CAN networks connect (almost) all electronic control units (ECUs) with each other. Despite their inherent lack of data security and hence their vulnerability to cyber attacks, insiders agree that there is no cost-effective alternative in sight and therefore CAN networks are likely to remain the most important network for the coming decade. As the proportion of electronics in vehicles continues to grow, the amount of real-time data exchanged in CAN networks is also increasing.
However, because CAN is a multi-point connection network and most of the data communication within the vehicle has so far been unsecured, a single compromised ECU can access the connected ECUs directly. The solutions available today traditionally protect CAN communication using a Message Authentication Code (MAC) based on cryptography and complex key management. However, this requires increased CAN bus utilization and message latency and requires significantly more computing power.
Existing ECUs cannot simply be upgraded to support secure CAN messages if the processors do not have sufficient computing power. With secure CAN transceivers, however, car manufacturers can secure the messages of already installed ECUs, which makes it easier and quicker to implement safety measures than replacing the existing ECUs with safe ones.
See also: "Vatican" stops hacker attacks on cars
NXP has developed a purely transceiver-based solution for the CAN network that provides security - with no additional bandwidth requirements, no delays and no additional processor load, the chipmaker promises. This approach adds an additional layer to crypto-based security solutions, either in a defense-in-depth (DiD) concept or as a standalone option.