Insights / Blog

CAV Defense Mechanisms and Security Vulnerabilities

By

on

QAC EmTech
QAC Emerging Technologies Quality Assurance

This monthly newsletter will focus on QAC’s activities regarding R&D, Connected Vehicles, Cognitive Autonomous Systems, Artificial Intelligence, Internet of Things, and Blockchain Quality Assurance Services.

FOCUSED ON THE FUTURE

Leading the way

Welcome to the eleventh edition of the EmTech newsletter. In this edition, we’ll be sharing more about state-of-the-art of automotive cybersecurity. In previous newsletters, we talked about software attacks and the attacks conducted through wireless communications as a part of network attacks. This newsletter will focus on the defense mechanisms available to address security vulnerabilities and prevent CAV exploitation.

Welcome to our 11th edition of our EmTech Quality Assurance Newsletter

Keeping you informed

 

Our emerging technologies quality assurance workstreams

R&D and Grant Projects

Research and development of new technologies that position QAC to become a world leader in quality assurance services.

Connected Vehicles

Testing and Quality Assurance services exclusively developed to provide integration testing services for highly connected vehicles.

Cognitive Autonomous Systems

Fully automation of testing and quality Assurance services exclusively developed for Cognitive Autonomous Systems

Cybersecurity, IoT, AI, and Blockchain

Focus on developing new technologies that utilizes AI to address QA challenges on Cybersecurity, IoT, and Blockchain domains

Defence mechanisms

Due to the nature and complexity of CAV systems, there are several entry points and types of attacks that could disrupt a vehicle’s performance and safety. In recent years, there have been developments through various means for defending a vehicle against vulnerabilities and attacks. Defense mechanisms can be categorized into three groups such as Authentication and Encryption, Malware and Intrusion Detection, and Software Vulnerability. These groupings help sort defense mechanisms by the phase in which they are used. Authentication and Encryption group provides a means to secure communication between ECUs and other connected devices.

Methods or systems to detect the presence of malware of intrusion from an illegitimate source fall under the Malware and Intrusion detection group. Lastly, the grouping for Software Vulnerability Analysis focuses on methods to identify vulnerabilities in the code being developed for a V2X environment.The overall purpose and focus for each of these grouping is presented in their following respective subsections, along with one detailed sample study to help ground the topic.

Authentication and encryption

Authentication and encryption are both critical components for any communication channels to be secure. Authentication mechanisms involve the process to verify the identity of an entity. Encryption mechanisms provide a means to securely communicate over a channel and assist in preventing unauthorized access. In the digital age where cyber-attacks are on the rise, CAVs must leverage these components to mitigate against the vulnerabilities of an unsecured communication channel. CAVs have their own unique requirements and limitations that restrict the ability to implement the existing authentication and encryption mechanisms used in other industries.

With CAVs, where low latency is a critical requirement, time and overhead complexity are a primary challenge. Development of a decentralized hash function method is one solution that provide a lightweight authentication mechanism for vehicles. Another solution is to use of ad-hoc networks and group keys to securely exchange keys at regular intervals in a symmetric key encryption mechanism called GKMPAN. Symmetric keys, in which the key is to decrypt a message, is the same for both parties. This method has less overhead than asymmetric keys due to the reduced computational complexity. However, the use of asymmetric keys, in which each party has their own set of public and private keys, is also explored for autonomous vehicles. Asymmetric encryption to represent all client and server connections can also be utilized in Peer-to-Peer Anonymous Authentication (PPAA). The balance between low overhead and secure communication is an on-going challenge for CAVs, as the algorithm must maintain a highly reactive system response rate while ensuring communication is protected from sniffing or spoofing.

Sample Study

A popular authentication defense mechanism, Secure Credential Management System (SCMS), is a concept that leveraged by a few organizations to provide a large-scale public key infrastructure (PKI) solution for the connected vehicle space. Escrypt an IT solutions company, released a white paper outlining the details of their SCMS implementation for establishing a Secure V2X Connected Vehicle Transponder System for Vehicle Prioritization”. The solution is based on the Elliptic-Curve Cryptography algorithm with the intention of producing small digital signatures. The design integrates the use of several actors and components to develop a distributed management system. As with most PKI environments, the trust chain is established through Root Management, and passed down using intermediary certificate authorities for local management. The enrolment process is completed during the vehicle manufacturing process, using pseudonym issuing of certificates. The pseudonym issuing splits the certificate generation process between four entities so that no one entity can disclose the full details of each certificate being issued. These entities are: Registration Authority, Pseudonym CA, Linkage Authorities, and Location Obscurer Proxy. A method also exists for misbehaviour detection through which certificates can be added to a certificate revocation list. Overall, the solution provides a system through which devices can be provided certificates to prove their identity or role. Using this method, the company hopes to securely be able to implement a vehicle prioritization scheme for a future connected vehicle landscape.

