersecurity, multimedia forensics,
information security, wireless sensor networks,
steganography/steganalysis, pattern
recognition, information fusion, and biometric
security is funded by the National Academies,
National Science Foundation and other
agencies. He has published more than 70
papers in leading journals, conferences, and workshops. He is
serving as Associate Editor for the IEEE Transactions on
Information Forensics and Security since August 2014 and for the
Springer Journal of Signal, Image, and Video Processing (SIVP)
May 2013 – present. He is also on the Review Board Committee
of IEEE Technical Committee on Multimedia Communications
(MMTC). He organized Special Track on Doctoral Dissertation in
Multimedia, in the 6th IEEE International Symposium on
Multimedia (ISM) 2006. He is also organizing a special session on
“Data Mining in Industrial Applications” within the IEEE
Symposium Series on Computational Intelligence (IEEE SSCI)
2013. He is serving as vice chair of IEEE SEM, Chapter 16 since
2011. He is also serving on several technical program committees,
including the IEEE AVSS, ICME ICIP, MINES, ISPA, CCNC,
ICASSP, and ICC. He is a senior IEEE member.
In this study, in-vehicle network communication protocol
CAN-Bus and its corresponding vulnerabilities are
introduced. Several researchers have performed to show its
corresponding weaknesses in terms of penetrations to the
network. Although some researchers proposed security
solutions for the current protocol, most of the work in this
area are carried out to introduce the current problems and
their solutions are not comprehensive. Developing security
solution in physical layer security would have more merits
compared to transfer layer because one of the challenges
for developing security mechanism in the transfer layer
(applying message authentication code) is the limitation of
computational power and memory of the microcontrollers
which could be insufficient to develop a cryptographic
algorithm for CAN-Bus in real-time environment. Vehicles
are being revolutionized by integrating modern computing
and communication technologies in order to improve both
user experience and driving safety. As a result, vehicular
systems that used to be closed systems are opening up
various interfaces, such as Bluetooth, 3G/4G, GPS, etc., to
the outside world.
[1] CAN-Bus Specifications Rep. Robert Bosch GmbH.
Postfach 50, D-7000. Stuttgart 1Print.
[2] Kaiser, J., & Mock, M. (1999). Implementing the realtime
publisher/subscriber model on the controller area
network (CAN). In Object-Oriented Real-Time
Distributed Computing, 1999.(ISORC'99) Proceedings.
2nd IEEE International Symposium on (pp. 172-181).
IEEE.
[3] Hafeez, A., Malik, H., Avatefipour, O., Rongali, P. et al.,
"Comparative Study of CAN-Bus and FlexRay
Protocols for In-Vehicle Communication," SAE
Technical Paper 2017-01-0017, 2017.
[4] Corrigan, Steve. Introduction to the Controller Area
Network (CAN). Rep. Texas Instrument. Print.
[5] Farsi, M., Ratcliff, K., & Barbosa, M. (1999). An
overview of controller area network. Computing &
Control Engineering Journal, 10(3), 113-120.
[6] Hesse, Scott, William Nicolay, Hugh Adamson, and
John McDermid. "Can bus router for building
automation systems." U.S. Patent Application
11/216,685, filed August 31, 2005.
[7] Ran, P., Wang, B., & Wang, W. (2008, April). The
design of communication convertor based on CAN bus.
In Industrial Technology, 2008. ICIT 2008. IEEE
International Conference on (pp. 1-5). IEEE.
[8] Shavit, M., Gryc, A., & Miucic, R. (2007). Firmware
update over the air (FOTA) for automotive industry (No.
2007-01-3523). SAE Technical Paper.
[9] Tindell, K., & Burns, A. (1994, September).
Guaranteeing message latencies on control area network
(CAN). In Proceedings of the 1st International CAN
Conference. Citeseer.
[10] Stallings, W., & Tahiliani, M. P. (2014). Cryptography
and network security: principles and practice (Vol. 6).
London: Pearson.
[11] Nilsson, D. K., Larson, U. E., Picasso, F., & Jonsson, E.
(2009). A first simulation of attacks in the automotive
network communications protocol flexray.
In Proceedings of the International Workshop on
Computational Intelligence in Security for Information
Systems CISIS’08 (pp. 84-91). Springer, Berlin,
Heidelberg.
[12] Lin, C. W., & Sangiovanni-Vincentelli, A. (2012,
December). Cyber-security for the Controller Area
Network (CAN) communication protocol. In Cyber
Security (CyberSecurity), 2012 International Conference
on (pp. 1-7). IEEE.
