Intrusion Detection Systems (IDS): Finally for the Vehicles Part 2

by | August 22nd, 2016

In my last blog I discussed the issues with automotive security and what might be done to reduce vulnerabilities. In Part 2 I will take a closer look at a potential solution with an IDS that may be the answer. I mentioned that…”..the tool looks for anything unusual or an anomaly…”

Tool

With this level of technology, one may believe this apparatus would have a significant price. This is not the case with this equipment. The pieces were secured and comprised an Arduino Uno board, a CAN Bus shield, wiring, and some hardware (Greenberg, 2016). The total direct material cost for this was $50. At this price point, it would not be a massive cost for the automakers to incorporate this into the vehicle. With this equipment being mass produced, the direct material cost would only decrease further.

Potential Pitfalls

The researchers assuredly arrived at the new application for vehicle safety. This new view attacks the issue from an angle not previously explored. As noted, the previous attempts to date had a different function in mind, securing the vehicle by creating a faux wall, and working to keep everyone out. This new approach secures from the inside of the vehicle monitoring the components. This nuance shows the security aspect is still actively being researched and shifts in the industry are being nudged along.

There are however potential issues with this. If there were to be an effect on the system or change with the equipment communicating, the tool may not allow the communication with the vehicle and CAN Bus or network. This change could be manifested in the form of a portion of the memory becoming corrupted or the dead of winter in Michigan when the temperature is sub-zero for weeks or August above 100 degrees for weeks. These physical flaws and forces of nature may skew the recorded baseline signatures or the equipment pieces.

If this were to happen, the A/C, anti-lock brakes, or engine may not be able to communicate with the ECU or CAN Bus. This could prove to be disastrous if there were to be the pieces of equipment not being able to communicate the current conditions.

Conclusion

Vehicle info sec is difficult at best. The small teams of engineers embedded at the auto manufacturers have a mass amount of responsibility with securing the vehicle from a cyber-attack. This is compounded by new vehicle models, new technology, new communication channels being implemented, and deadlines. The attacks and exploits also are not merely regional, but have the ease of being done from around the world, dependent on the attack vector. This does however provide another avenue to attack the vehicle, driver, and remainder occupants.

The researchers from the University of Michigan-Ann Arbor have explored a novel and new method to protect everyone and the integrity of the vehicle. There are potential limitations, however this is clearly a step in the correct direction.

References

Cho, K.-T., & Shin, K.G. (2016). Fingerprinting electronic control units for vehicle intrusion detection. Retrieved from https://kabru.eecs.umich.edu/wordpress/wp-content/uploads/sec16-final165_final.pdf

Gray, P. (Producer). (2016, July 21). #419—Brian Krebs on future of bank cybercrime. Risky.biz [Audio Podcast]. Retrieved from http://risky.biz/RB419

Greenberg, A. (2016, July 14). Clever tool shields your car from hacks by watching its internal clocks. Retrieved form https://www.wired.com/2016/07/clever-tool-shields-car-hacks-watching-internal-clocks/

About Charles Parker, II

Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.

Mr. Parker has matriculated and attained the MBA, MSA, JD, LLM, and is in the final stage of the PhD in Information Assurance and Security (ABD) from Capella University. Mr. Parker’s areas of interest include cryptography, AV, and SCADA.