Threats against in-vehicle networks
In-vehicle networking protocols enable ECUs, sensors, and in some cases, actuators to communicate under strict real-time and low-cost constraints. However, since the primary design objective of these networking protocols is efficient and deterministic communication, it is not unusual for some of these protocols to exhibit serious security weaknesses. In this section, we examine the weaknesses and in-vehicle networking protocols and highlight the corresponding attacks that can exploit them.
CAN
A simple Google search on CAN security yields hundreds of papers and articles on how CAN is not secure. While earlier versions of CAN such as CAN 2.0 and CAN FD did not consider security while the protocol was being defined, a more recent variant called CAN XL [REF29] now offers a security extension that protects the data link layer. Nevertheless, CAN XL is in its infancy, so we have to judge the security of the CAN protocol based on the first two variants...
