This paper describes a concept for vehicle safe-mode, that may help reduce the potential damage of an identified cyber-attack. Unlike other defense mechanisms, that try to block the attack or simply notify of its existence, our mechanism responds to the detected breach, by limiting the vehicle’s functionality to relatively safe operations, and optionally activating additional security counter-measures. This is done by adopting the already existing mechanism of Limp-mode, that was originally designed to limit the potential damage of either a mechanical or an electrical malfunction and let the vehicle “limp back home” in relative safety. We further introduce two modes of safe-modemoperation: In Transparent-mode, when a cyber-attack is detected the vehicle enters its pre-configured Limp-mode; In Extended-mode we suggest to use custom messages that offer additional flexibility to both the reaction and the recovery plans. While Extended-mode requires modifications to the participating ECUs, Transparent-mode may be applicable to existing vehicles since it does not require any changes in the vehicle’s systems—in other words, it may even be deployed as an external component connected through the OBD-II port. We suggest an architectural design for the given modes, and include guidelines for a safe-mode manager, its clients, possible reactions, and recovery plans. We note that our system can rely upon any deployed anomaly-detection system to identify the potential attack.
Attenzione! Scheda prodotto non ancora validata dall'Ateneo
|Data di pubblicazione:||2017|
|Titolo:||Vehicle Safe-Mode, Limp-Mode in the Service of Cyber Security|
|Autori:||Tsvika, Dagan; Mirco, Marchetti; Dario, Stabili; Michele, Colajanni; Avishai, Wool|
|Data del convegno:||November 2017|
|Nome del convegno:||2017 Embedded Security in Cars conference (ESCAR Europe 2017)|
|Luogo del convegno:||Berlin, Germany|
|Titolo del libro:||Proceegings of the 2017 Embedded Security in Cars conference (ESCAR Europe 2017)|
|Appare nelle tipologie:||Relazione in Atti di Convegno|
I documenti presenti in Iris Unimore sono rilasciati con licenza Creative Commons Attribuzione - Non commerciale - Non opere derivate 3.0 Italia, salvo diversa indicazione.
In caso di violazione di copyright, contattare Supporto Iris