A First Simulation of Attacks in the Automotive Network Communications Protocol FlexRay

Paper in proceeding, 2008

The automotive industry has over the last decade gradually replaced mechanical parts with electronics and software solutions. Modern vehicles contain a number of electronic control units (ECUs), which are connected in an in-vehicle network and provide various vehicle functionalities. The next generation automotive network communications protocol FlexRay has been developed to meet the future demands of automotive networking and can replace the existing CAN protocol. Moreover, the upcoming trend of ubiquitous vehicle communication in terms of vehicle-to-vehicle and vehicle-to-infrastructure communication introduces an entry point to the previously isolated in-vehicle network. Consequently, the in-vehicle network is exposed to a whole new range of threats known as cyber attacks. In this paper, we have analyzed the FlexRay protocol specification and evaluated the ability of the FlexRay protocol to withstand cyber attacks. We have simulated a set of plausible attacks targeting the ECUs on a FlexRay bus. From the results, we conclude that the FlexRay protocol lacks sufficient protection against the executed attacks, and we therefore argue that future versions of the specification should include security protection.