Vulnerability of FlexRay and Countermeasures

Authors Abstract
The importance of in-vehicle network security has increased with an increase in automated and connected vehicles. Hence, many attacks and countermeasures have been proposed to secure the controller area network (CAN), which is an existent in-vehicle network protocol. At the same time, new protocols-such as FlexRay and Ethernet-which are faster and more reliable than CAN have also been proposed. European OEMs have adopted FlexRay as a control network that can perform the fundamental functions of a vehicle. However, there are few studies regarding FlexRay security. In particular, studies on attacks against FlexRay are limited to theoretical studies or simulation-based experiments. Hence, the vulnerability of FlexRay is unclear. Understanding this vulnerability is necessary for the application of countermeasures and improving the security of future vehicles.
In this article, we highlight the vulnerability of FlexRay found in the experiments conducted on a real FlexRay network. Consequently, we clarify the conditions under which attackers masquerade as legitimate electronic control units (ECUs) and transmit spoofed FlexRay frames. We also confirm that a consumer vehicle’s functions such as steering, braking, and acceleration can be controlled maliciously using spoofing attacks. Furthermore, we discuss countermeasures against spoofing attacks on FlexRay networks.
Meta TagsDetails
Kishikawa, T., Hirano, R., Ujiie, Y., Haga, T. et al., "Vulnerability of FlexRay and Countermeasures," SAE Int. J. Transp. Cyber. & Privacy. 2(1):21-33, 2019,
Additional Details
May 23, 2019
Product Code
Content Type
Journal Article