The invention relates to the field of vehicle security.
New vehicle technologies facilitate many valuable capabilities such as improved driver safety, vehicle performance and passenger comfort. Modern vehicles are essentially large and complex computer systems: The vehicles are controlled and monitored by multiple Electronic Control Units (ECUs) that coordinate operation by communicating over one or more internal network buses, e.g. Central Access Network (CAN) buses. In addition, modern vehicles are further connected through a plurality of external network interfaces, e.g., RFID, Bluetooth, Dedicated Short Range Communication (DSRC), WiFi, Cellular, and/or the like, to external third parties. This connectivity, on the one hand, facilitates a variety of services including telematics, navigation, safety and the like, which provide significant benefits for automakers, aftermarket vendors, fleet managers, drives, and passengers. However, these capabilities also introduce new security and privacy concerns.
Several mechanisms for improving vehicle security include integrating cryptographic primitives such as authentication and encryption, segregating the vehicle's internal network using security gateways, using firewalls to protect the internal network from the outside world, and/or the like. Most methods for securing vehicles are only passive, e.g. such as listening to the CAN bus with the purpose of detecting threats by identifying suspicious behaviors. The accuracy of threat detection is crucial, as faulty detections of non-threats as well as failures to detect actual threats may have severe consequences, such as theft, accidents, etc.
The foregoing examples of the related art and limitations related therewith are intended to be illustrative and not exclusive. Other limitations of the related art will become apparent to those of skill in the art upon a reading of the specification and a study of the figures.