This paper presents a security analysis of the Local Interconnect Network (LIN) that is used in assembly units such as seats, steering wheels, and doors in vehicles. Recently, the number of security threats to in-vehicle networks such as the Controller Area Network has increased. In contrast, there have been no reports that evaluate the security of LIN in detail. The security analysis of LIN is important because it is used in units related to seats, steering wheels, etc. and it is at risk for an attack. In this paper, we present the first evaluation on the security of LIN. We present case studies of attacks that use the characteristics of a commonly-used error handling mechanism. In the attacks, the attacker intentionally stops communication using the error handling mechanism and sends a false response in place of a valid one. We experimentally show the feasibility of the attacks using a vehicle microcontroller. Furthermore, we present countermeasures against the attacks. The results of this study show that there is vulnerability to attack when the error handling mechanism is simply designed. We believe that this study will contribute to improvements in security of in-vehicle communications.
2017 by the Information Processing Society of Japan