Your Selections

Karamba Security
Show Only


File Formats

Content Types








   This content is not included in your SAE MOBILUS subscription, or you are not logged in.

Optimizing CAN Bus Security with In-Place Cryptography

Karamba Security-Assaf Harel
University of Connecticut-Amir Hezberg
Published 2019-01-16 by SAE International in United States
Today’s vehicles rely on multiple interconnected networks of Electronic Control Units (ECUs) that govern almost every automotive function - from engine timing and traction control to side-mirror adjustment and GPS. In-vehicle networks used for inter-ECU communication, most commonly the CAN bus, were not designed with cybersecurity in mind, and as a result, communication by corrupt devices connected to the bus is not authenticated.A multitude of attack vectors allow attackers to control a device on the bus; reports abound of successful hacking of vehicles, by exploiting vulnerable devices and by spoofing messages.Such remote-connectivity and physical-access exploit types must be prevented, to mitigate the threats of impersonation, eavesdropping, replay and reversing.We present the IVAS, In-Vehicle Authentication Scheme. IVAS is an in-place cryptographic scheme: the first CAN messaging solution to ensure both authentication and confidentiality without additional data such as authentication tags.When adequate encryption is used, an adversary’s chances of successfully injecting a spoofed message are equal to the chances for a random message. There is a need for a validation method that deterministically differentiates between random messages…
This content contains downloadable datasets
Annotation ability available
   This content is not included in your SAE MOBILUS subscription, or you are not logged in.

Mitigating Unknown Cybersecurity Threats in Performance Constrained Electronic Control Units

Karamba Security-Assaf Harel, Tal Ben David
DENSO Corporation-Ando Motonori, Egawa Masumi
Published 2018-04-03 by SAE International in United States
Externally-connected Electronic Control Units (ECUs) contain millions of lines of code, which may contain security vulnerabilities. Hackers may exploit these vulnerabilities to gain code execution privileges, which affect public safety. Traditional Cybersecurity solutions fall short in meeting automotive ECU constraints such as zero false positives, intermittent connectivity, and low performance impact. A desirable solution would be deterministic, require minimum resources, and protect against known and unknown security threats. We integrated Autonomous Security on a BeagleBone Black (BBB) system to evaluate the feasibility of mitigating Cybersecurity risks against potential threats. We identified key metrics that should be measured, such as level of security, ease of integration and system performance impact. In this paper, we describe the integration and evaluation process and present its results. We show that Autonomous Security can provide this protection with zero false-positives while meeting automotive constraints.
This content contains downloadable datasets
Annotation ability available