An Overview of Automotive Service-Oriented Architectures and Implications for Security Countermeasures

New requirements from the customers\u27 and manufacturers\u27 point of view such as adding new software functions during the product life cycle require a transformed architecture design for future vehicles. The paradigm of signal-oriented communication established for many years will increasingly be replaced by service-oriented approaches in order to increase the update and upgrade capability. In this article, we provide an overview of current protocols and communication patterns for automotive architectures based on the service-oriented architecture (SOA) paradigm and compare them with signal-oriented approaches. Resulting challenges and opportunities of SOAs with respect to information security are outlined and discussed. For this purpose, we explain different security countermeasures and present a state of the section of automotive approaches in the fields of firewalls, Intrusion Detection Systems (IDSs) and Identity and Access Management (IAM). Our final discussion is based on an exemplary hybrid architecture (signal- and service-oriented) and examines the adaptation of existing security measures as well as their specific security features

Machine learning and blockchain technologies for cybersecurity in connected vehicles

Future connected and autonomous vehicles (CAVs) must be secured againstcyberattacks for their everyday functions on the road so that safety of passengersand vehicles can be ensured. This article presents a holistic review of cybersecurityattacks on sensors and threats regardingmulti-modal sensor fusion. A compre-hensive review of cyberattacks on intra-vehicle and inter-vehicle communicationsis presented afterward. Besides the analysis of conventional cybersecurity threatsand countermeasures for CAV systems,a detailed review of modern machinelearning, federated learning, and blockchain approach is also conducted to safe-guard CAVs. Machine learning and data mining-aided intrusion detection systemsand other countermeasures dealing with these challenges are elaborated at theend of the related section. In the last section, research challenges and future direc-tions are identified

EdgeTDC: On the Security of Time Difference of Arrival Measurements in CAN Bus Systems

A Controller Area Network (CAN bus) is a message- based protocol for intra-vehicle communication designed mainly with robustness and safety in mind. In real-world deployments, CAN bus does not offer common security features such as message authentication. Due to the fact that automotive suppliers need to guarantee interoperability, most manufacturers rely on a decade- old standard (ISO 11898) and changing the format by introducing MACs is impractical. Research has therefore suggested to address this lack of authentication with CAN bus Intrusion Detection Systems (IDSs) that augment the bus with separate modules. IDSs attribute messages to the respective sender by measuring physical- layer features of the transmitted frame. Those features are based on timings, voltage levels, transients—and, as of recently, Time Difference of Arrival (TDoA) measurements. In this work, we show that TDoA-based approaches presented in prior art are vulnerable to novel spoofing and poisoning attacks. We describe how those proposals can be fixed and present our own method called EdgeTDC. Unlike existing methods, EdgeTDC does not rely on Analog-to-digital converters (ADCs) with high sampling rate and high dynamic range to capture the signals at sample level granularity. Our method uses time-to-digital converters (TDCs) to detect the edges and measure their timings. Despite being inexpensive to implement, TDCs offer low latency, high location precision and the ability to measure every single edge (rising and falling) in a frame. Measuring each edge makes analog sampling redundant and allows the calculation of statistics that can even detect tampering with parts of a message. Through extensive experimentation, we show that EdgeTDC can successfully thwart masquerading attacks in the CAN system of modern vehicles

Utilization Of A Large-Scale Wireless Sensor Network For Intrusion Detection And Border Surveillance

To control the border more effectively, countries may deploy a detection system that enables real-time surveillance of border integrity. Events such as border crossings need to be monitored in real time so that any border entries can be noted by border security forces and destinations marked for apprehension. Wireless Sensor Networks (WSNs) are promising for border security surveillance because they enable enforcement teams to monitor events in the physical environment. In this work, probabilistic models have been presented to investigate senor development schemes while considering the environmental factors that affect the sensor performance. Simulation studies have been carried out using the OPNET to verify the theoretical analysis and to find an optimal node deployment scheme that is robust and efficient by incorporating geographical coordination in the design. Measures such as adding camera and range-extended antenna to each node have been investigated to improve the system performance. A prototype WSN based surveillance system has been developed to verify the proposed approach

SUTMS - Unified Threat Management Framework for Home Networks

Home networks were initially designed for web browsing and non-business critical applications. As infrastructure improved, internet broadband costs decreased, and home internet usage transferred to e-commerce and business-critical applications. Today’s home computers host personnel identifiable information and financial data and act as a bridge to corporate networks via remote access technologies like VPN. The expansion of remote work and the transition to cloud computing have broadened the attack surface for potential threats. Home networks have become the extension of critical networks and services, hackers can get access to corporate data by compromising devices attacked to broad- band routers. All these challenges depict the importance of home-based Unified Threat Management (UTM) systems. There is a need of unified threat management framework that is developed specifically for home and small networks to address emerging security challenges. In this research, the proposed Smart Unified Threat Management (SUTMS) framework serves as a comprehensive solution for implementing home network security, incorporating firewall, anti-bot, intrusion detection, and anomaly detection engines into a unified system. SUTMS is able to provide 99.99% accuracy with 56.83% memory improvements. IPS stands out as the most resource-intensive UTM service, SUTMS successfully reduces the performance overhead of IDS by integrating it with the flow detection mod- ule. The artifact employs flow analysis to identify network anomalies and categorizes encrypted traffic according to its abnormalities. SUTMS can be scaled by introducing optional functions, i.e., routing and smart logging (utilizing Apriori algorithms). The research also tackles one of the limitations identified by SUTMS through the introduction of a second artifact called Secure Centralized Management System (SCMS). SCMS is a lightweight asset management platform with built-in security intelligence that can seamlessly integrate with a cloud for real-time updates

A Study of Automotive Security : CAN Bus Intrusion detection Systems, Attack Surface, and Regulations

