Skip to main content
SpringerLink
Log in

An Overview of Vehicle OBD-II Port Countermeasures

  • Conference paper
  • First Online:
Proceedings of the Second International Conference on Innovations in Computing Research (ICR’23)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 721))

  • 338 Accesses

Abstract

Vehicles’ On-Board Diagnostics (OBD) is a standardized way to communicate with a vehicle’s components for environmental and technical purposes. The OBD-II port allows such communication via plugging a cable into it and, more recently, OBD dongles with wireless capabilities. Because of the absence of message authentication in in-vehicle networks, there are significant security weaknesses when exploiting the OBD-II port by connecting with malicious devices. Regulators use ECUs and their data to test emission levels, whereas technicians use them to diagnose problems. On the other hand, the OBD-II port could be misused to attack vehicles and, eventually, passengers and their safety.

In this paper, we provide an overview of countermeasures capable of preventing attacks originating from the OBD-II port. We compare the countermeasures and discuss challenges and future directions.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Alshaeri, A., Younis, M.: Protocols for secure remote access to vehicle onboard diagnostic systems in smart cities. IEEE Intell. Transp. Syst. Mag. 14(5), 209–221 (2022)

    Article  Google Scholar 

  2. Ammar, M., Janjua, H., Thangarajan, A.S., Crispo, B., Hughes, D.: Securing the on-board diagnostics port (obd-ii) in vehicles. SAE Int. J. Transp. Cybersecurity Privacy (11-02-02-0009), 83–106 (2020)

    Google Scholar 

  3. Checkoway, S., et al.: Comprehensive experimental analyses of automotive attack surfaces. In: USENIX Security Symposium, vol. 4, p. 2021. San Francisco (2011)

    Google Scholar 

  4. Foster, I., Prudhomme, A., Koscher, K., Savage, S.: Fast and vulnerable: a story of telematic failures. In: 9th USENIX Workshop on Offensive Technologies (WOOT 15) (2015)

    Google Scholar 

  5. Gmiden, M., Gmiden, M.H., Trabelsi, H.: Cryptographic and intrusion detection system for automotive can bus: survey and contributions. In: 2019 16th International Multi-Conference on Systems, Signals & Devices (SSD), pp. 158–163. IEEE (2019)

    Google Scholar 

  6. Gupta, R.A., Chow, M.Y.: Networked control system: overview and research trends. IEEE Trans. Ind. Electron. 57(7), 2527–2535 (2010)

    Article  Google Scholar 

  7. Hoppe, T., Kiltz, S., Dittmann, J.: Security threats to automotive can networks — practical examples and selected short-term countermeasures. In: SAFECOMP (2011)

    Google Scholar 

  8. Humayed, A., Luo, B.: Cyber-physical security for smart cars: taxonomy of vulnerabilities, threats, and attacks. In: ACM/IEEE ICCPS (2015)

    Google Scholar 

  9. Jadoon, A.K., Wang, L., Li, T., Zia, M.A.: Lightweight cryptographic techniques for automotive cybersecurity. Wireless Communications and Mobile Computing (2018)

    Google Scholar 

  10. Klement, F., Pöhls, H.C., Katzenbeisser, S.: Change your car’s filters: efficient concurrent and multi-stage firewall for obd-ii network traffic. In: 2022 IEEE 27th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD), pp. 19–25. IEEE (2022)

    Google Scholar 

  11. Klement, F., Pöhls, H.C., Katzenbeisser, S.: Man-in-the-obd: A modular, protocol agnostic firewall for automotive dongles to enhance privacy and security. In: International Workshop on Attacks and Defenses for Internet-of-Things, pp. 143–164. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-21311-3_7

  12. Kornaros, G., Tomoutzoglou, O., Coppola, M.: Hardware-assisted security in electronic control units: secure automotive communications by utilizing one-time-programmable network on chip and firewalls. IEEE Micro 38(5), 63–74 (2018)

    Article  Google Scholar 

  13. Koscher, K., et al.: Experimental security analysis of a modern automobile. In: 2010 IEEE Symposium on Security and Privacy, pp. 447–462. IEEE (2010)

    Google Scholar 

  14. Limbasiya, T., Teng, K.Z., Chattopadhyay, S., Zhou, J.: A systematic survey of attack detection and prevention in connected and autonomous vehicles. Vehicular Communications, p. 100515 (2022)

    Google Scholar 

  15. Liu, J., Zhang, S., Sun, W., Shi, Y.: In-vehicle network attacks and countermeasures: challenges and future directions. IEEE Network 31(5), 50–58 (2017)

    Article  Google Scholar 

  16. Lokman, S.F., Othman, A.T., Abu-Bakar, M.H.: Intrusion detection system for automotive controller area network (can) bus system: a review. EURASIP J. Wirel. Commun. Netw. 2019, 1–17 (2019)

    Article  Google Scholar 

  17. Luo, F., Hu, Q.: Security mechanisms design for in-vehicle network gateway. Tech. rep, SAE Technical Paper (2018)

    Book  Google Scholar 

  18. Markham, T.R., Chernoguzov, A.: A balanced approach for securing the obd-ii port. SAE Int. J. Passenger Cars-Electron. Electr. Syst. 10(2) (2017)

