Practical Security Exploits of the FlexRay In-Vehicle Communication Protocol

The ever increasing number of electronic control units inside a car demanded more complex buses with higher bandwidth capacities. But even the more recently designed in-vehicle network protocols, e.g., FlexRay, were engineered in thse absence of security concerns and thus they are highly vulnerable to adversarial interventions. In this work, we study the FlexRay protocol specification to identify features that can be used to mount various attacks. The attacks exploit both the physical layer and the data-link layer of the protocol to discard messages from the bus, i.e., DoS attacks, or to spoof messages by inserting adversarial frames and later discarding the genuine frames. We illustrate the feasibility of these attacks on an experimental setup composed of several FlexRay nodes implemented on automotive-grade controllers. While these attacks may not be a surprise, recognizing them may be relevant in preventing potential future exploits.