Carson Green, Rik Chatterjee, Jeremy Daily (Colorado State University)

Modern automotive operations are governed by embedded computers that communicate over standardized protocols, forming the backbone of vehicular networking. In the domain of commercial vehicles, these systems predominantly rely on the high-level protocols running on top of the Controller Area Network (CAN) protocol for internal communication in medium and heavy-duty applications. Critical to this ecosystem is the Unified Diagnostics Services (UDS) protocol, outlined in ISO 14229 (Unified Diagnostic Services - UDS) and ISO 15765 (Diagnostic Communication over CAN), which provides essential diagnostic functionalities. This paper presents three distinct scenarios, demonstrating potential shortcomings of the UDS protocol standards and how they can be exploited to launch attacks on in-vehicle computers in commercial vehicles while bypassing security mechanisms.

In the initial two scenarios, we identify and demonstrate two vulnerabilities in the ISO 14229 protocol specifications. Subsequently, in the final scenario, we highlight and demonstrate a vulnerability specific to the ISO 15765 protocol specifications.

For demonstration purposes, bench-level test systems equipped with real Electronic Control Units (ECUs) connected to a CAN bus were utilized. Additional testing was conducted on a comprehensively equipped front cab assembly of a 2018 Freightliner Cascadia truck, configured as an advanced test bench. The test results reveal how attacks targeting specific protocols can compromise individual ECUs. Furthermore, in the Freightliner Cascadia truck setup, we found a network architecture typical of modern vehicles, where a gateway unit segregates internal ECUs from diagnostics. This gateway, while designed to block standard message injection and spoofing attacks, specifically allows all UDS-based diagnostic messages. This selective allowance inadvertently creates a vulnerability to UDS protocol attacks, underscoring a critical area for security enhancements in commercial vehicle networks. These findings are crucial for engineers and programmers responsible for implementing the diagnostic protocols in their communication subsystems, emphasizing the need for enhanced security measures.

View More Papers

Crafter: Facial Feature Crafting against Inversion-based Identity Theft on...

Shiming Wang (Shanghai Jiao Tong University), Zhe Ji (Shanghai Jiao Tong University), Liyao Xiang (Shanghai Jiao Tong University), Hao Zhang (Shanghai Jiao Tong University), Xinbing Wang (Shanghai Jiao Tong University), Chenghu Zhou (Chinese Academy of Sciences), Bo Li (Hong Kong University of Science and Technology)

Read More

A Unified Symbolic Analysis of WireGuard

Pascal Lafourcade (Universite Clermont Auvergne), Dhekra Mahmoud (Universite Clermont Auvergne), Sylvain Ruhault (Agence Nationale de la Sécurité des Systèmes d'Information)

Read More

Improving In-vehicle Networks Intrusion Detection Using On-Device Transfer Learning

Sampath Rajapaksha (Robert Gordon University), Harsha Kalutarage (Robert Gordon University), M.Omar Al-Kadri (Birmingham City University), Andrei Petrovski (Robert Gordon University), Garikayi Madzudzo (Horiba Mira Ltd)

Read More

A Two-Layer Blockchain Sharding Protocol Leveraging Safety and Liveness...

Yibin Xu (University of Copenhagen), Jingyi Zheng (University of Copenhagen), Boris Düdder (University of Copenhagen), Tijs Slaats (University of Copenhagen), Yongluan Zhou (University of Copenhagen)

Read More