Dario Stabili*
With the advent of external connectivity in modern automobiles, security experts from academia and the business world grappled with the problem of external communication interfaces exposing internal networks used to control vehicle systems. With the introduction of cellular connectivity, proof-of-concept and demonstrations of remote takeover of the vehicle have been shown, raising awareness about the risks associated with the introduction of external connectivity on the vehicle system, despite the fact that these issues are thought to have little to no impact on the functioning of the vehicle itself due to their requirement of a physical connection. Security researchers demonstrated that a number of flaws in the Controller Area Network (CAN), one of the most widely used in-vehicle communication protocols, could be exploited in all of these remote attacks. In these works, the authors show how to put people inside and outside of modern vehicles in danger by using drive-by-wire features. Several researchers developed algorithms to prevent the injection of malicious CAN messages in order to address this issue. However, these solutions only focus on CAN communication and do not take into account all of the other subsystems that an attacker could use to hijack the vehicle system.
Partagez cet article