Ensuring Safety and Security in CAN-Based Automotive Embedded Systems: A Combination of Design Optimization and Secure Communication

As automotive embedded systems comprised of electronic control units (ECUs) connected via a controller area network (CAN) have continued to develop, the volume of information these systems are required to handle has also rapidly increased. Cyber attacks targeting vulnerable points of automotive embedded systems in particular are on the rise to hinder normal operation of a vehicle. However, adding security mechanisms to defend against attacks cannot neglect timing requirements in terms of vehicle safety. This is because it may lead to a violation of automobile safety. In short, both sides of this issue must be addressed from the outset of the system design stage to provide optimal security and safety. As a response to this pressing issue, we propose a novel and efficient scheme. The design optimization during the system design phase not only ensures all the real-time applications are executed within their deadline but also reduces the number of transmitted messages over the CAN bus. After optimization, we apply a hash message authentication code (HMAC) to specific messages, providing secure communication between ECUs and protecting against cyber attacks. Security analysis and experimental results prove that the proposed scheme can counter attacks on the CAN bus while meeting timing requirements. Therefore, our proposed scheme is effective in satisfying improvement of both safety and security.

[1]  Peng Deng,et al.  Design synthesis and optimization for automotive embedded systems , 2014, ISPD '14.

[2]  Morris J. Dworkin,et al.  SP 800-38B. Recommendation for Block Cipher Modes of Operation: the CMAC Mode for Authentication , 2005 .

[3]  Frank Niewels,et al.  Traction Control System (TCS) , 2015 .

[4]  Jana Dittmann,et al.  Security threats to automotive CAN networks - Practical examples and selected short-term countermeasures , 2008, Reliab. Eng. Syst. Saf..

[5]  A. Hazem,et al.  LCAP - A Lightweight CAN Authentication Protocol for Securing In-Vehicle Networks , 2012 .

[6]  Ludovic Apvrille,et al.  Car2X Communication: Securing the Last Meter - A Cost-Effective Approach for Ensuring Trust in Car2X Applications Using In-Vehicle Symmetric Cryptography , 2011, 2011 IEEE Vehicular Technology Conference (VTC Fall).

[7]  Frank Piessens,et al.  VulCAN: Efficient Component Authentication and Software Isolation for Automotive Control Networks , 2017, ACSAC.

[8]  Hideki Imai,et al.  New Attestation Based Security Architecture for In-Vehicle Communication , 2008, IEEE GLOBECOM 2008 - 2008 IEEE Global Telecommunications Conference.

[9]  Sibylle B. Fröschle,et al.  Analyzing the Capabilities of the CAN Attacker , 2017, ESORICS.

[10]  Hovav Shacham,et al.  Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[11]  Flavio D. Garcia,et al.  LeiA: A Lightweight Authentication Protocol for CAN , 2016, ESORICS.

[12]  Kang G. Shin,et al.  Error Handling of In-vehicle Networks Makes Them Vulnerable , 2016, CCS.

[13]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[14]  Petru Eles,et al.  Reliability-Aware Frame Packing for the static segment of FlexRay , 2011, 2011 Proceedings of the Ninth ACM International Conference on Embedded Software (EMSOFT).

[15]  Renfa Li,et al.  Security-aware signal packing algorithm for CAN-based automotive cyber-physical systems , 2015, IEEE/CAA Journal of Automatica Sinica.

[16]  Hiroaki Takada,et al.  CaCAN: Centralized Authentication System in CAN (Controller Area Network) , 2016 .

[17]  Dong Hoon Lee,et al.  A Practical Wireless Attack on the Connected Car and Security Protocol for In-Vehicle CAN , 2015, IEEE Transactions on Intelligent Transportation Systems.

[18]  Jürgen Teich,et al.  CAN+: A new backward-compatible Controller Area Network (CAN) protocol with up to 16× higher data rates. , 2009, 2009 Design, Automation & Test in Europe Conference & Exhibition.

[19]  Seungwoo Seo,et al.  Design Optimization of Vehicle Control Networks , 2011, IEEE Transactions on Vehicular Technology.

[20]  Kang G. Shin,et al.  Viden: Attacker Identification on In-Vehicle Networks , 2017, CCS.

[21]  Petru Eles,et al.  Co-design techniques for distributed real-time embedded systems with communication security constraints , 2012, 2012 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[22]  Matti Valovirta,et al.  Experimental Security Analysis of a Modern Automobile , 2011 .

[23]  Wei Jiang,et al.  Design optimization for security- and safety-critical distributed real-time applications , 2017, Microprocess. Microsystems.

[24]  Huie Chen,et al.  Security-Aware Scheduling for FlexRay-Based Real-Time Automotive Systems , 2019 .

[25]  Christopher Huth,et al.  Scission: Signal Characteristic-Based Sender Identification and Intrusion Detection in Automotive Networks , 2018, CCS.

[26]  Ingrid Verbauwhede,et al.  CANAuth - A Simple, Backward Compatible Broadcast Authentication Protocol for CAN bus , 2011 .

[27]  Seung-Woo Seo,et al.  A heuristic task allocation methodology for designing the secure in-vehicle network , 2012, 2012 IEEE 1st International Workshop on Vehicular Communications, Sensing, and Computing (VCSC).

[28]  Stefano Zanero,et al.  A Stealth, Selective, Link-Layer Denial-of-Service Attack Against Automotive Networks , 2017, DIMVA.

[29]  Alberto L. Sangiovanni-Vincentelli,et al.  Optimizing the Software Architecture for Extensibility in Hard Real-Time Distributed Systems , 2010, IEEE Transactions on Industrial Informatics.

[30]  Flemming Nielson,et al.  Formal Security Analysis of the MaCAN Protocol , 2014, IFM.

[31]  Alberto L. Sangiovanni-Vincentelli,et al.  Security-aware mapping for TDMA-based real-time distributed systems , 2014, 2014 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[32]  Alberto L. Sangiovanni-Vincentelli,et al.  Schedule Optimization of Time-Triggered Systems Communicating Over the FlexRay Static Segment , 2011, IEEE Transactions on Industrial Informatics.

[33]  Alberto L. Sangiovanni-Vincentelli,et al.  Cyber-Security for the Controller Area Network (CAN) Communication Protocol , 2012, 2012 International Conference on Cyber Security.

[34]  Mauro Conti,et al.  TACAN: transmitter authentication through covert channels in controller area networks , 2019, ICCPS.

[35]  Alberto L. Sangiovanni-Vincentelli,et al.  Optimizing Extensibility in Hard Real-Time Distributed Systems , 2009, 2009 15th IEEE Real-Time and Embedded Technology and Applications Symposium.

[36]  Gianpiero Costantino,et al.  TOUCAN: A proTocol tO secUre Controller Area Network , 2019, AutoSec@CODASPY.

[37]  Christian Rossow,et al.  - vatiCAN - Vetted, Authenticated CAN Bus , 2016, CHES.

[38]  Robert I. Davis,et al.  Mixed Criticality Systems - A Review , 2015 .

[39]  Dong Hoon Lee,et al.  Identifying ECUs Using Inimitable Characteristics of Signals in Controller Area Networks , 2016, IEEE Transactions on Vehicular Technology.

[40]  Huy Kang Kim,et al.  Automated Reverse Engineering and Attack for CAN Using OBD-II , 2018, 2018 IEEE 88th Vehicular Technology Conference (VTC-Fall).

[41]  Christof Paar,et al.  Security in Automotive Bus Systems , 2004 .

[42]  Kang G. Shin,et al.  Fingerprinting Electronic Control Units for Vehicle Intrusion Detection , 2016, USENIX Security Symposium.