Securing Modern Vehicles: Electric Charging and In-Vehicle Communication Protocols

This talk investigates the security of modern vehicles as complex Cyber-Physical Systems (CPSs). While increased connectivity and computational capabilities enhance functionality and safety, they also enlarge the attack surface, introducing new risks to both security and privacy. The presentation summarizes findings from different important research directions addressing vulnerabilities in contemporary automotive technologies.

The first part examines emerging threats in electric vehicles connected to the smart grid. In particular, it introduces EVExchange, the first relay attack targeting Vehicle-to-Grid interactions, and discusses potential countermeasures to mitigate this threat.

The second part focuses on securing in-vehicle communications, particularly the CAN bus, a legacy protocol lacking built-in security features. Although numerous intrusion detection systems have been proposed, high false-positive rates remain a major limitation to practical deployment. This talk presents CANTXSec, a deterministic mechanism that correlates Electronic Control Unit activations with bus traffic to detect and prevent specific attacks while reducing false positives.

Finally, the presentation examines vulnerabilities in driver-behavior-based authentication systems, outlines adversarial attacks against them, and provides insights for their secure deployment.