What does cybersecurity in automotive mean? Network solutions.
Cybersecurity is a buzzword that everyone is talking about today, and the automotive industry is no exception. The rapid development of this sector brings both incredible opportunities and potential threats. As the ecosystem of network-connected vehicles grows, so does the attack surface for potential cyber threats. Industry leaders recognize opportunities in risk mitigation—according to 89% of OEMs (Original Equipment Manufacturers), a high level of cybersecurity provides a significant competitive advantage (source). Our expert, Krzysztof Labuda, a Certified Ethical Hacker, writes about solutions that support cybersecurity in the automotive industry.
We will start by listing network technologies in vehicles. In the following articles, we will delve into architectural solutions and security components used in specific cases.
Secure Systems in Automotive
As an introduction to discussing solutions used to ensure security in automotive, I would like to provide an overview of network solutions found in vehicle systems. However, I won’t resist making references to other interesting areas, allowing us to broaden our perspective.
First, let’s establish one thing—cars inherently pose safety risks, meaning threats to life. Today’s vehicles are no longer just metal and mechanical parts; they are also (or perhaps primarily) advanced IT systems that enable functionalities previously unheard of. This, in turn, introduces cybersecurity threats, which is the focus of this series—IT systems connected via networks. These systems include multimedia solutions, peripheral devices, and features that enhance driving comfort. Many of them allow remote access, but when direct access is possible, connection can be established via OBD or directly through the controller.
To properly discuss cybersecurity in vehicles, it is necessary to introduce the technologies found in this space—primarily network-related solutions. In later parts of the series, we will also touch upon system-level security.
Network Solutions for Ensuring Automotive Security
There are two types of networking technologies in automotive—bus-based (which we will call non-Ethernet for comparison purposes) and Ethernet-based solutions. Non-Ethernet solutions adhere to the traditional ISO/OSI model for layers 1, 2, and 7. This is sufficient at the vehicle level, but things get interesting when a functionality needs to be open and support routing, such as in remote diagnostics, where layer 3 and above must be used. This example will appear again when we discuss security controls for different layers.
For such scenarios, a TCP/IP-based approach is required, and this is where Automotive Ethernet comes in, which we will explore further in the next sections.
Bus-Based Solutions:
CAN
The most well-known non-Ethernet solution is CAN, a relatively old technology that facilitates network communication between devices and microcontrollers. In its original version, data granularity was very low, with just 8 bytes per frame, but later versions expanded this significantly—CAN-XL can handle up to 2048 bytes. A dedicated ISO standard series (ISO 11898) defines this technology.
CAN was designed with safety in mind—any node on the bus can initiate communication, and every node can respond, meaning that a single device failure does not cause a system-wide breakdown. It also includes strong error detection mechanisms.
Current security implementations leverage IDS (Intrusion Detection System) and IPS (Intrusion Prevention System), which benefit from Deep Learning and Machine Learning techniques for threat detection. Another, though more challenging, approach to securing CAN involves cryptographic protections. However, due to hardware constraints, only in-frame encryption is feasible, and robust cryptographic security is significantly limited by CAN’s architecture.
FlexRay
FlexRay is deterministic, fast, and fault-tolerant, with superior error detection compared to CAN. It is described in the ISO 17458 standard.
Developed mainly by BMW and Motorola, FlexRay ensures precisely controlled and scheduled data transmission times, which is critical for real-time systems where reliability and predictability are essential. It also supports redundancy, meaning duplicate connections can be established for increased reliability. Additionally, FlexRay can be effectively protected with cryptographic controls against threats such as spoofing.
LIN (Local Interconnect Network)
LIN does not provide the same level of deterministic communication as FlexRay but still offers predictable data transmission for many applications. It is described in the ISO 17987 standard.
LIN is widely used in automotive systems, especially for comfort features (e.g., window controls, climate control, windshield wipers, lighting, and door management). Due to its simplicity, low cost, and ease of implementation, LIN is often the first choice for many vehicle applications.
However, its main weakness is the lack of built-in security mechanisms. If an attacker gains physical access to the LIN bus, there are no dedicated safeguards to protect data transmission.
To Be Continued
In this article, we have covered the primary bus-based networking solutions in vehicles and briefly introduced the technologies used for cybersecurity. In the next part of the series, we will discuss Ethernet-based solutions (Automotive Ethernet), completing the discussion on networking in cars. We will also explore architectural and system-level approaches to cybersecurity. Stay tuned!
Author: Krzysztof Labuda,
Security Testing Consultant
A participant in the Certified Ethical Hacker CEH v11 program, which teaches the latest commercial-grade hacking tools, techniques, and methodologies used by hackers and information security professionals.
