The ESCAR US conference took place June 12-13 and focused on topics such as sensor security, IDS systems and detection of falsified transmissions on CAN buses and various problems which has been discovered in vehicular systems. Below is a summary of some of the talks. For more information, do not hesitate to contact us.
One talk by Kevin Fu (University of Michigan) focused on the effects of injecting RF signals into sensors, for example, to interfere with sensor values and he demonstrated how acoustic sounds could interfere with the accelerometers in a vehicle. This is problematic since they may be connected to machine learning (ML) systems thus could result in undesired effects if they are part of real-time systems that make decisions. A related problem was that clipping of input values in combination with low pass filters could cause aliasing to occur when samples are taken (compare with a video of a spinning wheel). A proposed solution was to randomize sampling frequencies to make these type of attacks harder.
Several talks addressed the detection of rogue ECUs on the CAN bus. One presentation measured signal distortion with density estimation (measures variance, lots of math) which gives each device its own unique fingerprint. This was demonstrated this with an Arduino Uno with a CAN-bus shield with MCP2515 CAN-bus controller and MPC2551 CAN-bus receiver. Another talk by Intel was to use “two-point fingerprinting”, i.e. to measure bus voltages at two different points on the bus, for example at the endpoints. Based on the fact that the bus has a resistance that the attacker cannot affect the bus topology, it is possible to have a trained machine learning classifier which compares all message IDs with the transmitting ECU identity. Testing with 60k messages with 10 ECUs where one was compromised, they achieved 99.98% accuracy in detecting malicious messages (F1 score).
Ken Rohde (Idaho National Labs) addressed the problem with new fast DC charging stations which today may have 1.2 MW total charging capacity. Interfering with these systems, for example with high frequency repeatedly start and stop charging, may have severe consequences for the power grid. They have performed successful results with faked messages transmitted between vehicles and the charging station using a laptop. For obvious reasons, not too many details are revealed to the public, but the impact said to be power grid problems, battery fire, and hardware damage.
Another talk by Argus Cyber Security addressed IP fragmentation problems when adopting Ethernet and IP protocols. They have explicitly investigated the implementation of an Autosar platform and found problems with packet fragmentation. The important message is to make sure we do not import the same problems into our domain that has plagued the Internet for the last 20 years due to too complex network stacks.
Written by Tomas Olovsson, Chalmers.
