Copy protection for automotive electronic control units using authenticity heartbeat signals

Protection of intellectual property rights is a vital aspect for the future automotive supplier market, in particular for the aftersales market for ECUs. Computer security can deliver the required protection mechanisms and sustain the according business models. We propose an approach to facilitate the rigorous checking of components for originality in a vehicle. In our system model, a security controller receives special messages (i.e., the authenticity heartbeat signal) from relevant ECUs and it performs subsequent authentication and plausibility checks. As a result, the security controller can tell, if the current setup of components in the vehicle is original. We evaluate our authentication architecture for the Battery Management System (BMS) of a hybrid car. Here, the security controller detects reliably, if the BMS is an original component, and whether an attacker has modified the operational limits of the battery. In this paper, we reason that an effective copy protection scheme needs to fuse relevant information from different sources. Therefore, various security techniques have to be combined in a sound architectural approach. The distinctive feature of our architecture is that it takes into account application-specific knowledge of the real-time entities under control.

[1]  Armin Wasicek End – to – End Encryption in the TTSoC Architecture , 2008 .

[2]  Panagiotis Papadimitratos,et al.  Secure vehicular communication systems: design and architecture , 2008, IEEE Communications Magazine.

[3]  Srivaths Ravi,et al.  Security as a new dimension in embedded system design , 2004, Proceedings. 41st Design Automation Conference, 2004..

[4]  Roman Obermaisser,et al.  DECOS: an integrated time-triggered architecture , 2006, Elektrotech. Informationstechnik.

[5]  VARUN CHANDOLA,et al.  Anomaly detection: A survey , 2009, CSUR.

[6]  J. Humphrey,et al.  The Global Automotive Industry Value Chain: What Prospects for Upgrading by Developing Countries , 2003 .

[7]  Philip Koopman,et al.  Flexible multicast authentication for time-triggered embedded control network applications , 2009, 2009 IEEE/IFIP International Conference on Dependable Systems & Networks.

[8]  A. Festag,et al.  Security Architecture for Vehicular Communication , 2007 .

[9]  Hagai Bar-El Intra-Vehicle Information Security Framework , 2009 .

[10]  Ari Juels,et al.  RFID security and privacy: a research survey , 2006, IEEE Journal on Selected Areas in Communications.

[11]  Marko Wolf,et al.  Design, Implementation, and Evaluation of a Vehicular Hardware Security Module , 2011, ICISC.

[12]  R. Pappu,et al.  Physical One-Way Functions , 2002, Science.

[13]  Patrick Schaumont,et al.  Design methods for Security and Trust , 2007, 2007 Design, Automation & Test in Europe Conference & Exhibition.

[14]  Marko Wolf Security Engineering For Vehicular It Systems , 2009 .

[15]  William M. Daley,et al.  Security Requirements for Cryptographic Modules , 1999 .

[16]  Hermann Kopetz,et al.  Authentication in Time-Triggered Systems Using Time-Delayed Release of Keys , 2011, 2011 14th IEEE International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing.

[17]  Roman Obermaisser,et al.  A Cross-Domain Multiprocessor System-on-a-Chip for Embedded Real-Time Systems , 2010, IEEE Transactions on Industrial Informatics.

[18]  Lejla Batina,et al.  RFID-Tags for Anti-counterfeiting , 2006, CT-RSA.

[19]  Stephen A. Benton,et al.  Physical one-way functions , 2001 .

[20]  Ran Canetti,et al.  Timed Efficient Stream Loss-Tolerant Authentication (TESLA): Multicast Source Authentication Transform Introduction , 2005, RFC.

[21]  Armin Wasicek,et al.  Enhancing security in CAN systems using a star coupling router , 2012, 7th IEEE International Symposium on Industrial Embedded Systems (SIES'12).

[22]  Ahmad-Reza Sadeghi,et al.  Patterns for Secure Boot and Secure Storage in Computer Systems , 2010, 2010 International Conference on Availability, Reliability and Security.

[23]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[24]  Henning Wallentowitz,et al.  Strategien in der Automobilindustrie : Technologietrends und Marktentwicklungen , 2009 .