Malicious CAN-message attack against advanced driving assistant system

摘要

Along with the progress of connected vehicles, cyber-attacks exploiting the vulnerability of vehicle network have been reported in research papers. Against threat of such attacks, there have been proposed various countermeasures such as disturbing the malicious message by utilizing the transmission period, or invalidating the received message by checking the Message Authentication Code (MAC). In addition, the security of sensor of vehicle is also attracted with the rapid development of autonomous vehicle technique. In this paper, we studied the vulnerability of Advanced Driving Assistance System (ADAS) widely mounted on recent vehicles. In our experiments, the emergency brake system is activated easier than the normal brake system (parking brake, brake pedal) by sending the fake ADAS-ECU message from the ODB-II port. The previously proposed countermeasures utilizing the message transmission period is difficult to apply in the emergency, since the control-message-interval deviates from the normal transmission cycle. Moreover, the ADAS system is invalidated by deceiving other ECUs and range-finding sensors. We focus on checksum included in the current data field separately from CRC field of CAN message and suggest the MAC scheme without a greatly changing the existing vehicle infrastructure. The robustness on the emergency, the amount of payload increased, and the possibility of spoofing attack is investigated.