5 This part shows different Connectivity attacks on the car.
8 ----------------------- | -----------------
9 Connectivity-Abstract-1 | Improve abstract.
13 --------------------------------------------------------------------------------
17 ## Acronyms and Abbreviations
19 The following table lists the terms utilized within this part of the document.
21 Acronyms or Abbreviations | Description
22 ------------------------- | ---------------------------------------------------------------------------------
23 _ARP_ | **A**ddress **R**esolution **P**rotocol
24 _BLE_ | **B**luetooth **L**ow **E**nergy
25 _CAN_ | **C**ar **A**rea **N**etwork
26 _CCMP_ | **C**ounter-Mode/**C**BC-**M**ac **P**rotocol
27 _EDGE_ | **E**nhanced **D**ata **R**ates for **GSM** **E**volution - Evolution of **GPRS**
28 _GEA_ | **G**PRS **E**ncryption **A**lgorithm
29 _GPRS_ | **G**eneral **P**acket **R**adio **S**ervice (2,5G, 2G+)
30 _GSM_ | **G**lobal **S**ystem for **M**obile Communications (2G)
31 _HSPA_ | **H**igh **S**peed **P**acket **A**ccess (3G+)
32 _IMEI_ | **I**nternational **M**obile **E**quipment **I**dentity
33 _LIN_ | **L**ocal **I**nterconnect **N**etwork
34 _MOST_ | **M**edia **O**riented **S**ystem **T**ransport
35 _NFC_ | **N**ear **F**ield **C**ommunication
36 _OBD_ | **O**n-**B**oard **D**iagnostics
37 _PATS_ | **P**assive **A**nti-**T**heft **S**ystem
38 _PKE_ | **P**assive **K**eyless **E**ntry
39 _PSK_ | **P**hase-**S**hift **K**eying
40 _RDS_ | **R**adio **D**ata **S**ystem
41 _RFID_ | **R**adio **F**requency **I**dentification
42 _RKE_ | **R**emote **K**eyless **E**ntry
43 _SDR_ | **S**oftware **D**efined **R**adio
44 _SSP_ | **S**ecure **S**imple **P**airing
45 _TKIP_ | **T**emporal **K**ey **I**ntegrity **P**rotocol
46 _TPMS_ | **T**ire **P**ressure **M**onitoring **S**ystem
47 _UMTS_ | **U**niversal **M**obile **T**elecommunications **S**ystem (3G)
48 _USB_ | **U**niversal **S**erial **B**us
49 _WEP_ | **W**ired **E**quivalent **P**rivacy
50 _WPA_ | **W**ifi **P**rotected **A**ccess
54 We only speak about the **CAN** bus to take an example, because the different
55 attacks on bus like _FlewRay_, _ByteFlight_, _Most_ and _Lin_ use retro
56 engineering and the main argument to improve their security is to encrypt data
57 packets. We just describe them a bit:
59 - **CAN**: Controller Area Network, developed in the early 1980s, is an
60 event-triggered controller network for serial communication with data rates up
61 to one MBit/s. **CAN** messages are classified over their respective
62 identifier. **CAN** controller broadcast their messages to all connected nodes
63 and all receiving nodes decide independently if they process the message.
64 - **FlewRay**: Is a deterministic and error-tolerant high-speed bus. With a data
66 - **ByteFlight**: Is used for safety-critical applications in motor vehicles
67 like air-bags. Byteflight runs at 10Mbps over 2 or 3 wires plastic optical
69 - **Most**: Media Oriented System Transport, is used for transmitting audio,
70 video, voice, and control data via fiber optic cables. The speed is, for the
71 synchronous way, up to 24 MBit/s and asynchronous way up to 14 MBit/s.
72 **MOST** messages include always a clear sender and receiver address.
73 - **LIN**: Local Interconnect Network, is a single-wire subnet work for
74 low-cost, serial communication between smart sensors and actuators with
75 typical data rates up to 20 kBit/s. It is intended to be used from the year
76 2001 on everywhere in a car, where the bandwidth and versatility of a **CAN**
77 network is not required.
