Background and Research

In recent years, several attacks have impressively demonstrated that the software running on embedded controllers in cars can be successfully exploited – often even remotely. The fact that components that were hitherto purely mechanical, such as connections to the brakes, throttle, and steering wheel, have been computerized makes digital exploits life-threatening. Because of the interconnectedness of sensors, controllers and actuators, any compromised controller can impersonate any other controller by mimicking its control messages, thus effectively depriving the driver of his control.

CAN Bus connecting ECUs

The fact that carmakers develop vehicles in evolutionary steps rather than as revolution, has led us to propose a backward-compatible authentication mechanism for the widely used CAN vehicle communication bus. VatiCAN allows recipients of a message to verify its authenticity via HMACs, while not changing CAN messages for legacy, non-critical components.

Scientific Paper

Press Coverage

  • Automobilwoche, Nov 11 2016, Fahrzeugsicherheit: Lösungen gegen Hacker und Geisterfahrer
  • Motor Traffic, Sep 08 2017, Der vatiCAN schützt Autofahrer vor Hackerangriffen
  • SR Online, Sep 08 2017, Uniforscher kämpfen gegen Autohacker
  • Handelsblatt, Sep 14 2017, Hacker am Steuer


Vatican3 Vatican5 Vatican1 Vatican2 Vatican4 Vatican6