Stateful Behavior Inference and Runtime Enforcement for Vehicle Network Security

As cars are turning into computers with wheels, or "software-defined vehicles", computer security concerns are becoming increasingly critical. In this paper, we focus on the security of vehicle communication networks consisting of Electronic Control Units (ECUs) connected via a Controller Area Network (CAN) bus. We present a framework that consists of a behavior inference technique for capturing the expected behavior of vehicles during specific scenarios (modes) as state machines, a hierarchical state machine model for monitoring multiple scenarios, and a state-machine-based runtime behavior enforcement mechanism that uses ECU fingerprinting to authenticate messages. We then present a threat model, a characterization of different types of attacks, and a security analysis based on fuzzing. We have implemented and evaluated our framework on a Toyota Prius, and the BeamNG.tech simulator.