As the automotive industry has progressed in recent years, in-vehicle networks have also changed. In contrast to traditional vehicles, modern vehicles communicate through connecting interfaces, Electronic Control Units (ECUs), sensors, and gateways over different communication channels called buses. While LIN, CAN, FlexRay, MOST, and Automotive Ethernet protocols facilitate vehicle communication, they expose vehicles to various security risks. Electronics in vehicles must be advanced to improve passenger safety, comfort, and vehicle performance. However, security issues must also be addressed to ensure vehicle resilience. This paper presents an in-depth and comprehensive analysis of the security issues associated with in-vehicle network protocols. We examine the feasibility, severity, and potential consequences of these security issues, which can be used to better understand the risks and vulnerabilities within in-vehicle networks. Furthermore, the paper examines existing solutions that aim to mitigate the identified attacks, including intrusion detection systems (IDSs), firewalls, authentication, and schedulers, while evaluating their effectiveness and drawbacks. Hence, we enable automotive security engineers to comprehend the current state of security measures used to protect in-vehicle networks and identify areas where further research is needed to develop more effective and tailored security solutions. Finally, the paper provides recommendations for future research and the development of security solutions that researchers can use to guide their research efforts for in-vehicle network security.
Read full abstract