Journal of Convergence for Information Technology (융합정보논문지)

Convergence Society for SMB (중소기업융합학회)
권호 표지
DOI QR코드

DOI QR Code

Research on Countermeasures of Controller Area Network Vulnerability

Controller Area Network 취약점 분석 및 대응 방안 연구

  • Hong, Sunghyuck (Division of Information and Communication, Baekseok University)
  • Received : 2018.09.14
  • Accepted : 2018.10.20
  • Published : 2018.10.31
Download PDF
⟨ Previous Next ⟩

Abstract

As the number ofconnected cars grows, the security of the connected cars is becoming more important. There are also increasing warnings about the threat of attacks via the CAN bus used for in-vehicle networks. An attack can attack through a vulnerability in the CAN bus because the attacker can access the CAN bus remotely, or directly to the vehicle, without a security certificate on the vehicle, and send a malicious error message to the devices connected to the CAN bus. A large number of error messages put the devices into a 'Bus-Off' state, causing the device to stop functioning. There is a way to detect the error frame, or to manage the power of the devices related to the bus, but eventually the new standard for the CAN bus will be the fundamental solution to the problem. If new standards are adopted in the future, they will need to be studied.

연결형 자동차의 사용이 늘어나면서 연결형 자동차의 보안이 중요해지고 있다. 그 중 차량 내부 네트워크에 쓰이는 CAN 버스를 통한 공격의 위협성이 증가하고 있다. CAN 버스의 특성상 공격자가 해당 차량에 보안상 인증이 없는 CAN 버스에 원격, 또는 차량에 직접 접근하여 CAN 버스와 연결된 장치들에 악의적인 오류메시지를 전송 가능하다. 따라서 다량의 오류 메시지로 해당 장치들을 'Bus-Off' 상태로 만든 뒤, 해당 장치가 기능을 정지하게 만든다. 이에 대한 대응 방법은 오류 프레임을 감지하는 방법이나 버스와 관련된 장치들의 전원을 관리하는 방법 등이 있으나 결국에는 CAN 버스에 대한 새로운 표준이 문제의 근본적인 해결책이 될 것으로 판단한다. 따라서 본 논문에서는 새로운 연결형 자동차의 보안모델을 제시하여 안전한 연결형 자동차의 이용에 기여하는 것이 본 논문의 목적이다.

Keywords

References

  1. Ausflug, Jeep-Safari (2005). ReiseRechts Aktuell, 13(3). DOI : 10.1515/rra.2005.13.3.121
  2. C. Bayilmis & E. Kelebekler. (2008). Remote control of a CAN-based mobile model car using a voice activated control system. 2008 IEEE 16th Signal Processing, Communication and Applications Conference. DOI : 10.1109/siu.2008.4632605
  3. D. J. Arnett. (1987). A High Performance Solution for In-Vehicle Networking - 'Controller Area Network (CAN)'. SAE Technical Paper Series. DOI : 10.4271/870823
  4. J. Yang, J. Wang, C. Zhao & F. Wang. (2015). Study on Reliability Analysis for Braking System Parts Based on Hybrid Censoring Test under Small Sample Size. The Open Cybernetics & Systemics Journal, 9(1), 2530-2535. DOI : 10.2174/1874110x01509012530
  5. P. Song, Y. Zhang, X. Wu, & Y. Lan. (2013). Design and Implementation of the Adaptive Control System for Automotive Headlights Based on CAN/LIN Network. 2013 Third International Conference on Instrumentation, Measurement, Computer, Communication and Control. DOI : 10.1109/imccc.2013.355
  6. D. Sabolic & Z. Car. (2013). Stochastic modeling of signal propagation in power-line communication networks. International Journal of Communication Systems. DOI : 10.1002/dac.2530.
  7. K. Parnell. (2004.). Telematics Digital Convergence - How to Cope with Emerging Standards and Protocols. Advanced Microsystems for Automotive Applications VDI-Buch,335-348. DOI : 10.1007/978-3-540-76989-7_24
  8. J. Espina, T. Falck, A. Panousopoulou, L. Schmitt, O. Mulhens, & G. Yang. (2014). Network Topologies, Communication Protocols, and Standards. Body Sensor Networks, 189-236. DOI : 10.1007/978-1-4471-6374-9_5
  9. X. Yang, Z. Yu, M. Xiao, G. Ji & Z. Wang. (2014). Automated test system design based on Tellus for in-vehicle CAN network. 2014 6th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT). DOI : 10.1109/icumt.2014.7002089
  10. S. Shivle & A. V. Murthy. (2010). Improvement in Noise Transmission Across Firewall of a Passenger Car. SAE Technical Paper Series. DOI : 10.4271/2010-01-0751
  11. S. Hong & K. Han. (2014). Cost-Efficient Routing Protocol (CERP) on Wireless Sensor Networks. Wireless Personal Communications, 79(4), 2517-2530. DOI : :10.1007/s11277-014-1883-z
  12. S. H. Hong & Y. J. Seo. (2016), Countermeasure of Sning Attack: Survey. Journal of Convergence Society for SMB (KCI), 6(2), 31-36
  13. S. Hong. (2014). Analysis of DDoS Attack and Countermeasure: Survey. The Journal of Digital Policy and Management, 12(1), 423-429. DOI : 10.14400/jdpm.2014.12.1.423
  14. S. Hong. (2017). Research on IoT International Strategic Standard Model. Journal of the Korea Convergence Society, 8(2), 21-26. DOI : 10.15207/jkcs.2017.8.2.021
  15. S. Hong. (2014). Vulnerability of Directory List and Countermeasures. Journal of Digital Convergence, 12(10), 259-264. DOI : 10.14400/jdc.2014.12.10.259