Related papers: Security Analysis of LTE Connectivity in Connected Cars: A Case Study of Tesla

Security Analysis of LTE Connectivity in Connected Cars: A Case Study of Tesla

URL: http://arxiv.org/abs/2510.22024v1
Date: Fri, 24 Oct 2025 21:03:48 GMT
Title: Security Analysis of LTE Connectivity in Connected Cars: A Case Study of Tesla
Authors: Evangelos Bitsikas, Jason Veara, Aanjhan Ranganathan,
Abstract summary: We conduct a black-box, non-invasive security analysis of LTE connectivity in Tesla vehicles, including the Model 3 and Cybertruck.<n>We find that Tesla's telematics stack is susceptible to IMSI catching, rogue base station hijacking, and insecure fallback mechanisms that may silently degrade service availability.
Score: 4.785568481453944
License: http://creativecommons.org/licenses/by/4.0/
Abstract: Modern connected vehicles rely on persistent LTE connectivity to enable remote diagnostics, over-the-air (OTA) updates, and critical safety services. While mobile network vulnerabilities are well documented in the smartphone ecosystem, their impact in safety-critical automotive settings remains insufficiently examined. In this work, we conduct a black-box, non-invasive security analysis of LTE connectivity in Tesla vehicles, including the Model 3 and Cybertruck, revealing systemic protocol weaknesses and architectural misconfigurations. We find that Tesla's telematics stack is susceptible to IMSI catching, rogue base station hijacking, and insecure fallback mechanisms that may silently degrade service availability. Furthermore, legacy control-plane configurations allow for silent SMS injection and broadcast message spoofing without driver awareness. These vulnerabilities have implications beyond a single vendor as they challenge core assumptions in regulatory frameworks like ISO/SAE 21434 and UN R155/R156, which require secure, traceable, and resilient telematics for type approval of modern vehicles.

Related papers

OS-Sentinel: Towards Safety-Enhanced Mobile GUI Agents via Hybrid Validation in Realistic Workflows [77.95511352806261]
Computer-using agents powered by Vision-Language Models (VLMs) have demonstrated human-like capabilities in operating digital environments like mobile platforms.<n>We propose OS-Sentinel, a novel hybrid safety detection framework that combines a Formal Verifier for detecting explicit system-level violations with a Contextual Judge for assessing contextual risks and agent actions.
arXiv Detail & Related papers (2025-10-28T13:22:39Z)
SafeCOMM: A Study on Safety Degradation in Fine-Tuned Telecom Large Language Models [86.11849528108199]
Fine-tuning large language models (LLMs) on telecom datasets is a common practice to adapt general-purpose models to the telecom domain.<n>Recent research has shown that even benign fine-tuning can degrade the safety alignment of LLMs, causing them to respond to harmful or unethical user queries.
arXiv Detail & Related papers (2025-05-29T13:31:51Z)
Towards Zero Trust Security in Connected Vehicles: A Comprehensive Survey [0.27309692684728615]
Zero Trust is the new cybersecurity model that challenges the traditional one by promoting continuous verification of users, devices, and applications.<n>This paper offers an understanding of Zero Trust security through a comprehensive review of existing literature, principles, and challenges.<n>Future directions of this research will focus on incorporating Zero Trust principles within Vehicle-to-Vehicle (V2V) and Vehicle-to-Infrastructure (V2I) communication paradigms.
arXiv Detail & Related papers (2025-04-07T20:29:11Z)
EVSOAR: Security Orchestration, Automation and Response via EV Charging Stations [0.0]
Vehicle cybersecurity has emerged as a critical concern, driven by the innovation in the automotive industry.<n>Current efforts to address these challenges are constrained by the limited computational resources of vehicles.
arXiv Detail & Related papers (2025-03-21T09:48:29Z)
VMGuard: Reputation-Based Incentive Mechanism for Poisoning Attack Detection in Vehicular Metaverse [52.57251742991769]
vehicular Metaverse guard (VMGuard) protects vehicular Metaverse systems from data poisoning attacks.<n>VMGuard implements a reputation-based incentive mechanism to assess the trustworthiness of participating SIoT devices.<n>Our system ensures that reliable SIoT devices, previously missclassified, are not barred from participating in future rounds of the market.
arXiv Detail & Related papers (2024-12-05T17:08:20Z)
ACRIC: Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
Recent security incidents in safety-critical industries exposed how the lack of proper message authentication enables attackers to inject malicious commands or alter system behavior.<n>These shortcomings have prompted new regulations that emphasize the pressing need to strengthen cybersecurity.<n>We introduce ACRIC, a message authentication solution to secure legacy industrial communications.
arXiv Detail & Related papers (2024-11-21T18:26:05Z)
AI-Driven Intrusion Detection Systems (IDS) on the ROAD Dataset: A Comparative Analysis for Automotive Controller Area Network (CAN) [4.081467217340597]
The Controller Area Network (CAN) bus is a central system for managing in-vehicle communication between the electronic control units (ECUs) CAN protocol poses security challenges due to inherent vulnerabilities, lacking encryption and authentication, which, combined with an expanding attack surface, necessitates robust security measures. This paper considers the latest ROAD dataset, containing stealthy and sophisticated injections.
arXiv Detail & Related papers (2024-08-30T12:26:23Z)
SISSA: Real-time Monitoring of Hardware Functional Safety and Cybersecurity with In-vehicle SOME/IP Ethernet Traffic [49.549771439609046]
We propose SISSA, a SOME/IP communication traffic-based approach for modeling and analyzing in-vehicle functional safety and cyber security. Specifically, SISSA models hardware failures with the Weibull distribution and addresses five potential attacks on SOME/IP communication. Extensive experimental results show the effectiveness and efficiency of SISSA.
arXiv Detail & Related papers (2024-02-21T03:31:40Z)
A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure. This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus. We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
arXiv Detail & Related papers (2024-01-19T14:52:04Z)
When Authentication Is Not Enough: On the Security of Behavioral-Based Driver Authentication Systems [53.2306792009435]
We develop two lightweight driver authentication systems based on Random Forest and Recurrent Neural Network architectures. We are the first to propose attacks against these systems by developing two novel evasion attacks, SMARTCAN and GANCAN. Through our contributions, we aid practitioners in safely adopting these systems, help reduce car thefts, and enhance driver security.
arXiv Detail & Related papers (2023-06-09T14:33:26Z)
Anomaly Detection in Intra-Vehicle Networks [0.0]
Modern vehicles are connected to a range of networks, including intra-vehicle networks and external networks. With the loopholes in the existing traditional protocols, cyber-attacks on the vehicle network are rising drastically. This paper discusses the security issues of the CAN bus protocol and proposes an Intrusion Detection System (IDS) that detects known attacks.
arXiv Detail & Related papers (2022-05-07T03:38:26Z)
LATTE: LSTM Self-Attention based Anomaly Detection in Embedded Automotive Platforms [4.286327408435937]
We present a novel anomaly detection framework called LATTE to detect cyber-attacks in Controller Area Network (CAN) based networks within automotive platforms. Our proposed LATTE framework uses a stacked Long Short Term Memory (LSTM) predictor network with novel attention mechanisms to learn the normal operating behavior at design time. We evaluate our proposed LATTE framework under different automotive attack scenarios and present a detailed comparison with the best-known prior works in this area.
arXiv Detail & Related papers (2021-07-12T16:32:47Z)

This list is automatically generated from the titles and abstracts of the papers in this site.