[13] Khalilian, A., Sahamijoo, G., Avatefipour, O., Piltan, F.,
& Nasrabad, M. R. S. (2014). Design high efficiencyminimum
rule base PID like fuzzy computed torque
controller. International Journal of Information
Technology and Computer Science (IJITCS), 6(7), 77.
[14] Khalilian, A., Piltan, F., Avatefipour, O., Nasrabad, M.
R. S., & Sahamijoo, G. (2014). Design New Online
Tuning Intelligent Chattering Free Fuzzy
Compensator. International Journal of Intelligent
Systems and Applications, 6(9), 75.
[15] Sahamijoo, G., Avatefipour, O., Nasrabad, M. R. S.,
Taghavi, M., & Piltan, F. (2015). Research on minimum
intelligent unit for flexible robot. International Journal
of Advanced Science and Technology, 80, 79-104.
[16] Sinclair, C., Pierce, L., & Matzner, S. (1999). An
application of machine learning to network intrusion
detection. In Computer Security Applications
Conference, 1999.(ACSAC'99) Proceedings. 15th
Annual (pp. 371-377). IEEE.
[17] Avatefipour, O., Hafeez, A., Tayyab, M., & Malik, H.
(2017). Linking Received Packet to the Transmitter
Through Physical-Fingerprinting of Controller Area
Network . Information Forensics and Security (WIFS
Conference, Rennes, France.
[18] Shon, T., Kim, Y., Lee, C., & Moon, J. (2005, June). A
machine learning framework for network anomaly
detection using SVM and GA. In Information Assurance
Workshop, 2005. IAW'05. Proceedings from the Sixth
Annual IEEE SMC (pp. 176-183). IEEE.
[19] Mokhtar, M., Piltan, F., Mirshekari, M., Khalilian, A.,
& Avatefipour, O. (2014). Design minimum rule-base
fuzzy inference nonlinear controller for second order
nonlinear system. International Journal of Intelligent
Systems and Applications, 6(7), 79.
[20] Avatefipour, O., Piltan, F., Nasrabad, M. R. S.,
Sahamijoo, G., & Khalilian, A. (2014). Design New
Robust Self Tuning Fuzzy Backstopping
Methodology. International Journal of Information
Engineering and Electronic Business, 6(1), 49.
[21] Shahcheraghi, A., Piltan, F., Mokhtar, M., Avatefipour,
O., & Khalilian, A. (2014). Design a Novel SISO Offline
Tuning of Modified PID Fuzzy Sliding Mode
Controller. International Journal of Information
Technology and Computer Science (IJITCS), 6(2), 72.
[22] Ramadan, M. N., Al-Khedher, M. A., & Al-Kheder, S.
A. (2012). Intelligent anti-theft and tracking system for
automobiles. International Journal of Machine Learning
and Computing, 2(1), 83.
[23] Müter, M., & Asaj, N. (2011, June). Entropy-based
anomaly detection for in-vehicle networks. In Intelligent
Vehicles Symposium (IV), 2011 IEEE (pp. 1110-1115).
IEEE.
[24] Müter, M., Groll, A., & Freiling, F. C. (2010, August).
A structured approach to anomaly detection for invehicle
networks. In Information Assurance and
Security (IAS), 2010 Sixth International Conference
on (pp. 92-98). IEEE.
[25] Narayanan, S. N., Mittal, S., & Joshi, A. (2015). Using
data analytics to detect anomalous states in
vehicles. arXiv preprint arXiv:1512.08048.
[26] Cho, Kyong-Tak, and Kang G. Shin. "Fingerprinting
electronic control units for vehicle intrusion
detection." 25th USENIX Security Symposium
(USENIX Security 16). USENIX Association, 2016.
[27] Q. Wang and S. Sawhney, "VeCure: A practical security
framework to protect the CAN bus of vehicles," 2014
International Conference on the Internet of Things
(IOT), Cambridge, MA, 2014, pp.13-18.doi:
10.1109/IOT.2014.7030108
[28] Experimental security analysis of a modern automobile
K Koscher, A Czeskis, F Roesner, S Patel, T Kohno -
2010 IEEE Symposium on Security and Privacy, 2010
[29] Eisenbarth, T. Kasper, A. Moradi, C. Paar, M.
Salmasizadeh and M. Manzuri Shalmani. On the
power of power analysis in the real world: A complete
break of the KeeLoq code hopping scheme. In D.
Wagner, editor, Proceedings of Crypto 2008, volume
5157 of LNCS, pages 203–20. Springer-Verlag, Aug.
2008.
[30] Hoppe, T., Kiltz, S., & Dittmann, J. (2008). Security
threats to automotive CAN networks–practical
examples and selected short-term
countermeasures. Computer Safety, Reliability, and
Security, 235-248.