79 On just about every vehicle, **ECU**s (**E**lectronic **C**ontrol **U**nits)
80 communicate over a CAN bus, which is a two-wire bus using hardware arbitration
81 for messages sent on the shared medium. This is essentially a *trusted* network
82 where all traffic is visible to all controllers and any controller can send any
85 A malicious **ECU** on the CAN bus can easily inject messages destined for any
86 other device, including things like the instrument cluster and the head unit.
87 There are common ways for hardware to do USB to CAN and open source software to
88 send and receive messages. For example, there is a driver included in the Linux
89 kernel that can be used to send/receive CAN signals. A malicious device on the
90 CAN bus can cause a great number of harmful things to happen to the system,
91 including: sending bogus information to other devices, sending unintended
92 commands to ECUs, causing DOS (Denial Of Service) on the CAN bus, etc.
96 Domain | Tech name | Recommendations
97 ---------------------------------- | --------- | --------------------------------------------------------------------------
98 Connectivity-BusAndConnector-Bus-1 | CAN | Implement hardware solution in order to prohibit sending unwanted signals.
102 See [Security in Automotive Bus
103 Systems](http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.92.728&rep=rep1&type=pdf)
104 for more information.
108 For the connectors, we supposed that they were disabled by default. For example,
109 the **USB** must be disabled to avoid attacks like BadUSB. If not, configure the
110 Kernel to only enable the minimum require **USB** devices. The connectors used
111 to diagnose the car like **OBD-II** must be disabled outside garages.
115 Domain | Tech name | Recommendations
116 ----------------------------------------- | --------- | ----------------------------------------------------------------------
117 Connectivity-BusAndConnector-Connectors-1 | USB | Must be disabled. If not, only enable the minimum require USB devices.
118 Connectivity-BusAndConnector-Connectors-2 | USB | Confidential data exchanged with the ECU over USB must be secure.
119 Connectivity-BusAndConnector-Connectors-3 | USB | USB Boot on a ECU must be disable.
120 Connectivity-BusAndConnector-Connectors-4 | OBD-II | Must be disabled outside garages.
126 In this part, we talk about possible remote attacks on a car, according to the
127 different areas of possible attacks. For each communication channels, we
128 describe attacks and how to prevent them with some recommendations. The main
129 recommendation is to always follow the latest updates of these remote
130 communication channels.
134 Domain | Object | Recommendations
135 ----------------------- | ------ | ------------------------------------------------------------------
136 Connectivity-Wireless-1 | Update | Always follow the latest updates of remote communication channels.
140 We will see the following parts:
144 - [Bluetooth](#bluetooth)
146 - [Cellular](#cellular)
155 ----------------------- | -------------------------------------------
156 Connectivity-Wireless-1 | Add communication channels (RFID, ZigBee?).
160 --------------------------------------------------------------------------------
