By Christoph Hammerschmidt, Contributing Editor
As automobiles become increasingly networked, they are also increasingly becoming the target of cyber-attacks. One of the most vulnerable elements of vehicles is the venerable CAN bus – at the time it was designed some 30 years ago, nobody expected that vehicles ever would have an air interface. Now cyber security pioneer Karamba Security has devised a solution to the problem.
Due to missing security measures such as authentication, data encryption or even simple plausibility checks, the CAN bus is something like the holy grail for any malicious perpetrator: Once he has access to the CAN bus, he can carry out any manipulation the electronic controllers he wants – including activating the brakes at full speed or take over the control to the steering (in vehicles with electric power steering). Unfortunately, the CAN bus also widely resists attempts to harden it against attacks – due to its limited bandwidth and flexibility, it is not possible to establish, for instance, additional data fields into the messages, or to add authentication features. “The CAN bus is saturated”, says David Barzilai, Vice President R&D and co-founder of Karamba Security. Despite its shortcomings, the CAN bus is so well entrenched in the automotive industry that “no one wants to walk away” of this technology – even Tesla has built its electronic architecture on this technological antique.
This is where Karamba steps in: The security expert company has developed a software library that enables the ECUs connected to the CAN bus to encrypt the data packets they send across the bus and thus enable an authentication scheme that blocks out all malicious and thus non-authenticated data and instructions transmitted across the CAN bus. Barzilai claims that since the encrypted data packets have exactly the same size as the original ones, the system does not cause any network overhead. The additional workload for the ECUs is “very minimal”, promises Barzilai. Since the computing power of typical ECUs is rather limited, Karamba uses a lightweight encryption algorithm. “RSA would be too heavy,” Barzilai explains. To minimize the added workload, the key distribution happens once in the lifetime of an ECU and only needs to be repeated in the case an ECU is replaced.
SafeCAN, as the system is called, is designed to work along with Karamba’s embedded firewall Carwall. Together, the systems enable OEMs to establish secure software updates over the air.
The system actually is bus architecture agnostic, Barzilai explained. Thus, it also can be implemented in landscapes where other bus systems are used in addition to the CAN – for instance CAN FD, FlexRay or the increasingly popular automotive Ethernet.
To establish its solution in the automotive industry and to widen the scope of its solutions, Karamba has recently inked cooperation contracts with automotive engineering company IAV, infotainment systems provider Alpine and technology conglomerate Honeywell. Karamba Security and Honeywell jointly identify and validate software commands and data in real time. Honeywell’s unauthorized access detection software monitors network communication and vehicle anomalies while Karamba Security’s ECU software prevents an attack on the vehicle.
In cooperation with Karamba Security, IAV has set up an Automotive Security Defense Center to demonstrate how cyber attacks can be prevented to protect the networked vehicle. The prototype continuously monitors the vehicle for OEMs and fleet operators to detect and defend against attacks. It analyzes vulnerabilities and any issues identified by OEMs to close security vulnerabilities.
At the CES in Las Vegas from January 9 to 12,2018, Karamba Security will be showing joint live hacks. The security experts will be discussing with visitors how weak points in the networked vehicle can be secured preventively and how companies can work together across industries to protect the automotive industry.