A Survey of Attacks on Controller Area Networks and Corresponding Countermeasures

The development of vehicle technologies such as connected and autonomous vehicle environments provide drivers with functions for convenience and safety that are highly capable of remote vehicle diagnosis or lane-keeping assistance. Unfortunately, despite impressive advantages for drivers, these functions also have various vulnerabilities that could lead to cyber-physical attacks on automotive Controller Area Networks (i.e., automotive CAN). To deal with these security issues, a multitude of issue-specific countermeasures have already been proposed. In this paper, we introduce existing research on automotive CAN attacks and evaluate several state-of-the-art countermeasures. Particularly, we provide a comprehensive adversary model for automotive CAN and classify existing countermeasures into four system categories: (1) preventative protection, (2) intrusion detection, (3) authentication, and (4) post-protection. From the extensive literature review, we attempt to summarize the security research regarding automotive CAN and identify open research directions for in-vehicle networks of autonomous vehicle.