Connected and Autonomous Vehicle Cybersecurity Sensor Attacks

USB ports themselves are not inherently at risk, however, they are a potential weak spot that may allow for a direct connection between vehicles and its subsystems, thus providing an increase in attack surface. They are capable of automatically running applications when inserted into a vehicle port. This means any USB can impersonate other devices or even install new drivers. Currently, USBs are being used by industrial enterprises. Why use USBs? USBs are simple to use, uncomplicated in nature, and run automatically since not all sites within the vehicle are connected. Additionally, using a USB might be the only way for some vendors to get updates.

Due to the proprietary nature of each car manufacturer, it has become increasingly difficult for security providers to verify the information because of the wide variance in vehicle architecture and systems. The USB input may allow already infected or compromised devices to connect to the vehicle through capabilities that were meant to improve accessibility and interoperability of a vehicle. The integration of external storage such as USB flash drive, SD, external drives, the charging of mobile devices, and Bluetooth are potential inputs that could increase the area of an attack. These areas will be assessed separately under wireless network attacks in the next newsletter.

The LiDAR, which stands for Light Detection and Ranging, is an active remote sensing system that uses light waves. It uses a laser pulse to measure the distance to the objects by measuring the flight time of the laser pulses transmitted to and reflected from the object surface. This technology is useful for circumventing potential weather scenarios and conditions. Typical uses for LiDAR default to the use of collision avoidance, adaptive cruise control, object recognition, among others.

Typical attacks work via three scenarios in which an attack may be created by “an adversarial car”, “a threat actor doing maintenance work on a car”, or “via infrastructure along the sides of roads”. Typical attacks on these systems look at fooling the algorithms which intake the data from the LiDAR. Additional attacks may be simulated through the denial of service utilizing a car’s precious computing power which causes a data delay capable of rendering the data provided irrelevant. Typical spoofing attacks continue to be an issue with LiDAR and can provide misinformation. An attacker can fool the LiDAR to see nonexistent obstacles. However, this type of attack is very difficult due to the precise time at which the laser pulses at the target LiDAR down to nanosecond-level accuracy.

CDs are inherently used as a method for storing data. Unlike USB ports, the CD itself can be a potential attack vector. In one case, threat actors were able to encode a CD with dangerous unique messages. As a result, codes were sent to the vehicles CAN bus which accessed the vehicle and executed indirect commands on particular ECUs. As vehicles manufacturing practices move away from CD to USB; the attack surface decreases. However, security programs and defences should be cognizant of legacy vehicles that may play DVDs, Blue Ray, CD, and various other disc images. Practices like bootstrapping give cyberattackers another potential way to install software automatically which in-turn may affect the vehicle itself.

On-Board Diagnostics (OBD) interfaces are computer input controls that allow the diagnostics of vehicle components which understand and monitor the performance of a vehicle. They are used to determine error codes and provide key vehicle insights based on interactions with internal components. However, they are a gateway to a vehicle’s internal network that allows for unauthorized access. If a would-be attacker knew a specific message pattern, it would be easy to gain control of the vehicle. Currently, ECUs are unable to verify messages being sent through the OBD channel. By exposing a car’s hidden codes, an attacker may generate error codes, send, and inject additional information into a car that could send false information.

Radar, which stands for Radio Detection and Ranging, is another active remote sensing system that uses radio waves (longer wavelength compares to LiDAR). It uses pulses of radio waves to measure the change in phase between the pulse and the echo, effectively measuring velocity. It is commonly used by law enforcement when detecting moving objects. It is the most cost-effective technology being used in collision avoidance, pedestrian detection, and autonomous driving systems. Typical attacks include jammed sensors or denial of service, spoofing, and interference. These types of attacks are similar in nature to LiDAR. In both instances, these attacks have adverse effects on information confidentiality of those sending the data.

The CAN bus is a design that allows microcontrollers and devices to communicate with each other. The CAN bus has been widely integrated due to its fault tolerance in electrically noisy environments such as vehicles where feedback is a consideration. In this instance, the CAN bus is critical to the operations of a modern vehicle. One of the most critical sensors within a vehicle is the CAN bus. It presents itself as a promising target for staging and carrying out attacks against systems that communicate through this sensor. The attack surface itself may directly influence the safety of a person, the data traversing the internal network, as well as potential data that leaves the vehicle in communications with other network devices or assets. Attacks on these devices may include signal injection, physical disruption to the device, spoofing, jamming, and replay attacks among other attacks. The implications of attacking these sensors provide hackers with the potential to cause harm to a human and potentially release information about a car itself.