CAN Openers: Security issues in IoT

The Controller Area Network (CAN) is a robust vehicle communication protocol that has facilitated seamless communication between Electronic Control Units (ECUs) for decades.

However, as vehicles become more connected and autonomous, securing these systems has become increasingly critical. Let’s take a dive into the vulnerabilities of CAN:

Vulnerabilities in CAN

  • Lack of Built-in Security
    When Bosch developed CAN in the 1980s, security was not a priority. The protocol was designed for reliability and speed, not for external threats. As a result, CAN lacks encryption, authentication, or message validation mechanisms.

  • Broadcast Communication
    CAN operates as a broadcast network, meaning messages are sent to all nodes on the bus. While this enables simple communication, it means any compromised device can inject malicious messages, causing malfunctions or data leaks.

  • Physical Access Equals Control
    Gaining physical or remote wireless access to the CAN bus via an On-Board Diagnostics (OBD-II) port allows attackers to manipulate ECUs. This can include altering engine performance, disabling brakes, or shutting off safety systems.

  • Susceptibility to Replay and Injection Attacks
    CAN messages do not carry timestamps or sequence numbers, making them vulnerable to replay attacks, where old commands are retransmitted. Injection attacks, where unauthorized messages are introduced, can mimic legitimate ECU signals.

  • Limited Fault Isolation
    A single malfunctioning ECU can flood the CAN network with error frames, overwhelming the bus and potentially leading to system-wide failures.

Securing CAN Systems

  1. Firewalls and Gateways: Segregate CAN networks into smaller segments to restrict unauthorized access.
  2. Tamper-Proof ECUs: Use ECUs with cryptographic capabilities to authenticate communication.
  3. Intrusion Detection Systems (IDS): Monitor CAN traffic for anomalies, unexpected patterns or repeated error frames.
  4. Message Authentication: Introduce security layers that validate message origins, such as cryptographic message authentication codes (MACs).
  5. CAN FD (Flexible Data Rate) provides better throughput and adaptability for encryption schemes.
  6. Ethernet backbones for secure, high-speed communication while relegating CAN to subsystem-specific tasks.
  7. Over-the-Air Updates
    Regular firmware updates for ECUs can address emerging vulnerabilities, provided they are securely deployed and authenticated.

Real-World Implications

Several high-profile demonstrations exposed CAN’s vulnerabilities:. In 2015 cybersecurity researchers remotely hijacked a Jeep Cherokee, cutting its transmission and disabling its brakes.

In fleet management systems, attackers have exploited CAN weaknesses to falsify location data or interfere with vehicle telemetry. Insurance industry

Sources and Citations

Parts in this series:

  1. CAN Bus Basics
  2. Understanding the OBD-II Port
  3. Challenges and Security in CAN Networks
  4. CAN in EVs
  5. Future Trends in connected Mobility

Ready to discuss your IoT project?

Let our engineers offer you quality technology consulting services.

Sign up for a free consultation.