Research and development efforts continue towards passenger vehicles being incorporated into existing intelligent transportation systems (ITSs). Such integration could provide potentially useful benefits to drivers including: sharing traffic news; communicating warnings; and automating dangerous driving processes, such as merging or managing following distance.1 Vehicle Ad-hoc Networks or VANETs have been built to enable communications between vehicles, such as cars and trucks, as well as with infrastructure points, such as access points or base stations. In the near future, it is possible that this type of communication will be mandated by the National Highway Traffic Safety Administration.2 As agencies and traffic engineers look ahead to building ITSs with these benefits and integrating vehicles into current systems; they should maintain vigilance regarding the security of the information that is being used within these information systems.
There are three main types of communication that exist within VANETs: (1) vehicle to vehicle (V2V), (2) vehicle to infrastructure (V2I), and (3) infrastructure to vehicle (I2V).3 As with any attempt at integrating automated control systems into larger systems, new vulnerabilities are introduced. The new system may act in unanticipated ways or vulnerabilities by be intentionally exploited. The primary vulnerability in the case of VANETs is the use of insecure communications protocols. Currently, VANETs use unencrypted protocols that transmit information between vehicles and between vehicles and infrastructure. Unencrypted information can be intercepted.4 While this unencrypted protocol facilitates creation of a communications network over which messages are relayed, it does so at the risk of exploitation of security vulnerabilities.
Both physical (local) and wireless (remote) VANET communications are transferred using unencrypted protocols, thereby allowing malicious actions, such as man-in-the-middle (MITM) attacks, replay attacks, spoofing, packet forging, or denial of service (DoS) attacks.5 Compromises in physical security may be exploited to the detriment of the overall operation and handling of vehicles because critical control systems operate on the same unprotected controller area network (CAN) bus. Utilizing a homemade device,6 a person may be able to wirelessly gain complete control of any of the components’ connections to the CAN bus, which would make it possible to remotely turn on/off other drivers’ cars, apply their brakes, or increase/decrease vehicle speed.7 During a test, the researcher was able to remotely control a car using his domain knowledge coupled with the specified device over a cellular network. He was able to perform actions such as: turn off the car engine; lock the car doors; and disable the power steering, all while a person was driving the car.
The issue of vehicular control is compounded when considered in relation to the impact on the infrastructure to which it is connected. Base stations relying on the receipt of valid data from vehicles could be manipulated by permitting attackers to submit forged data and thus provide incorrect information to surrounding vehicles, which could lead to accidents or traffic buildups. Because base stations have well-known locations, specific attacks such as a DoS attack could be employed to disable infrastructure in an area served by that station. Moreover, because there is no authentication, malicious vehicles could impersonate the base station and feed false data directly to other vehicles in the area.8 Given that this infrastructure currently freely transmits data between vehicles without encryption, user privacy could also be at risk. It could be feasible to obtain a driver’s trajectory based upon data that are transmitted via the V2V or V2I communication methods.9
By enforcing so-called cryptographic primitives (e.g., confidentiality, authentication, integrity, non-repudiation, secret sharing, etc.), many threats can be mitigated.10 The following actions would support achievement of this goal:
- Incorporate symmetric or asymmetric encryption, which is based on the type and time sensitivity of the information they wish to encrypt, into system design;
- using authentication and/or signature-based security methods to reduce the likelihood of successful availability or integrity attacks;7
- Security measures should be put into place before integration into existing ITSs.
This post is written by: Roland Varriale
1 Vehicle-to-Vehicle Communications, Accessed on July 9, 2014.
2 U.S. unveils plan for cars of the future, Accessed on July 9, 2014.
3 Vehicular Ad-Hoc Networks (VANET) applied to Intelligent Transportation Systems (ITS) , Accessed on July 9, 2014.
4 Inter-Vehicle Communication Protocols for Multimedia Transmission, Accessed on July 9, 2014.
5 Security of Vehicular Ad Hoc Networks (VANET) , Accessed on July 9, 2014.
6 Hacking a Car remotely with $20 iPhone sized Device, Accessed on July 29, 2014
7 How to Hack a Car, Accessed on July 9, 2014.
8 The Security Problems of Vehicular Ad Hoc Networks (VANETs) and Proposed Solutions in Securing their Operations, Accessed on July 9, 2014.
9 TACKing Together Efficient Authentication, Revocation, and Privacy in VANETs, Accessed on July 9, 2014.
10 Survey on VANET security challenges and possible cryptographic solutions, Accessed on July 9, 2014.