Skip to content

Automotive Security

Vehicles are getting smarter every year more functionalities are being added in the context of comfort and safety and driving assistance. The game took a steep curve back in 1983 when BOSCH introduced CAN bus protocol which drastically decreased the usage of wires for communication.

Later, many flavors of CAN were introduced in the market where some certain functionalities were improved over the years. Now-a-days many cars around the globe use these protocols like CAN, CAN-FD, LIN, MOST, etc.

The approachability of a vehicle from outside also significantly raises the risk of malicious attacks. Outside attacks (e.g. via mobile phone, Bluetooth or Wi-Fi). Automakers therefore need to ensure that information is concocted securely and protected against external access and manipulation.

Computer attacks are now a clear and present threat for car drivers, owners, dealers, manufacturers, and even suppliers. Increased automation, vehicle-to-vehicle, and vehicle-to-infrastructure communications and advancements in autonomous driving will fire up computer security and data privacy to authenticity and safety as foundations for consumer reliance and advancing in the automotive industry.

CAN

Controller area network (CAN) is a broadcast protocol used in a vehicle for effective and reliable communication between the ECUs of a vehicle. This is avidly used to control the transmission, ABS, airbags, steering, windows, etc.

In terms of CAN protocol, all the ECU's are masters can request for data, broadcast and receive data. It is more like a common bus fed with all the data that the ECU's are capable of receiving.

CAN protocol runs over two wires: CAN-H and CAN-L. It works on the method of differential signaling and bitwise arbitration to identify the priority of the message.

Let's talk about the CAN data format.

img

  • Identifier extension (IDE): this bit is always 0 for standard CAN.
  • Data frame: this consists of the data which is to be transferred.
  • Remote (request) frame: this is used when an ECU requests for information.
  • Error frame: this frame will be written to specify an error.
  • Arbitration ID: this provides a unique id for each node in the bus.
  • Data length code: represents number of bytes of data.

OBD-II

On-board Diagnostic (OBD) is used to find faulty portions of vehicles, this diagnostic system helps to identify and fix (sometimes) the malfunctioning part without tearing down car apart.

From 2008, it's mandatory that all the cars in the US must have an OBD2 port on them. This port also helps in communicating with a specific part in the vehicle with the additional support from UDS.

The OBD2 is a 16 pin connector which is powered by car’s battery mostly the pins 6 & 14 are can high and can low pins.

img