Malware and intrusion detection

Although authentication and encryption systems deter attacks, they cannot be the sole defense mechanism to securely protect any system. Detection of attacks is another critical layer of defense to protect vehicular networks from attacks. Research under detection of attacks can be observed under two sub-groupings: intrusion detection which focuses on the network aspect, and malware detection which focus on the executable and file systems.

The Intrusion Detection Systems is proposed in many papers as an ideal method to detect attacks. Some research proposed utilize signature-based detection which often falls short when identifying new attacks. Therefore, several studies propose the utilization of anomaly-based intrusion detection systems. In anomaly detection, the intrusion detection system (IDS) can reside on the vehicular network, for example CAN, and observe traffic to baseline regular traffic, and detect any anomalous activity. Machine Learning algorithms provide a proven method to help classify the traffic and attacks. In contrast to identifying attacks on the networks, an alternative method is to detect potential attacks through unwanted malware by scanning file systems for new executables that may be malicious. The focus in research suggests malware detection may be an effective way to mitigate attacks that initiate from within the vehicles through malicious files.

Sample Study

In the paper, “Tree-based intelligent intrusion detection system in internet of vehicles”, Yang et al, propose an intrusion detection system for connected vehicles using a tree-based machine learning algorithm. The study focused on machine learning to address the detection of attacks as a multi-classification problem. To establish a baseline, the machine learning algorithm is trained by observing normal network operations. In the proposed design, this is accomplished by detecting traffic on multiple segments of the vehicle, including CAN external inputs. To detect anomalies, after establishing the baseline, multiple tree structure algorithms, such as decision tree, random forest, extra trees, and XGBoost are compared As an additional step, the algorithm also leverages stacking methodology to build a stronger classifier. The algorithms are evaluated against two datasets: CAN-Intrusion and CICIDS2017 datasets. The first dataset provides data on attacks specifically against the CAN bus, whereas the latter contains a more robust and modern set of general network attacks. Through both datasets, the algorithms utilized are effectively able to classify normal operations versus attacks with an accuracy between 96 to 100 percent. Overall, the findings of the proposed system supported the usage of machine learning based IDS systems for detection of attacks on vehicular networks.

Software vulnerability analysis

Software vulnerability analysis is a unique defense approach, in that the technique attempts to identify vulnerabilities in the code prior to its use. Bringing security early in the development process through the Secure Software Development Life Cycle, ensures fewer threats to mitigate using other defense approaches. Research in this space is also unique in that, analysis of software vulnerabilities for CAVs share many similarities with techniques that would be used in software vulnerability in other industries. Most research can be broken into static, dynamic analysis, and general testing methodologies. The static and dynamic analysis approach has advantages and disadvantages. In static analysis, the code does not need to be executed to perform verification checks. Static analysis can leverage various techniques to detect vulnerabilities, including lexical, and data flow analysis. Dynamic analysis, on the other hand, requires the code to executed to determine errors. Fuzzing is a common technique used for dynamic analysis, where invalid data is sent to a program that interprets a response. Used in general practice, Software vulnerability analysis techniques can be applied to development in the connected vehicles space as well.

Sample Study

In the paper “Cyber Vulnerability Intelligence for Internet of Things Binary”, Lui et al. attempt to address automatic binary-level software vulnerability detection. The paper suggests machine learning, especially deep learning can be applied at the binary level to detect vulnerabilities and proposes an attention model to do so. In IoT devices, such as autonomous vehicles, the code provided is often closed source and so higher level analysis is made difficult. The attention model inspects the functions used against known databases, such as Common Vulnerabilities and Exposures (CVE) and National Vulnerability Database (NVD) to classify them into vulnerable or non-vulnerable as long as one vulnerability for said function is found. The model is then tested against real-world IoT experiments to identify vulnerabilities and resulted in 80% precision rate.

STAY TUNED

Coming next month

In our next edition, we will explore various Security Standards for the development of CAVs and the current best practices offered by the industry.

Our partners:

 

 

 

Recent thought leadership

[qac-carousel id=”20158″]