In today’s automobiles, embedded computers, or ECUs (Electronic Control Units) are responsible for an increasing number of features in a vehicle. In order to coordinate their actions, these computers are able to exchange data over communication buses, effectively constituting an embedded network. While this network could previously be considered a closed system, the addition of means of communication in automobiles has opened this network to the outside world, thus raising many security issues. Our research work focuses on these issues and aims at proposing efficient architectural security mechanisms for protecting embedded automotive networks. The security of embedded automotive systems being a relatively recent topic, we first put a strong focus on defining the context. For that purpose, we describe the threats that can target a car’s embedded systems, provide a classification of the possible attack scenarios and present a survey of protection mechanisms in embedded automotive networks. Then, in order to complement the preventive security means that aim at stopping an attacker from entering the embedded network, we introduce an Intrusion Detection System (IDS) fit for vehicular networks. Leveraging the high predictability of embedded automotive systems, we use language theory to elaborate a set of attack signatures derived from behavioral models of the automotive calculators in order to detect a malicious sequence of messages transiting through the internal network. After a formal description of our IDS, we present a first batch of experiments aimed at validating our approach and assessing its performances.
展开▼