Affiliation:
1. Tongji University
2. iSOFT Infrastructure Software Co., Ltd.
Abstract
<div class="section abstract"><div class="htmlview paragraph">The software installed in Electronic Control Units (ECUs) has witnessed a significant scale expansion as the functionality of Intelligent Connected Vehicles (ICVs) has become more sophisticated. To seek convenient long-term functional maintenance, stakeholders want to access ECUs data or update software from anywhere via diagnostic. Accordingly, as one of the external interfaces, Diagnostics over Internet Protocol (DoIP) is inevitably prone to malicious attacks. It is essential to note that cybersecurity threats not only arise from inherent protocol defects but also consider software implementation vulnerabilities. When implementing a specification, developers have considerable freedom to decide how to proceed. Differences between protocol specifications and implementations are often unavoidable, which can result in security vulnerabilities and potential attacks exploiting them. Considering the security risks and technology trends of vehicles, this paper uses model learning for the first time to infer the protocol implementation state model against DoIP and aims to explore the unexpected state transitions that may occur during the interaction of diagnostic services. This is an automated black-box technique that provides the possibility to obtain a corresponding model of the observed implementation behavior. To achieve this, we construct a framework for applying model learning against DoIP implementation and utilize it to learn the state model. The experimental results demonstrate that the proposed vulnerability analysis method can effectively and accurately obtain the state model of specific protocol implementation. Software developers can visually spot the presence of such superfluous states or transitions by examining the obtained state model, further avoiding potential attacks that could exploit these vulnerabilities.</div></div>
Reference16 articles.
1. Upstream Upstream Security Global Automotive Cybersecurity Report 2023 2023
2. Sun , J. , Iqbal , S. , Seifollahpour Arabi , N. , and Zulkernine , M. A Classification of Attacks to In-Vehicle Components (IVCs) Vehicular Communications 25 2020 100253 10.1016/j.vehcom.2020.100253
3. Matsubayashi , M. , Koyama , T. , Okano , Y. , Tanaka , M. , Miyajima , A. , Oshima , Y. , Ukai , S. , Wakatsuki , T. , Sugashima , T. , and Nakamura , T. Attacks Against UDS on DoIP by Exploiting Diagnostic Communications and Their Countermeasures 2021 IEEE 93rd Vehicular Technology Conference (VTC2021-Spring) 1 6 2021 10.1109/VTC2021-Spring51267.2021.9448963
4. Wachter , P. and Kleber , S. Analysis of the DoIP Protocol for Security Vulnerabilities Computer Science in Cars Symposium, ACM Ingolstadt Germany 1–10, 2022 10.1145/3568160.3570229
5. SAE International Securing the Modern Vehicle: A Study of Automotive Industry Cybersecurity Practices https://www.sae.org/binaries/content/assets/cm/content/topics/cybersecurity/securing_the_modern_vehicle.pdf Aug. 2023