The innovation in the automotive sector enhanced the technology implemented in vehicles by the manufacturers. Consequently, the overall driving experience improved, thanks to the introduction of better safety, utility, and entertainment systems. Moreover, automobiles began collecting and exchanging data with the external world through different communication protocols. However, these additions have started to attract attention from security experts. More importantly, malevolent attackers have exploited the technologies and their related attack points to carry out malicious activities to cause data security and safety issues. These issues have led to establishing standards and regulations (ISO 21434, UNECE 155, etc.) that redefine vehicle design and development by incorporating security protocols and requirements necessary to create secure automobiles. However, these documents analyze the problem at a high level and do not dwell on practical solutions implementation analysis. This work presents an in-depth study of in-vehicle communication concerns via Controller Area Network (CAN) bus safety problems analysis with different proposed solutions. Specifically, a survey of Intrusion Detection Systems developed in the literature is brought up: simulation of three CAN bus intrusion detection systems against various attacks. The results show effectiveness against disruptive attacks, i.e., with numerous messages sent in a short period of time, but conversely have difficulty detecting more targeted attacks with few transmitted packets. The solutions analysis is an excellent starting point for security engineers to be able to develop Intrusion Detection Systems for the CAN bus capable of detecting attacks that will become increasingly complex and difficult to counter over time

Many-objective optimization-based intrusion detection for in-vehicle network security

In-vehicle network security plays a vital role in ensuring the secure information transfer between vehicle and Internet. And existing research is still facing great difficulties in balancing the conflicting factors for the in-vehicle network security and hence to improve intrusion detection performance. To challenge this issue, we construct a many-objective intrusion detection model by including information entropy, accuracy, false positive rate and response time of anomaly detection as the four objectives, which represent the key factors influencing intrusion detection performance. We then design an improved intrusion detection algorithm based on many-objective optimization to optimize the detection model parameters. The designed algorithm has double evolutionary selections. Specifically, an improved differential evolutionary operator produces new offspring of the internal population, and a spherical pruning mechanism selects the excellent internal solutions to form the selected pool of the external archive. The second evolutionary selection then produces new offspring of the archive, and an archive selection mechanism of the external archive selects and stores the optimal solutions in the whole detection process. An experiment is performed using a real-world in-vehicle network data set to verify the performance of our proposed model and algorithm. Experimental results obtained demonstrate that our algorithm can respond quickly to attacks and achieve high entropy and detection accuracy as well as very low false positive rate with a good trade-off in the conflicting objective landscape

Secure Authentication and Privacy-Preserving Techniques in Vehicular Ad-hoc NETworks (VANETs)

In the last decade, there has been growing interest in Vehicular Ad Hoc NETworks (VANETs). Today car manufacturers have already started to equip vehicles with sophisticated sensors that can provide many assistive features such as front collision avoidance, automatic lane tracking, partial autonomous driving, suggestive lane changing, and so on. Such technological advancements are enabling the adoption of VANETs not only to provide safer and more comfortable driving experience but also provide many other useful services to the driver as well as passengers of a vehicle. However, privacy, authentication and secure message dissemination are some of the main issues that need to be thoroughly addressed and solved for the widespread adoption/deployment of VANETs. Given the importance of these issues, researchers have spent a lot of effort in these areas over the last decade. We present an overview of the following issues that arise in VANETs: privacy, authentication, and secure message dissemination. Then we present a comprehensive review of various solutions proposed in the last 10 years which address these issues. Our survey sheds light on some open issues that need to be addressed in the future

Security and Privacy for Modern Wireless Communication Systems

The aim of this reprint focuses on the latest protocol research, software/hardware development and implementation, and system architecture design in addressing emerging security and privacy issues for modern wireless communication networks. Relevant topics include, but are not limited to, the following: deep-learning-based security and privacy design; covert communications; information-theoretical foundations for advanced security and privacy techniques; lightweight cryptography for power constrained networks; physical layer key generation; prototypes and testbeds for security and privacy solutions; encryption and decryption algorithm for low-latency constrained networks; security protocols for modern wireless communication networks; network intrusion detection; physical layer design with security consideration; anonymity in data transmission; vulnerabilities in security and privacy in modern wireless communication networks; challenges of security and privacy in node–edge–cloud computation; security and privacy design for low-power wide-area IoT networks; security and privacy design for vehicle networks; security and privacy design for underwater communications networks

Cyberattacks and Countermeasures For In-Vehicle Networks

As connectivity between and within vehicles increases, so does concern about safety and security. Various automotive serial protocols are used inside vehicles such as Controller Area Network (CAN), Local Interconnect Network (LIN) and FlexRay. CAN bus is the most used in-vehicle network protocol to support exchange of vehicle parameters between Electronic Control Units (ECUs). This protocol lacks security mechanisms by design and is therefore vulnerable to various attacks. Furthermore, connectivity of vehicles has made the CAN bus not only vulnerable from within the vehicle but also from outside. With the rise of connected cars, more entry points and interfaces have been introduced on board vehicles, thereby also leading to a wider potential attack surface. Existing security mechanisms focus on the use of encryption, authentication and vehicle Intrusion Detection Systems (IDS), which operate under various constrains such as low bandwidth, small frame size (e.g. in the CAN protocol), limited availability of computational resources and real-time sensitivity. We survey In-Vehicle Network (IVN) attacks which have been grouped under: direct interfaces-initiated attacks, telematics and infotainment-initiated attacks, and sensor-initiated attacks. We survey and classify current cryptographic and IDS approaches and compare these approaches based on criteria such as real time constrains, types of hardware used, changes in CAN bus behaviour, types of attack mitigation and software/ hardware used to validate these approaches. We conclude with potential mitigation strategies and research challenges for the future