The network of modern cars is more complex than before, and its heart is the CAN bus. CAN bus, which is established almost 30 year ago is vulnerable, thus a hacker can manipulate the network easily by remote access. As we approach the world of autonomous vehicles, vehicle protection is becoming more and more important, so protecting the communications network of cars has become vital for automotive manufacturers. This is especially true for vehicle assistant systems that provide information about the environment around them from road users through wireless connections. The proliferation and development of wireless connections is worsening the situation.
The aim of this thesis is to demonstrate the lack of protection of the CAN network, to explore its vulnerabilities and to provide a more secure system. The essay begins with the presentation of the CAN protocol and the AUTOSAR standard software architecture. In the above, the emphasis is on network properties and the format of data during sending messages, while the latter focuses on communication and cryptographic functionality, which help to understand the process of secured information exchange in vehicles. After these, the possible attacks on cars are described, the terms used in the topic are presented. I am presenting existing software and hardware protection mechanisms to prevent information attacks between electronic control units to prevent vehicle attacks. The core of the thesis is the Secure Onboard Communication (SecOC) module, and the defense mechanism that can be created using it. The implementation of the module is illustrated by the position of the module during data transmission and data reception. Then I mention the configuration parameters that are indispensable for implementation, the states of the algorithms and the process of data encryption. At the end of the implementation, along with its functional testing, I present the test environment, the most important test cases, which confirm the correct operation of the SecOC module and its proper implementation.