    Google Scholar 

  19. Marstorp, G., Lindström, H.: Security testing of an obd-ii connected iot device. E2B: IOT Hacking (2017)

    Google Scholar 

  20. Miller, C.: Lessons learned from hacking a car. IEEE Design Test 36(6), 7–9 (2019)

    Article  Google Scholar 

  21. Miller, C., Valasek, C.: A survey of remote automotive attack surfaces. Black Hat USA 2014, 94 (2014)

    Google Scholar 

  22. Pareja Veredas, R., Mehaboobe, Y.: Scalable attacks on connected vehicles (2022)

    Google Scholar 

  23. Petit, J., Shladover, S.E.: Potential cyberattacks on automated vehicles. IEEE Trans. Intell. Transp. Syst. 16(2), 546–556 (2015)

    Google Scholar 

  24. Pham, M., Xiong, K.: A survey on security attacks and defense techniques for connected and autonomous vehicles. Comput. Secur. 109, 102,269 (2021)

    Google Scholar 

  25. Rizzoni, G., Onori, S., Rubagotti, M.: Diagnosis and prognosis of automotive systems: motivations, history and some results. IFAC Proc. Vol. 42(8), 191–202 (2009)

    Article  Google Scholar 

  26. Rouf, I., et al.: Security and privacy vulnerabilities of in-car wireless networks: a tire pressure monitoring system case study. In: USENIX Security Symposium (2010)

    Google Scholar 

  27. SAE: J3138_202210: Diagnostic link connector security (2018). https://www.sae.org/standards/content/j3138_202210/

  28. Sahana, Y., Gotkhindikar, A., Tiwari, S.K.: Survey on can-bus packet filtering firewall. In: 2022 International Conference on Edge Computing and Applications (ICECAA), pp. 472–478. IEEE (2022)

    Google Scholar 

  29. Shahriar, M.H., Xiao, Y., Moriano, P., Lou, W., Hou, Y.T.: Canshield: Signal-based intrusion detection for controller area networks. arXiv preprint arXiv:2205.01306 (2022)

  30. Studnia, I., Nicomette, V., Alata, E., Deswarte, Y., Kaâniche, M., Laarouchi, Y.: Survey on security threats and protection mechanisms in embedded automotive networks. In: 2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W), pp. 1–12. IEEE (2013)

    Google Scholar 

  31. Subke, P., Mayer, J.: The future of obd: Enhanced on-board diagnostic system with remote access. Tech. rep, SAE Technical Paper (2022)

    Google Scholar 

  32. Taylor, A., Leblanc, S., Japkowicz, N.: Anomaly detection in automobile control network data with long short-term memory networks. In: 2016 IEEE International Conference on Data Science and Advanced Analytics (DSAA), pp. 130–139. IEEE (2016)

    Google Scholar 

  33. Wen, H., Chen, Q.A., Lin, Z.: \(\{\)Plug-N-Pwned\(\}\): Comprehensive vulnerability analysis of \(\{\)OBD-II\(\}\) dongles as a new \(\{\)Over-the-Air\(\}\) attack surface in automotive \(\{\)IoT\(\}\). In: 29th USENIX Security Symposium (USENIX Security 20), pp. 949–965 (2020)

    Google Scholar 

  34. Wolf, M., Weimerskirch, A., Paar, C.: Security in automotive bus systems. In: Workshop on Embedded Security in Cars, pp. 1–13. Bochum (2004)

    Google Scholar 

  35. Yadav, A., Bose, G., Bhange, R., Kapoor, K., Iyengar, N., Caytiles, R.D.: Security, vulnerability and protection of vehicular on-board diagnostics. Int. J. Secur. Appl. 10(4), 405–422 (2016)

    Google Scholar 

  36. Yan, W.: A two-year survey on security challenges in automotive threat landscape. In: 2015 International Conference on Connected Vehicles and Expo (ICCVE), pp. 185–189. IEEE (2015)

    Google Scholar 

  37. Young, C., Zambreno, J., Olufowobi, H., Bloom, G.: Survey of automotive controller area network intrusion detection systems. IEEE Design Test 36(6), 48–55 (2019)

    Article  Google Scholar 

  38. Zachos, M., Subke, P.: Test method for the sae j3138 automotive cyber security standard. Tech. rep, SAE Technical Paper (2020)

    Book  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Jazan University, Jazan, Saudi Arabia

    Abdulmalik Humayed

Authors
  1. Abdulmalik Humayed
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Abdulmalik Humayed .

Editor information

Editors and Affiliations

  1. University of Detroit Mercy, Farmington Hills, MI, USA

    Kevin Daimi

  2. Asia Pacific International College, Sydney, NSW, Australia

    Abeer Al Sadoon

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Humayed, A. (2023). An Overview of Vehicle OBD-II Port Countermeasures. In: Daimi, K., Al Sadoon, A. (eds) Proceedings of the Second International Conference on Innovations in Computing Research (ICR’23). Lecture Notes in Networks and Systems, vol 721. Springer, Cham. https://doi.org/10.1007/978-3-031-35308-6_22

Download citation

Publish with us

Policies and ethics

Search

Navigation