Applicability analysis of intrusion detection and prevention in automotive systems

Abstract

The complexity of embedded automotive systems is rapidly increasing, both in terms of the number of ECUs (electronic control units), networks and the composite systems derived thereof. More electronic control in tandem with multiple novel interfaces for remote network communications with these control systems yield new security challenges. New networking capabilities might make the car a more viable target for malicious adversaries while more electronic control systems heighten the risks associated with a breach of security. Several methods and measures for improving automotive security have been proposed, some of them tested and others purely theoretical. Among these are several calls for the design and development of intrusion detection/prevention systems (IDPS) for automotive applications. We survey the state of the art in automotive security and attempt to establish a general model of the modern car. We proceed to evaluate the applicability of different intrusion detection and prevention methodologies in the context of embedded automotive systems. We conclude that the diversity of automotive architectures make it difficult to produce a model of a complete car that is detailed yet generalizable and sufficient. Hence, barring any major consolidation of high level architectural principles, any successful automotive IDPS will have to be based on common ground at a lower level, e.g. the CAN or FlexRay buses.