ETD

Archivio digitale delle tesi discusse presso l'Università di Pisa

Tesi etd-03232020-234400


Tipo di tesi
Tesi di laurea magistrale
Autore
DE CESARE, PAOLA
URN
etd-03232020-234400
Titolo
Machine Learning Based Techniques for ECU Identification and Anomaly Detection: Analysis, Design and Testing on CAN, CANFD Automotive Networks
Dipartimento
INGEGNERIA DELL'INFORMAZIONE
Corso di studi
INGEGNERIA ROBOTICA E DELL'AUTOMAZIONE
Relatori
relatore Prof. Saponara, Sergio
relatore Ing. Rosadini, Christian
relatore Ing. Gagliardi, Alessio
Parole chiave
  • neural network
  • machine learning
  • CAN-bus
  • automotive cybersecurity
  • anomaly detection
  • ecu fingerprinting
Data inizio appello
30/04/2020
Consultabilità
Non consultabile
Data di rilascio
30/04/2090
Riassunto
In recent years, thanks to the use of new innovative technologies and the Internet, cars have changed radically. Nowadays people are talking about autonomous driving, electric cars that allow to pollute less and reduce noise, remote diagnostics systems, car sharing, remote control and cars getting more connected. Thanks to the sophisticated instrumentation and the spread of the Internet, connected cars can communicate quickly and effectively with other vehicles, infrastructures and networks, sharing data and information in real time such as location, weather and traffic situation.
Moreover, all devices, such as engine, brake, gearbox, etc. that characterize a car, are controlled by Electronic Control Units (ECUs). The Electronic Control Units are responsible for the control and management of various operations, such the indoor climate, the automatic lighting in a tunnel, the opening of the locks with a remote control, the trigger of a series of airbags in low-adhesion conditions.
A car, today, has tens of control units, which communicate with each other thanks to serial communication protocols, such as CAN-Bus. The electronic components of vehicles must be reliable, i.e. they must respond to specific characteristics in order to be resistive to temperature variations, collisions and fluctuations. All this complexity makes the vehicle a real computer, but at the same time, it is necessary to be careful of malfunctions and disruptions, also due to cyberattacks.
When a car is connected to an external data network, the attack surface increases, allowing hackers to take possession of the car and consequently force the driver to carry out operations that he would not normally do. For this reason there is a necessity to create security systems and to adopt cybersecurity strategies in order to prevent attacks, ensure the normal functioning of a car and safeguard the life of the driver and others.
In this regard, the following thesis work, in collaboration with Marelli, aims at the realization and implementation of an innovative technique for ECU fingerprinting and anomaly detection. The idea comes from the fact that, from a design and implementation point of view, each control unit has unique characteristics and properties that make it indistinguishable. To underline the importance of fingerprinting, the idea is to create a Neural Network whose purpose is to recognize and classify the ECUs that compose a car, according to the input features vector, calculated on CAN High and CAN Low voltage levels. With a large enough amount of input data, the network is able to learn and classify the ECUs correctly, and this prevents misclassifications that can affect the measurement of learning performance.
An Anomaly Detection algorithm has been implemented to define the nature of the attack. A hacker to conduct an attack can use an external ECU or think to compromise intentionally an internal ECU inside the car. In the presence of datasets with attack, the objective is to use the neural network in order to understand how the compromised features are classified in order to determine the nature of the attack and consequently recognize where the attack comes from. A time-stamp is also associated to each recognised attack to determine the attack timing statistics. The innovative ECU fingerprinting and anomaly detection technique has been validated first in a simulation environment, and then on real-world data acquired, both in case of normal operation or under-attack operation, on the CAN network of a real premium car.
File