Cybersecurity of Ground Systems

Automotive Ethernet Cyberattack Defense in Ground Vehicles

by Peter Moldenhauer; Jonathan Esquivel


This paper describes the strategies and challenges involved to secure vehicles which use automotive Ethernet-based networks. Since the early 1990's, the Controller Area Network (CAN) bus has been the standard in automotive networking systems. However, automotive Ethernet is becoming more common in recent years and is considered the future in automotive networking. This new technology has unique advantages over traditional CAN bus networks (e.g. higher bandwidth that can support hashing and encryption), and it still requires additional security measures such as monitoring and detection of anomalies to better secure the vehicle. Southwest Research Institute (SwRI) has previously developed a CAN- only intrusion detection system (IDS) which protects a vehicle’s CAN bus by actively monitoring traffic and flagging messages that are identified as anomalies. SwRI successfully implemented the ability to read, train, and detect on automotive Ethernet data in the IDS. The integration of automotive Ethernet in the IDS unveiled numerous challenges and lessons learned throughout its development.