VitroBench: Manipulating in-vehicle networks and COTS ECUs on your bench

With the increasing connectivity employed in automotive systems, remote cyber attacks have now become a possibility and concrete threat. Prior works on automotive cyber security solutions have primarily focused evaluation either on real cars or via emulations of electronic control units (ECUs). Evaluation on real cars offer limited flexibility in manoeuvring the packets communicated through in-vehicle network (IVN). Meanwhile, emulations of ECUs rely on assumptions that may not correspond to the exact features in an IVN.In this paper, the authors present VitroBench, a comprehensive test platform involving commercial off-the-shelf (COTS) ECUs that allows arbitrary packet control over IVN. In contrast to existing automotive testbed, an appealing feature of VitroBench is that it allows replication of driving use cases and scenarios directly on the testbed involving COTS ECUs. This, in turn, allows us to design and evaluate concrete attacks that are directly related to a driving scenario. They present the design of VitroBench that allows us to sniff, inject packets to and isolate targeted ECU via bridging. The isolation of ECUs also offers fuzzing the respective ECUs. They evaluate the capability of VitroBench via launching concrete attacks and demonstrating the impact of such attacks. They discuss the careful design choices involved in VitroBench that inspire automotive cybersecurity research in future.

• Record URL:
  https://doi.org/10.1016/j.vehcom.2023.100649
• Record URL:
  http://www.sciencedirect.com/science/article/pii/S2214209623000797
• Availability:
  • Find a library where document is available. Order URL: http://worldcat.org/issn/22142096
• Supplemental Notes:
  • © 2023 Elsevier Inc. All rights reserved. Abstract reprinted with permission of Elsevier.
• Authors:
  • Yeo , Anthony Kee Teck
  • 0000-0002-4364-2324
  • Garbelini, Matheus E
  • 0000-0002-8169-9874
  • Chattopadhyay, Sudipta
  • 0000-0002-4843-5391
  • Zhou, Jianying
  • 0000-0003-0594-0432
• Publication Date: 2023-10

Language

• English

Media Info

• Media Type: Web
• Features: Figures; References;
• Pagination: 100649
• Serial:
  • Vehicular Communications
  • Volume: 43
  • Issue Number: 0
  • Publisher: Elsevier
  • ISSN: 2214-2096
  • Serial URL: http://www.sciencedirect.com/science/journal/22142096/1/2

Subject/Index Terms

• TRT Terms: Automobiles; Computer network protocols; Computer security; Mobile computing
• Subject Areas: Data and Information Technology; Highways; Vehicles and Equipment;

Filing Info

• Accession Number: 01891099
• Record Type: Publication
• Files: TRIS
• Created Date: Aug 28 2023 9:19AM