162 For existing automotive-specific means, we take examples of existing system
163 attacks from the _IOActive_ document ([A Survey of Remote Automotive Attack
164 Surfaces](https://www.ioactive.com/pdfs/IOActive_Remote_Attack_Surfaces.pdf))
165 and from the ETH document ([Relay Attacks on Passive Keyless Entry and Start
166 Systems in Modern Cars](https://eprint.iacr.org/2010/332.pdf)).
168 - [Telematics](https://www.ioactive.com/pdfs/IOActive_Remote_Attack_Surfaces.pdf#%5B%7B%22num%22%3A40%2C%22gen%22%3A0%7D%2C%7B%22name%22%3A%22XYZ%22%7D%2C60%2C720%2C0%5D)
170 - [Passive Anti-Theft System
171 (PATS)](https://www.ioactive.com/pdfs/IOActive_Remote_Attack_Surfaces.pdf#%5B%7B%22num%22%3A11%2C%22gen%22%3A0%7D%2C%7B%22name%22%3A%22XYZ%22%7D%2C60%2C574%2C0%5D)
173 - [Tire Pressure Monitoring System
174 (TPMS)](https://www.ioactive.com/pdfs/IOActive_Remote_Attack_Surfaces.pdf#%5B%7B%22num%22%3A17%2C%22gen%22%3A0%7D%2C%7B%22name%22%3A%22XYZ%22%7D%2C60%2C720%2C0%5D)
176 - [Remote Keyless Entry/Start
177 (RKE)](https://www.ioactive.com/pdfs/IOActive_Remote_Attack_Surfaces.pdf#%5B%7B%22num%22%3A26%2C%22gen%22%3A0%7D%2C%7B%22name%22%3A%22XYZ%22%7D%2C60%2C720%2C0%5D)
179 - [Passive Keyless Entry (PKE)](https://eprint.iacr.org/2010/332.pdf)
181 --------------------------------------------------------------------------------
189 We can differentiate existing attacks on wifi in two categories: Those on
190 **WEP** and those on **WPA**.
194 - **FMS**: (**F**luhrer, **M**antin and **S**hamir attack) is a "Stream cipher
195 attack on the widely used RC4 stream cipher. The attack allows an attacker
196 to recover the key in an RC4 encrypted stream from a large number of
197 messages in that stream."
198 - **KoreK**: "Allows the attacker to reduce the key space".
199 - **PTW**: (**P**yshkin **T**ews **W**einmann attack).
200 - **Chopchop**: Found by KoreK, "Weakness of the CRC32 checksum and the lack
201 of replay protection."
206 - **Beck and Tews**: Exploit weakness in **TKIP**. "Allow the attacker to
207 decrypt **ARP** packets and to inject traffic into a network, even allowing
208 him to perform a **DoS** or an **ARP** poisoning".
209 - [KRACK](https://github.com/kristate/krackinfo): (K)ey (R)einstallation
210 (A)tta(ck) ([jira AGL
211 SPEC-1017](https://jira.automotivelinux.org/browse/SPEC-1017)).
215 - Do not use **WEP**, **PSK** and **TKIP**.
217 - Use **WPA2** with **CCMP**.
219 - Should protect data sniffing.
223 Domain | Tech name or object | Recommendations
224 ---------------------------- | ------------------- | -------------------------------------------------------------------------
225 Connectivity-Wireless-Wifi-1 | WEP, PSK, TKIP | Disabled
226 Connectivity-Wireless-Wifi-2 | WPA2 and AES-CCMP | Used
227 Connectivity-Wireless-Wifi-3 | WPA2 | Should protect data sniffing.
228 Connectivity-Wireless-Wifi-4 | PSK | Changing regularly the password.
229 Connectivity-Wireless-Wifi-5 | Device | Upgraded easily in software or firmware to have the last security update.
233 See [Wifi attacks WEP WPA](https://matthieu.io/dl/wifi-attacks-wep-wpa.pdf) and
234 [Breaking wep and wpa (Beck and
235 Tews)](https://dl.aircrack-ng.org/breakingwepandwpa.pdf) for more information.
237 --------------------------------------------------------------------------------
245 - **Bluesnarfing** attacks involve an attacker covertly gaining access to your
246 Bluetooth-enabled device for the purpose of retrieving information, including
247 addresses, calendar information or even the device's **I**nternational
248 **M**obile **E**quipment **I**dentity. With the **IMEI**, an attacker could
249 route your incoming calls to his cell phone.
250 - **Bluebugging** is a form of Bluetooth attack often caused by a lack of
251 awareness. Similar to bluesnarfing, bluebugging accesses and uses all phone
252 features but is limited by the transmitting power of class 2 Bluetooth radios,
253 normally capping its range at 10-15 meters.
254 - **Bluejacking** is the sending of unsolicited messages.
255 - **BLE**: **B**luetooth **L**ow **E**nergy
256 [attacks](https://www.usenix.org/system/files/conference/woot13/woot13-ryan.pdf).
257 - **DoS**: Drain a device's battery or temporarily paralyze the phone.
261 - Not allowing Bluetooth pairing attempts without the driver's first manually
262 placing the vehicle in pairing mode.
