In-vehicle CAN message authentication: An evaluation based on industrial criteria

Paper in proceeding, 2017

Vehicles have evolved from mostly mechanical machines into devices controlled by an internal computer network consisting of more than 100 interconnected Electronic Control Units (ECUs). Moreover, modern vehicles communicate with external devices to enable new features, but these new communication facilities also expose safety-critical functions to security threats. As the most prevalent automotive bus, the Controller Area Network (CAN) bus is a prime target for attacks. Even though the computer security community has proposed several message authentication solutions to alleviate those threats, such solutions have not yet been widely adopted by the automotive industry. We have identified the most promising CAN message authentication solutions and provide a comprehensive overview of them. In order to investigate the lack of adoption of such solutions, we, together with industry experts, have identified five general requirements they must fulfill in order to be considered viable in industry. Based on those requirements, we analyze and evaluate the identified authentication solutions. We find that none of them meet all the requirements, and that backward compatibility and acceptable overhead are the biggest obstacles.