Security Evaluation of Cyber-Physical Systems in Society- Critical Internet of Things

In this paper, we present evaluation of security awareness of developers and users of cyber-physical systems. Our study includes interviews, workshops, surveys and one practical evaluation. We conducted 15 interviews and conducted survey with 55 respondents coming primarily from industry. Furthermore, we performed practical evaluation of current state of practice for a society-critical application, a commercial vehicle, and reconfirmed our findings discussing an attack vector for an off-line societycritical facility. More work is necessary to increase usage of security strategies, available methods, processes and standards. The security information, currently often insufficient, should be provided in the user manuals of products and services to protect system users. We confirmed it lately when we conducted an additional survey of users, with users feeling as left out in their quest for own security and privacy. Finally, hardware-related security questions begin to come up on the agenda, with a general increase of interest and awareness of hardware contribution to the overall cyber-physical security. At the end of this paper we discuss possible countermeasures for dealing with threats in infrastructures, highlighting the role of authorities in this quest

Hardware Security of the Controller Area Network (CAN Bus)

The CAN bus is a multi-master network messaging protocol that is a standard across the vehicular industry to provide intra-vehicular communications. Electronics Control Units within vehicles use this network to exchange critical information to operate the car. With the advent of the internet nearly three decades ago, and an increasingly inter-connected world, it is vital that the security of the CAN bus be addressed and built up to withstand physical and non-physical intrusions with malicious intent. Specifically, this paper looks at the concept of node identifiers and how they allow the strengths of the CAN bus to shine while also increasing the level of security provided at the data-link level

Defending Vehicles Against Cyberthreats: Challenges and a Detection-Based Solution

The lack of concern with security when vehicular network protocols were designed some thirty years ago is about to take its toll as vehicles become more connected and smart. Today as demands for more functionality and connectivity on vehicles continue to grow, a plethora of Electronic Control Units (ECUs) that are able to communicate to external networks are added to the automobile networks. The proliferation of ECU and the increasing autonomy level give drivers more control over their vehicles and make driving easier, but at the same time they expand the attack surface, bringing more vulnerabilities to vehicles that might be exploited by hackers. Possible outcomes of a compromised vehicle range from personal information theft to human life loss, raising the importance of automotive cybersecurity to a whole different level. Therefore, network safety has become a necessary and vital consideration of a vehicle. This project is two-fold: the first half will focus on the background of vehicle cybersecurity, characteristics of vehicular networks that could be leveraged during a hacking process, including ECU, Controller Area Network (CAN bus) and On-Board Diagnostics (OBD). It also discusses and evaluates previous hacking experiments conducted by researchers and their proposed countermeasures. The second half is an evaluation of approaches to design an Intrusion Detection System (IDS). The aim of this project is to find an effective and suitable solution todefend vehicles against various types of cyber threats