Vehicle Communications Network Is Due For Overhaul
By Ann Steffora-Mutschler, Semiconductor Engineering
The Controller Area Network (CAN), one of the main communications networks in an automobile, is headed for a security overhaul — if not a wholesale replacement.
Further, the CAN bus being 30 years old was never meant to be used in a system facing cybersecurity attacks. “There are plenty of reported vulnerabilities that leverage shortcoming of the CAN bus, the Jeep hack probably being the most famous,” said Sergio Marchese, technical marketing manager at OneSpin Solutions. “Some fundamental issues are that messages are visible to all the bus masters and peripherals and there are no provisions to ensure information confidentiality and authenticity. There can be mitigation countermeasures at the ECU level, for example, with IPs aiming at detecting and blocking suspicious bus traffic. Or they can use a hardware security module to encrypt and authenticate the messages that go on the bus.”