264 - Use **BLE** with caution.
265 - For v2.1 and later devices using **S**ecure **S**imple **P**airing (**SSP**),
266 avoid using the "Just Works" association model. The device must verify that an
267 authenticated link key was generated during pairing.
271 Domain | Tech name | Recommendations
272 --------------------------------- | ------------- | ------------------------------------------------------------
273 Connectivity-Wireless-Bluetooth-1 | BLE | Use with caution.
274 Connectivity-Wireless-Bluetooth-2 | Bluetooth | Monitoring
275 Connectivity-Wireless-Bluetooth-3 | SSP | Avoid using the "Just Works" association model.
276 Connectivity-Wireless-Bluetooth-4 | Visibility | Configured by default as undiscoverable. Except when needed.
277 Connectivity-Wireless-Bluetooth-5 | Anti-scanning | Used, inter alia, to slow down brute force attacks.
281 See [Low energy and the automotive
282 transformation](http://www.ti.com/lit/wp/sway008/sway008.pdf), [Gattacking
283 Bluetooth Smart Devices](http://gattack.io/whitepaper.pdf), [Comprehensive
284 Experimental Analyses of Automotive Attack
285 Surfaces](http://www.autosec.org/pubs/cars-usenixsec2011.pdf) and [With Low
287 Security](https://www.usenix.org/system/files/conference/woot13/woot13-ryan.pdf)
288 for more information.
290 --------------------------------------------------------------------------------
298 - **IMSI-Catcher**: Is a telephone eavesdropping device used for intercepting
299 mobile phone traffic and tracking location data of mobile phone users.
300 Essentially a "fake" mobile tower acting between the target mobile phone and
301 the service provider's real towers, it is considered a man-in-the-middle
304 - Lack of mutual authentication (**GPRS**/**EDGE**) and encryption with
307 - **Fall back** from **UMTS**/**HSPA** to **GPRS**/**EDGE** (Jamming against
314 - Check antenna legitimacy.
318 Domain | Tech name | Recommendations
319 -------------------------------- | --------- | --------------------------
320 Connectivity-Wireless-Cellular-1 | GPRS/EDGE | Avoid
321 Connectivity-Wireless-Cellular-2 | UMTS/HSPA | Protected against Jamming.
325 See [A practical attack against GPRS/EDGE/UMTS/HSPA mobile data
326 communications](https://media.blackhat.com/bh-dc-11/Perez-Pico/BlackHat_DC_2011_Perez-Pico_Mobile_Attacks-wp.pdf)
327 for more information.
329 --------------------------------------------------------------------------------
335 - Interception of data with low cost material (**SDR** with hijacked DVB-T/DAB
340 - Use the **R**adio **D**ata **S**ystem (**RDS**) only to send signals for audio
341 output and meta concerning radio.
345 Domain | Tech name | Recommendations
346 ----------------------------- | --------- | --------------------------------------------
347 Connectivity-Wireless-Radio-1 | RDS | Only audio output and meta concerning radio.
351 --------------------------------------------------------------------------------
359 - **MITM**: Relay and replay attack.
363 - Should implements protection against relay and replay attacks (Tokens,
365 - Disable unneeded and unapproved services and profiles.
366 - NFC should be use encrypted link (secure channel). A standard key agreement
367 protocol like Diffie-Hellmann based on RSA or Elliptic Curves could be applied
368 to establish a shared secret between two devices.
369 - Automotive NFC device should be certified by NFC forum entity: The NFC Forum
370 Certification Mark shows that products meet global interoperability standards.
371 - NFC Modified Miller coding is preferred over NFC Manchester coding.
375 Domain | Tech name | Recommendations
376 --------------------------- | --------- | ------------------------------------------------------
377 Connectivity-Wireless-NFC-1 | NFC | Protected against relay and replay attacks.
378 Connectivity-Wireless-NFC-2 | Device | Disable unneeded and unapproved services and profiles.
386 - **authentication**: Authentication is the security process that validates the
387 claimed identity of a device, entity or person, relying on one or more
388 characteristics bound to that device, entity or person.
