Skip to main content
SpringerLink
Log in
Book cover

International Conference on Network and System Security

NSS 2017: Network and System Security pp 73–86Cite as

Exploiting AUTOSAR Safety Mechanisms to Launch Security Attacks

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10394))

Abstract

Automotive Electronic Control Units (ECUs) rely on both hardware and software mechanisms to ensure safety is maintained in the face of hazards that result from both random and systematic failures. In the presence of a malicious attacker, these safety mechanisms can serve as attack vectors to launch Denial of Service (DoS) attacks. This can be achieved by disabling critical system functions through the malicious creation of safety relevant fault conditions. In this paper, we explore some of the exploitable safety mechanisms within the Automotive Open System Architecture (AUTOSAR), and we demonstrate two successful attacks on an authenticated CAN FD bus system by introducing safety critical failures.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Specification of Crypto Service Manager. AUTOSAR Release 4.2.2

    Google Scholar 

  2. Specification of Module Secure Onboard Communication. AUTOSAR Release 4.2.2

    Google Scholar 

  3. Specification of Operating System. AUTOSAR Release 4.2.2

    Google Scholar 

  4. Cho, K.T., Shin, K.G.: Error handling of in-vehicle networks makes them vulnerable. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 1044–1055. ACM (2016)

    Google Scholar 

  5. GbR, A.: Specification of sw-c end-to-end communication protection library

    Google Scholar 

  6. Glas, B., Gebauer, C., Hänger, J., Heyl, A., Klarmann, J., Kriso, S., Vembar, P., Wörz, P.: Automotive safety and security integration challenges. In: Automotive-Safety and Security, pp. 13–28 (2014)

    Google Scholar 

  7. Hartwich, F.: Can with flexible data-rate. In: Proceedings of iCC 2012. Citeseer (2012)

    Google Scholar 

  8. Herman, J.L., Kenna, C.J., Mollison, M.S., Anderson, J.H., Johnson, D.M.: Rtos support for multicore mixed-criticality systems. In: 2012 IEEE 18th Real-Time and Embedded Technology and Applications Symposium (RTAS), pp. 197–208 (2012)

    Google Scholar 

  9. Miller, C., Valasek, C.: Adventures in automotive networks and control units. DEF CON 21, 260–264 (2013)

    Google Scholar 

  10. Standard, I.: Iso 26262, Road vehicles - Functional Safety (2011)

    Google Scholar 

  11. Standard, I.: Iso 11898, Road vehicles - Controller area network (CAN) - Part 1: Data link layer and physical signalling (2015)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Michigan Dearborn, Dearborn, USA

    Ahmad M. K. Nasser & Di Ma

  2. University of Michigan Transportation Institute, Ann Arbor, USA

    Sam Lauzon

Authors
  1. Ahmad M. K. Nasser
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Di Ma
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sam Lauzon
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ahmad M. K. Nasser .

Editor information

Editors and Affiliations

  1. Xidian University, Xi’an, China

    Zheng Yan

  2. Eurecom, Sophia Antipolos, Valbonne, France

    Refik Molva

  3. Warsaw University of Technology, Warsaw, Poland

    Wojciech Mazurczyk

  4. Aalto University, Espoo, Finland

    Raimo Kantola

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Nasser, A.M.K., Ma, D., Lauzon, S. (2017). Exploiting AUTOSAR Safety Mechanisms to Launch Security Attacks. In: Yan, Z., Molva, R., Mazurczyk, W., Kantola, R. (eds) Network and System Security. NSS 2017. Lecture Notes in Computer Science(), vol 10394. Springer, Cham. https://doi.org/10.1007/978-3-319-64701-2_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-64701-2_6

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-64700-5

  • Online ISBN: 978-3-319-64701-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation