MS Thesis Defense
Attacking and Defending the Automotive CAN Bus
Jackson Schmandt
12:30pm Thursday, 8 December, 2016, ITE 325b, UMBC
The scope and complexity of Automotive Computer Networks have grown drastically in the last decade. Once present only in high end vehicles, multi-use infotainment systems are now included in base models of some economy vehicles. Frequently connected to drivetrain components, these systems bring out multiple network access points, many of which are wireless. This unprecedented access has led to several high-profile exploits from both white-hat hackers and criminals. Although industry members are working toward long-term solutions, current systems suffer from inadequate protocol security and a lack of common-sense design practices. To address the security problem in the short term, this thesis describes a flexible Message Authentication Code that can be retrofitted with software only, as well as implementations on microcontrollers, an FPGA and an ASIC design. This work shows that on current embedded controllers, message authentication tags can be generated or verified in under 400 microseconds and in under 10 microseconds on a special-purpose ASIC.
Committee Members: Drs. Nilanjan Banerjee (chair), Alan Sherman (co-chair) and Anupam Joshi