Abstract:
Since Controller Area Network (CAN) buses used in vehicles are exposed
to certain threats that are described in research works and exploited
in real-world conditions, certain updates with emphasis on its
security are required. The thesis includes an overview of the CAN vulnerabilities
as well as research proposals for their mitigation through
physical layer security using timing and voltage characteristics. An innovative
key-exchange method that makes use of CAN messages and
the CAN protocol requirements for exchanging session keys between
nodes is presented as part of the thesis. An improvement for a previous
work related to time-covert authentication methods by optimizing the
frame transmission times is also discussed in the thesis. From a hardware
standpoint, there are certain research papers that use clock skews
for periodic CAN messages as fingerprints for transmitter authentication.
Other works use the unique voltage characteristics for both periodic
and on-event CAN messages as fingerprints for the senders. The
thesis includes a broad comparison of the reliability of clock skews and
voltage characteristics as fingerprint sources from 9 passenger vehicles.
The analysis is done on a public dataset of both frame timestamps used
for clock skew derivation and voltage samples used for extraction of
unique voltage characteristics for each node. Considering that realistic
CAN architectures need to be realized as experimental setups, a digital
twin for a real-world vehicle CAN network is described in the later
part of the thesis. Considering the noise factor in voltage fingerprinting
activities, an analysis of the wiring influence from the digital twin experimental
setup with other setups and the real-world vehicle conditions
is also presented in the thesis.
