Implementation of a penetration test environment for ISO 21434 compliant automotive ECUs and analysis of vehicle Cybersecurity features

The automotive industry is on the brink of a technological revolution, as vehicles increasingly rely on sophisticated electronic control units (ECUs) interconnected through Controller Area Network (CAN) protocols. While these advancements have brought unprecedented levels of efficiency and functionality, they have also exposed the sector to a growing threat landscape related to the security of CAN bus communication. This paper addresses this critical concern by presenting a comprehensive examination of automotive cybersecurity, with a focus on the vulnerability of CAN networks and the imperative to safeguard their electronic control units. The central thesis of this research revolves around the development and implementation of an innovative testing environment tailored for evaluating the susceptibility of CAN networks to common cyber-attacks. The proposed framework provides a controlled and realistic simulation of real-world attack scenarios, enabling a systematic assessment of the robustness of existing security measures. The research emphasizes compliance with a generic ECU to a mandatory security standard in the automotive environment: ISO/SAE 21434. This reference standard has been considered at every stage of the design and development of the thesis work, ensuring an efficient test environment in accordance with the safety standards proposed by ISO/SAE 21434. By leveraging a diverse range of attack vectors, including message spoofing, denial-of-service, brute force, and intrusion attempts, the environment facilitates the identification of vulnerabilities and the validation of potential countermeasures. The study also delves into the intricacies of automotive ECU security, shedding light on the potential ramifications of compromised control units. Through a hardware and software analysis of the threat landscape, including threat actors, motivations, and attack vectors, the research underscores the urgency of bolstering the security posture of ECUs. Furthermore, it introduces a novel approach to intrusion detection within the CAN-bus network, utilizing anomaly detection techniques to swiftly identify and mitigate suspicious activities, thereby minimizing the potential impact of attacks. In conclusion, this thesis contributes to the burgeoning field of automotive cybersecurity by addressing a critical facet of the industry's vulnerability: the security of CAN networks and their associated electronic control units. Through the development of an advanced testing environment, this research enables a systematic assessment of the susceptibility of automotive systems to cyber-attacks. The findings not only underscore the necessity for robust security measures but also provide a tangible contribution to the ongoing efforts aimed at safeguarding the future of automotive transportation.