By 2025, Gartner predicts that connected cars will represent an estimated 30% of all cyberattacks targeting enterprises. This includes attacks on automotive systems, potentially leading to breaches of safety-critical functions.
Why it matters: Most modern vehicles contain over 100 electronic control units (ECUs) which control vehicle functions. The lack of built-in encryption in the controller area network (CAN) bus, the preferred communications network for ECUs, exposes vehicles to cyberattacks like CAN injection, where hackers send deceptive commands to gain unauthorized access to vehicle functions.
The solution: Implementing a layer of encryption over CAN communications can make it more difficult for threat actors to gain access to the network. By using lightweight encryption techniques tailored to CAN’s constraints — such as message size limitations, real-time operation requirements, and limited processing power — it’s possible to enhance the security of vehicle systems without compromising performance.
What you’ll learn in the white paper:
- The inherent vulnerabilities in the CAN bus system and why they pose a security risk.
- Real-world examples of CAN injection attacks and their impact on vehicle safety and security.
- How lightweight encryption can be integrated into existing CAN networks to protect against cyberattacks while maintaining performance.
- A detailed overview of the proof of concept (POC) for implementing encryption over CAN, including key challenges and potential solutions.