Physics Model-Based Attack Filter for a Controller Area Network (CAN)
T2020-160 A method for filtering malicious messages on a CAN Network. This method is a physics, model, based method that utilizes knowledge of the CAN network as well as the physics of the systems being controlled to remove malicious messages from effecting the intended function of the controls algorithms on vehicles.
There has been a rapid increase in the number of embedded controllers used onboard vehicles. Connectivity and automation promise better safety, efficiency, and comfort. Vehicles in the future will be connected to more than just our personal devices, but to other vehicles and public infrastructure as well. Because of the increased number of communication channels, there is also an increase in the potential attack paths. In their current state, internal vehicle communication protocols have very little built-in security which has led to exploitation, or in other words, "car hacking." Preemptive security solutions such as authentication and encryption come at a performance cost that makes them very challenging to implement.
To address this need, researchers at The Ohio State University are working to develop an algorithm which combines the CAN network with control-theoretic methods to use authentication to elevate security when vehicle sensors or actuators are under attack. A main innovation is that the algorithm utilizes the internal design of the vehicle to determine whether to accept or reject an input which is faster than decryption methods, especially as the encryption becomes more complex. The algorithm filter is able to determine if an input (possible this is an attack) is within safe parameters. This results in secure vehicle communication pathways that are more efficient than alternative security measures.
- Public Transport
- Ride sharing platforms
- Personal Vehicles
- Trucking Fleets
- Transportation/Shipping services
- Speed of security measures
- Internal security doesn't require additional security measures (e.g. security mechanism to protect private keys for encryption services)
Matthew Appel received his undergraduate degree (BS Electrical and Computer Engineering) from The Ohio State University, and is a current M.S. candidate in electrical and computer engineering. His research is a part of The Center for Automotive Research (CAR) which is the preeminent research center in sustainable and safe mobility in the United States and an interdisciplinary research center in The Ohio State University’s College of Engineering. With a concentration on preparing the next generation of automotive leaders, CAR is recognized for interdisciplinary emphasis on systems engineering, advanced and unique experimental facilities, collaboration on advanced product development projects with industry, and a balance of government and privately sponsored research. CAR’s research focuses on energy, safety and the environment and it offers state-of-the-art facilities for students, faculty, research staff and industry partners.