The current advancement in Connected Autonomous Vehicles (CAVs) made the safety and security of these vehicles a key factor for manufacturers as any malfunction or attack could lead to severe consequences for the driver, passengers, or others outside of the vehicle. There are several types of cyber attacks frequently performed on vehicles, which can be classified according to their type and entry points.
Entry point levels of cyber attacks in the automotive domain
Cybersecurity for automotive is related to the protection of its electronic systems, communication networks, algorithms, software, hardware, and data. The objective is to guard against malicious attacks, unauthorized access, and any unwanted manipulation. There are different entry points for attackers in CAVs, which can be classified in six levels from 0 to 5.
Cyber attack entry point levels
- Level 0 – Sensor interaction & driver interaction
- Level 1 – Controls
- Level 2 – Interfaces
- Level 3 – Applications
- Level 4 – Communication channels
- Level 5 – Cloak & dagger
Level 0: It involves interactions between sensors and drivers. Some example potential entry points are communication interfaces, debug interfaces, memory chips, etc. Also, the physical equipment making up the car itself, such as the car doors, windows, trunk, and so on, are within the scope of level 0.
Level 1: It looks at controls such as those in drive control, process control, safety controls, and more for this level, including door control, light control, climate control, Anti-lock Braking System (ABS), Supplemental Restraint System (SRS), and Emergency Brake Assist (EBA), which are some potential entry points.
Level 2: It looks at interfaces, such as the infotainment system, which communicates with levels 0-1. They could be third-party applications, such as Apple’s Carplay and Android Auto, which are the main entry points. The infotainment system could also provide direct access to the CAN bus, which makes it vulnerable to attacks.
Level 3: It assesses applications on both mobile and infotainment system interfaces. Some potential entry points are peripherals and connected devices, such as rear-seat entertainment (which are vulnerable to Android hacks for instance).
Level 4: Technologies that leverage communication channels, such as those found in wireless entry points, belong to this level. Attackers in this level look at onboard Wi-Fi within the car, GPS, LIDAR, RADAR, and other network communication capacities as the entry points.
Level 5: Attacks and entry points in this level fall under the cloak and dagger methodology, which deals with mismatched permission issues to access certain features on the Android devices.
Every mentioned level as the potential entry point is subjected to several types of attacks such as physical, network, sensors, software attacks, etc. In this blog, we only cover the first two types, which are physical and network attacks.
Hackers use the vulnerabilities that exist in some versions of Android devices to launch undetectable attacks. Passwords, PINS, and all permissions could be captured to leave behind almost no traceable attack.
Cyber attacks
Physical attacks usually include hardware modification, node replication, physical damage, and side channel attacks. Hardware hacking and modification involves attacking the physical infrastructure of a computer and occurs at the lowest level of the vehicle. Hardware hacking may be the result of replacing, removing, or replicating components of hardware systems within a car. Replication of the physical hardware itself is called node replication. It occurs when an attacker can harm the functionality of a network or communication device by injecting a clone or replica into the environment. This type of attack may be done via a network where a car is considered a node. Attackers could damage vehicle components or even the vehicle itself in a physical damage attack scenario. Damaging headlights, locks, or components that may be responsible for the power windows in a vehicle are just a few possibilities. Finally, there is one type of attack, which is based on the information gained from the implementation of a computer system. A vehicle may be sold to a third party (such as registered dealer), so data may be wiped or left on components of the car, which could serve as potential information disclosure vulnerabilities, privacy, and sensitive user data.
CAVs have several communication network architectures with other entities, which are FlexRay, Controller Area Network (CAN), Local Interconnect Network (LIN), and Ethernet. Real-time safety-critical applications are using FlexRay to establish communication. It is subjected to standard attacks, such as spoofing, where an attacker can create and inject requests.
Spoofing is defined as an email sent from a false sender address that asks the recipient to provide sensitive data. One of the most common attacks is the replacement of an authorized ECU program with unauthorized and malicious programs, connecting to the CAN bus using an unauthorized device. A malicious invasion may cause the Denial of Service (DoS) attack and create messages with ID 0, which are of the highest priority, which causes the CAN bus to become unusable.
LIN network is used to facilitate the intercommunication of the ECU, which is used to control lights, engines, air conditioning, steering wheels, seats, and doors. After CAN, it is the highest venue subject to exploitation by malicious agents. Among the threats to LIN, the most frequent and common are Message Spoofing (criminals send messages with inaccurate information, so that vehicle communications are stopped), Response Collision (take advantage of the error-handling mechanism of the LIN), and Header Collision attacks (an attacker sends a fake header to collide with a legitimate header). Ethernet interfaces in CAVs interact similarly to the way Ethernet would react in a traditional computer network. It has a variety of attack vectors, from unused ports, MAC spoofing, and bandwidth abuse, to the more sophisticated, such as TCP hijacking, etc.
