Securing Modern Vehicles: Electric Charging and In-Vehicle Communication Protocols

In the last decades, the massive size and price reduction of computationally capable devices have increased the spread of the so-called Cyber-Physical Systems (CPSs). These connected devices employ computing capacity together with sensing and actuating functions. Vehicles represent a widely spread and extremely complex example of CPS, where modern cars are equipped with more than 100 different microcomputers to control each vehicle's component and communicate with other devices. Although these technologies unquestionably improve the driving experience and its safety, they also expand the attack surface, which malicious entities may exploit to compromise the vehicle. In recent years, researchers have proved that several vehicle components are vulnerable to cyberattacks, and many novel technologies under development may introduce new security and privacy concerns. This dissertation offers an analysis of two different aspects of modern vehicles from a security point of view, discovering and mitigating some security vulnerabilities. In the first part, we investigate the new security issues introduced with the spread of electric vehicles. We analyzed the new threats born from the connection of vehicles to the smart grid for charging purposes. We found a potential issue that allows an attacker to steal energy from another connected vehicle and develop EVExchange, the first relay attack on the Vehicle to Grid environment. Moreover, we developed a countermeasure to defend against it based on the distance bounding technique. Additionally, we show how a malicious charging operator can exploit the charging pattern of the vehicle's battery to profile and then track a particular car, mining the driver's privacy. In the second part of this dissertation, we analyze security solutions connected to the internal bus of vehicles, which allows communication between internal devices. CAN bus, the de facto standard for these communications, is a legacy protocol not equipped with any security feature, allowing attackers to compromise the system easily. However, security improvements are complex to deploy due to the real-time requirements of the system, which often hold companies back from rolling them out. In this thesis, we applied novel methods to solve the problem. We employed a fast and reliable technique for feature extraction to identify attacks using Machine Learning, obtaining good results with a lightweight implementation. With the intent to reduce false positives as much as possible, we developed CANTXSec, the first deterministic solution to identify and stop certain kinds of attacks by comparing Electric Control Unit activations with bus traffic. Finally, we investigate authentication systems in vehicles employing data from the CAN bus. In particular, we analyzed issues in authentication systems based on the driver's behavior, developing two adversarial attacks against them and providing insights on how they should be efficiently and securely deployed.