Talking Cars: from Can't to CAN presented at BSidesKnoxville 2019

by Samuel Hollifield,

Summary : Modern vehicles can be incredibly vulnerable to cyber exploitation. Researchers across the world have demonstrated scary manipulations such as remote control of an unaltered vehicle, unsigned code execution, and the ability to interfere with cars in traffic. Largely, this problem stems from the inherently vulnerable networks which exists on automobiles manufactured after 2008--Controller Area Networks (CANs).Some security implications of a CAN are that it is a broadcast bus network, allowing all nodes to receive messages with no explicit addressing, and it has no way to authenticate and identify nodes on the network. Therefore, it is extremely straightforward to induce physical changes on an automobile with potentially dangerous consequences.When CAN was mandated in 2008, it was not particularly concerning that one could develop after-market solutions using the intra-vehicular network. After all, CAN requires proprietary tools (a CAN Controller and CAN Transceiver) along with the knowledge required to program and interface these tools. In recent years, however, automotive CANs have been a topic of interest for homebrew hackers and security professionals. This has been facilitated by the widespread use of inexpensive single-board computers, such as Raspberry Pis and Arduinos.This presentation will detail the technical aspects of CAN. Particularly, we will discuss messaging at the bit level, arbitration and error handling, common CAN tools and libraries, and network patterns which exist across many makes/models. By the conclusion, attendees will be equipped to build their own automotive interfaces and begin engineering their own after-market solutions.