DOI QR코드

DOI QR Code

Research of generate a test case to verify the possibility of external threat of the automotive ECU

차량 ECU의 외부 위협성 가능성을 검증하기 위한 테스트 케이스 생성 연구

  • Received : 2013.03.01
  • Accepted : 2013.08.22
  • Published : 2013.09.30

Abstract

ECU(Electric Control Unit) on the important features of the vehicle is equipped, ECU between sending and receiving messages is connected to one of the internal network(CAN BUS), but this network easily accessible from the outside and not intended to be able to receive attacks from an attacker, In this regard, the development of tools that can be used in order to verify the possibility of attacks on attacks from outside, However, the time costs incurred for developing tools and time to analyze from actual car for CAN messages to be used in the attack to find. In this paper, we want to solve it, propose a method to generate test cases required for the attack is publicly available tool called Sulley and it explains how to find the CAN messages to be used in the attack. Sulley add the CAN messages data generated library files in provided library file and than Sulley execute that make define and execute file conform to the CAN communication preferences and create message rules. Experiments performed by the proposed methodology is applied to the actual car and result, test cases generated by the CAN messages fuzzing through Sulley send in the car and as a result without a separate tool developed was operating the car.

차량에서 중요 기능들을 탑재하고 있는 ECU(Electric Control Unit)들 간에 메시지를 주고받는데 하나의 내부 통신망(CAN BUS)으로 연결되어있으나, 이 네트워크는 외부에서 쉽게 접근이가능하여 의도하지 않게 공격자로부터 공격을 받을 수 있게 되면서 이와 관련하여 외부로부터 공격에 대한 가능성을 검증하기 위하여 공격에 사용될 수 있는 도구들을 개발하였다. 그러나 이를 개발하기 위한 시간적 비용이 발생하고, 공격에 사용될 CAN 메시지를 찾기 위하여 실제 자동차에서 분석하는 시간도 발생한다. 본 논문에서는 이러한 문제를 해결하기 위해 공개되어있는 Sulley라는 도구를 이용하여 공격에 필요한 테스트 케이스 생성하는 방법을 제안하면서 공격에 사용될 CAN 메시지 찾는 방법을 설명한다. Sulley에서 제공하는 라이브러리 파일에 CAN 메시지의 데이터 생성 라이브러리 추가시킨 다음 Sulley을 실행시키는 파일과 정의하는 파일을 CAN 통신 환경 설정 및 메시지 규칙에 맞게 작성하여 Sulley을 실행시킨다. 제안한 방법론을 실제 자동차에 적용시켜 실험을 수행한 결과, Sulley을 통한 CAN 메시지 퍼징하여 생성된 테스트 케이스들을 자동차에 보낸 결과 별도의 개발한 도구 필요 없이 자동차를 동작시켰다.

Keywords

References

  1. Phung, Phu H. "A model for safe and secure execution of downloaded vehicle applications," Road Transport Information and Control Conference and the ITS United Kingdom Members' Conference (RTIC 2010), pp.1-6, May. 2010.
  2. Nilsson, D.K., "Efficient In-Vehicle Delayed Data Authentication Based on Compound Message Authentication Codes," in Proceedings of IEEE 68th Vehicular Technology Conference, 2008. VTC 2008-Fall. pp.1-5, Sep. 2008.
  3. Muter, M., "A structured approach to anomaly detection for in-vehicle networks," Information Assurance and Security (IAS), 2010 Sixth International Conference on, pp.92-98, Aug. 2010
  4. Marko Wolf, Andre Weimerskirch, Christof Paar, "security in automotive bus systems," In Proceedings of the Workshop on Embedded Security in Cars 2004, pp.1-13, 2004.
  5. Xiao Ni, "AES Security Protocol Implementation for Automobile Remote Keyless System," in Proceedings of IEEE 65th Vehicular Technology Conference, 2007. VTC2007-Spring. pp. 2526-2529, April 2007
  6. Gang-seok Kim, "Vehicle ECU through CAN communication from eavesdropping and manipulation of the analysis of the possibility of external threats", Korea University, 2011
  7. Karl Koscher, Alexei Czeskis, Franziska Roesner, "Experimental Security Analysis of a Modern Automobile," IEEE Symposium on Security and Privacy, pp. 447 - 462, 2010. May
  8. T. Hoppe, S. Kiltz, A. Lang, and J. Dittmann. "Exemplary Automotive Attack Scenarios: Trojan horses for Electronic Throttle Control System (ETC) and replay attacks on the power window system," in Proceedings of 23th VDI/VW Gemeinschaftstagung Automotive Security, pp. 165-183, 2007.
  9. Nilsson, Dennis K., "Vehicle ECU classification based on safety-security characteristics," Road Transport Information and Control - RTIC 2008 and ITS United Kingdom Members' Conference, IET, pp.1-7, May. 2008.
  10. Aditya P. Mathur, "Foundations of Software Testing", Pearson Education, pp.193-278, 2008.
  11. M. Sutton, A. Greene, P. Amini, "Fuzzing: Brute Force Vulnerability Discovery," Addison-Wesley, pp. 386-417, 2007
  12. G. Devarajan, "Unraveling SCADA Protocols: Using Sulley Fuzzer", DEFCON 15, Aug 2007
  13. Hye-ryun Lee, Seung-hun Shin, Kyung-hee Choi, Ki-hyun Chung, Seung-kyu Park, Jun-yong Choi, "Detecting the vulnerability of software with cyclic behavior using Sulley," in Proceedings of the Advanced Information Management and Service (ICIPM), 2011 7th International Conference on, pp. 83-88, Dec. 2011.

Cited by

  1. 자동차용 ECU의 CAN 메시지를 통한 자동차 공격 방법 연구 vol.18, pp.11, 2013, https://doi.org/10.9708/jksci.2013.18.11.039