by SAE International in United States
Designers of automotive systems find themselves pulled in an impossible number of directions. Systems must use the most advanced security features, but at the same time run on low-cost and resource-constrained hardware. Ultimately, an engineering trade-off will eventually be made regarding how encryption and key management is used on these systems, potentially leaving them vulnerable to attack. In this paper, we detail the applicability of side-channel power analysis and fault injection on automotive electronic systems, showing how these dangerous techniques can be used to break an otherwise secure system. We build a small example network using AES-CCM to implement an encrypted, authenticated CAN protocol. We demonstrate how open-source hardware and software can easily recover the encryption keys from some of these nodes with side-channel power analysis, and we recover a full firmware image from one device with a fault-injection attack using the same tools. We also discuss how these attacks can be improved to bypass some common countermeasures and be applied against devices in the real world, bypassing security on in-vehicle communication or over-the-air firmware…
This content contains downloadable datasets
Annotation ability available
A list of downloadable items.
Please Wait. Loading Available Formats...
This modal will allow the user to download citation information or export specific fields of data into one of three file formats: Excel, comma-separated values, or text.
Sorry, this document is already saved to a project folder.
Share this content via social media.
Share Via Email
Email sent successfully!
Use this modal to save a search.
The current search and criteria have already been saved. Please modify your criteria to save as a new search.
Request Sent successfully!
Search Tips: Search Operators:AND, OR, NOT; Wild Cards; Using Quotes
SAE MOBILUS® Search Tips
Please note: All terms not contained within quotes, will be evaluated using the OR operator. This means that your search results will contain all results that contain ANY of the entered terms.
AND, OR, NOT
SAE MOBILUS supports the use of the AND, OR and NOT BOOLEAN operators ONLY function with the Advanced Search.
Using the asterisk, ( * ) allows you to search for a partial word. For example, entering a keyword search of aero* will search for any word beginning with aero.
Using the question mark, ( ? ) allows you to search for a word with a single character wildcard. For example, searching for t?re would match both tire and tyre
Words in double quotes " " are treated as a phrase. Conducting a search for "heat model" will return all results in which the exact phrase "heat model" is found, while "heat modeling" would NOT be included.
A term combined with a phrase will be joined with an OR operator.
Searching for Standards
When searching for a standard please use the entire Document Number assigned, which includes the abbreviation. A space can be used, or omitted between the abbreviation and number.