This content is not included in your SAE MOBILUS subscription, or you are not logged in.

Securing the On-Board Diagnostics Port (OBD-II) in Vehicles

Journal Article
11-02-02-0009
ISSN: 2572-1046, e-ISSN: 2572-1054
Published August 18, 2020 by SAE International in United States
Securing the On-Board Diagnostics Port (OBD-II) in Vehicles
Sector:
Citation: Ammar, M., Janjua, H., Thangarajan, A., Crispo, B. et al., "Securing the On-Board Diagnostics Port (OBD-II) in Vehicles," SAE Int. J. Transp. Cyber. & Privacy 2(2):2020, https://doi.org/10.4271/11-02-02-0009.
Language: English

Abstract:

Modern vehicles integrate Internet of Things (IoT) components to bring value-added services to both drivers and passengers. These components communicate with the external world through different types of interfaces including the on-board diagnostics (OBD-II) port, a mandatory interface in all vehicles in the United States and Europe. While this transformation has driven significant advancements in efficiency and safety, it has also opened a door to a wide variety of cyberattacks, as the architectures of vehicles were never designed with external connectivity in mind, and accordingly, security has never been pivotal in the design. As standardized, the OBD-II port allows not only direct access to the internal network of the vehicle but also installing software on the Electronic Control Units (ECUs). While this privilege, historically, is achieved through physical access on the underlying port using a dedicated tool, remote access is recently supported in many modern vehicles, i.e., self-driving ones, and via OBD-II dongles, making the OBD-II port the most significant automotive interface that has to be secured.
Motivated by various recent attacks and vulnerability analyses of OBD-II, this paper tackles the problem of lack of security in OBD-II by proposing a novel end-to-end role-based access control (RBAC) mechanism that would prevent unauthorized access to any of the vehicle functionality through existing vulnerable OBD-II ports. The proposed solution is AUTOSAR compliant and architecture independent, and does not require modifying any hardware inside the vehicle. Accordingly, it applies to the millions of current on-road vehicles. Furthermore, while physical attacks are not avoidable, they are not scalable, considering our approach, and only affect the attacked vehicle. We provide a proof of concept implementation and evaluation of the proposed solution, showing its robustness and efficiency.