Abstract The Controller Area Network (CAN) is the most widely employed communication protocol for in-vehicle applications. While many of its features qualify it as a suitable candidate for future use in automotive networking, the lack of security mechanisms makes it problematic for safety-critical applications. Recently, both the research community and the industry have proposed a large number of solutions for securing CAN, but most of these solutions put additional strain on the already limited 8 byte CAN payload or require more expensive hardware. In this work, we propose the use of a covert voltage channel that can be used for the transmission of additional data required by specific security mechanisms. We achieve this with the help of additional transceivers by encoding additional bits as different voltage levels in the existing CAN dominant bits without affecting regular CAN traffic decoding. We demonstrate the application of our approach on both low-end and high-end automotive embedded platforms and prove its suitability for implementing authentication mechanisms and key exchange protocols over CAN while maintaining backward compatibility.
展开▼