Karamba heals CAN bus’ innate lack of security

December 19, 2017 // By Christoph Hammerschmidt
As automobiles become increasingly networked, they are also increasingly becoming the target of cyber attacks. One of the most vulnerable elements of vehicles is the venerable CAN bus – at the time it was designed some 30 years ago, nobody expected that vehicles ever would have an air interface. Now cyber security pioneer Karamba Security has devised a solution to the problem.

Due to missing security measures such as authentication, data encryption or even simple plausibility checks, the CAN bus is something like the holy grail for any malicious perpetrator: Once he has access to the CAN bus, he can carry out any manipulation the electronic controllers he wants – including activating the brakes at full speed or take over the control to the steering (in vehicles with electric power steering). Unfortunately, the CAN bus also widely resists attempts to harden it against attacks – due to its limited bandwidth and flexibility, it is not possible to establish, for instance, additional data fields into the messages, or to add authentication features. “The CAN bus is saturated”, says David Barzilai, Executive Chairman and co-founder of Karamba Security. Despite its shortcomings, the CAN bus is so well entrenched in the automotive industry that “no one wants to walk away” of this technology – even Tesla has built its electronic architecture on this technological antique.

This is where Karamba steps in: The security expert company has developed a software library that enables the ECUs connected to the CAN bus to encrypt the data packets they send across the bus and thus enable an authentication scheme that blocks out all malicious and thus non-authenticated data and instructions transmitted across the CAN bus. Barzilai claims that since the encrypted data packets have exactly the same size as the original ones, the system does not cause any network overhead. The additional workload for the ECUs is “very minimal”, promises Barzilai. Since the computing power of typical ECUs is rather limited, Karamba uses a lightweight encryption algorithm. “RSA would be too heavy,” Barzilai explains. To minimize the added workload, the key distribution happens once in the lifetime of an ECU and only needs to be repeated in the case an ECU is replaced.

SafeCAN, as the system is called, is designed to work along with Karamba’s embedded firewall Carwall. Together, the systems enable OEMs to establish secure software updates over the air.


s