390 - **Authorization**: Parses the network to allow access to some or all network
391 functionality by providing rules and allowing access or denying access based
392 on a subscriber's profile and services purchased.
396 Domain | Object | Recommendations
397 ---------------------------- | -------------- | --------------------------------------
398 Application-Cloud-Download-1 | authentication | Must implement authentication process.
399 Application-Cloud-Download-2 | Authorization | Must implement Authorization process.
403 --------------------------------------------------------------------------------
407 - **Deep Packet Inspection**: **DPI** provides techniques to analyze the payload
408 of each packet, adding an extra layer of security. **DPI** can detect and
409 neutralize attacks that would be missed by other security mechanisms.
411 - A **DoS** protection in order to avoid that the Infrastructure is no more
412 accessible for a period of time.
414 - **Scanning tools** such as **SATS** and **DAST** assessments perform
415 vulnerability scans on the source code and data flows on web applications.
416 Many of these scanning tools run different security tests that stress
417 applications under certain attack scenarios to discover security issues.
419 - **IDS & IPS**: **IDS** detect and log inappropriate, incorrect, or anomalous
420 activity. **IDS** can be located in the telecommunications networks and/or
421 within the host server or computer. Telecommunications carriers build
422 intrusion detection capability in all network connections to routers and
423 servers, as well as offering it as a service to enterprise customers. Once
424 **IDS** systems have identified an attack, **IPS** ensures that malicious
425 packets are blocked before they cause any harm to backend systems and
426 networks. **IDS** typically functions via one or more of three systems:
429 2. Anomaly detection.
430 3. Protocol behavior.
436 Domain | Object | Recommendations
437 ---------------------------------- | ------------- | ----------------------------------------------------------
438 Application-Cloud-Infrastructure-1 | Packet | Should implement a DPI.
439 Application-Cloud-Infrastructure-2 | DoS | Must implement a DoS protection.
440 Application-Cloud-Infrastructure-3 | Test | Should implement scanning tools like SATS and DAST.
441 Application-Cloud-Infrastructure-4 | Log | Should implement security tools (IDS and IPS).
442 Application-Cloud-Infrastructure-5 | App integrity | Applications must be signed by the code signing authority.
446 --------------------------------------------------------------------------------
450 For data transport, it is necessary to **encrypt data end-to-end**. To prevent
451 **MITM** attacks, no third party should be able to interpret transported data.
452 Another aspect is the data anonymization in order to protect the leakage of
453 private information on the user or any other third party.
455 The use of standards such as **IPSec** provides "_private and secure
456 communications over IP networks, through the use of cryptographic security
457 services, is a set of protocols using algorithms to transport secure data over
458 an IP network._". In addition, **IPSec** operates at the network layer of the
459 **OSI** model, contrary to previous standards that operate at the application
460 layer. This makes its application independent and means that users do not need
461 to configure each application to **IPSec** standards.
463 **IPSec** provides the services below :
465 - Confidentiality: A service that makes it impossible to interpret data if it is
466 not the recipient. It is the encryption function that provides this service by
467 transforming intelligible (unencrypted) data into unintelligible (encrypted)
469 - Authentication: A service that ensures that a piece of data comes from where
470 it is supposed to come from.
471 - Integrity: A service that consists in ensuring that data has not been tampered
472 with accidentally or fraudulently.
473 - Replay Protection: A service that prevents attacks by re-sending a valid
474 intercepted packet to the network for the same authorization. This service is
475 provided by the presence of a sequence number.
476 - Key management: Mechanism for negotiating the length of encryption keys
477 between two **IPSec** elements and exchange of these keys.
479 An additional means of protection would be to do the monitoring between users
480 and the cloud as a **CASB** will provide.
484 Domain | Object | Recommendations
485 ----------------------------- | ----------------------------------------- | ---------------------------------
486 Application-Cloud-Transport-1 | Integrity, confidentiality and legitimacy | Should implement IPSec standards.