Protecting vehicles from cyber attacks over the OBD interface

OData support
Dr. Buttyán Levente
Department of Networked Systems and Services

Modern cars have a diagnostic interface, called OBD-II. By means of this interface, service stations can identify potential problems with the car. Furthermore some commercial mobile applications can even monitor and analyze our driving habits with the help of an OBD dongle. Unfortunately many vendors do not take much effort to protect the inner network of our cars, therefore it is not a hard task to break in with e.g. an infected mobile phone and manipulate the control units. This can easily lead to the damage of the car, or in the worst case, endangers the safety of the driver.

This thesis shows a possible solution to the above mentioned problem. First part of the solution is a microcontroller-based filtering application which can be installed between the OBD-II interface and the car's CAN network and is able to protect the car from any attacks on this interface. The second part of the solution is a software with which the firewall can be safely configured from an average PC.

At first the thesis summarizes how the control network works in modern vehicles and shows the latest results of car hacking. Then it describes the design of the firewall, details the cryptographic solutions - especially for the communication protocol between the firewall and the manager program -, and also briefly presents the implemented software. The last section shows how the firewall could be tested and also details a concrete test, where the firewall was able to filter some messages from a mobile application called Torque.


Please sign in to download the files of this thesis.