The CAN protocol was designed for efficiency and reliability in closed, automobile systems, certainly not for security in connected environments. In its classic form, it lacks encryption and authentication. If a malicious actor gains access to the bus (e.g., via a connected ECU), they are implicitly trusted in the network by default.
Modern security applications (like AUTOSAR SecOC or Secure Gateways) introduce additional defense layers. However, these are not a universal fix that fits perfectly for the car environment. All security implementations add latency and complexity that such legacy architectures cannot handle efficiently.
The most critical gap pertains to logic, not syntax. An ECU, here understood as a node in a bus, validates a frame’s structure (ID, checksum) perfectly but fails to validate the operational context. So, if the architecture focuses only on the transport layer and ignores contextual validation, the vulnerability remains. This can mean, for example, that the information on your dashboard or IVI screen will be false or suggesting safety issues, while in reality, everything is fine.
