Towards enhancing security and safety in modern vehicles

Abstract

The advent of modern vehicles has seen a paradigm shift from purely mechanical systems to highly sophisticated entities, underpinned by advanced Electronic Control Units (ECUs) and intricate In-Vehicle Networks (IVN). These advancements facilitate a host of new functionalities, including remote control and autonomous driving, yet concurrently raise significant security and safety concerns. This thesis endeavors to tackle these issues, focusing on enhancing the security of modern vehicular systems and ensuring the safety of autonomous driving mechanisms. Revisiting Automotive Attack Surfaces. The complexity of modern vehicles, characterized by their extensive external attack surfaces and complex internal IVN topology, poses a substantial challenge to cybersecurity. Despite efforts by existing standards such as WP29 R155e and ISO 21434 to provide a baseline, their effectiveness against evolving threats remains questionable. Through an in-depth interview with 15 industry experts, we uncovered significant limitations in current security practices and regulatory frameworks. We propose CarVal, a novel datalog-based methodology that leverages an enhanced threat database to infer multi-stage attack paths, assess risks more efficiently in IVNs, and uncover new attack surfaces by analyzing five real-world vehicles. This approach not only identifies the inadequacies in existing regulations but also introduces a more effective mechanism for threat analysis and risk assessment in automotive systems. Enhancing Autonomous Driving Safety. From the autonomous driving standpoint, we focus on the perception and control modules. Our first investigation reveals vulnerabilities in the lane detection module of a real vehicle, highlighting its susceptibility to misdirection through minimal, strategically placed road markings. We developed a two-stage approach to automatically generate these markings, significantly impacting steering decisions without detection by human drivers, as demonstrated through experiments on a real vehicle equipped with Autonomous Driving Systems (ADS). Concurrently, we turn our attention to the control module of ADS, where we pinpoint a critical oversight in existing safety research. By proposing new metrics and enhancing fuzzing methodologies, we conducted comprehensive evaluations on Apollo's Model Predictive Controller (MPC). The findings unearthed significant defects, underscoring the inability of Apollo's controller to perform basic maneuvers and identifying 14 new bugs, subsequently acknowledged and addressed by the development team. This dual-focused inquiry not only sheds light on previously overlooked vulnerabilities but also sets the groundwork for more robust autonomous driving systems. In conclusion, this thesis identifies critical security and safety vulnerabilities in modern vehicles and autonomous driving systems, and proposes innovative methodologies for their mitigation. Through the application of CarVal, we demonstrate the potential for automated threat analysis and risk assessment in improving automotive cybersecurity. Furthermore, our investigations into the lane detection and control modules of ADS highlight the need for robust testing mechanisms to uncover and address subtle yet significant vulnerabilities. Looking forward, the ongoing evolution of vehicle technologies and attack vectors necessitates continuous refinement of security and safety measures.