Review of Secure Communication Approaches for In-Vehicle Network

In the connected vehicles, connecting interfaces bring threats to the vehicles and they can be hacked to impact the vehicles and drivers. Compared with traditional vehicles, connected vehicles require more information transfer. Sensor signals and critical data must be protected to ensure the cyber security of connected vehicles. The communications among ECUs, sensors, and gateways are connected by in-vehicle networks. This paper discussed the state-of-art techniques about secure communication for in-vehicle networks. First, the related concepts in automotive secure communication have been provided. Then we have compared and contrasted existing approaches for secure communication. We have analyzed the advantages/disadvantages of MAC and digital signatures for message authentication and compared the performance and limitations of different cryptographic algorithms. Firewall and intrusion detection system are introduced to protect the networks. The constraints and features of different intrusion detection approaches are presented. After that, the technical requirements for cryptographic mechanism and intrusion detection policy are concluded. Based on the review of current researches, the future development directions of the automotive network security have been discussed. The purpose of this paper is to review current techniques on automotive secure communication and suggest suitable secure approaches to implement on the in-vehicle networks.

[1]  D.K. Nilsson,et al.  Secure Firmware Updates over the Air in Intelligent Vehicles , 2008, ICC Workshops - 2008 IEEE International Conference on Communications Workshops.

[2]  Eric Armengaud,et al.  Integrated Safety and Security Development in the Automotive Domain , 2017 .

[3]  Je-Won Kang,et al.  A Novel Intrusion Detection Method Using Deep Neural Network for In-Vehicle Network Security , 2016, 2016 IEEE 83rd Vehicular Technology Conference (VTC Spring).

[4]  Martin Mauve,et al.  CLL: A Cryptographic Link Layer for Local Area Networks , 2008, SCN.

[5]  Ingrid Verbauwhede,et al.  LiBrA-CAN: A Lightweight Broadcast Authentication Protocol for Controller Area Networks , 2012, CANS.

[6]  Tae-Chul Jung,et al.  IEEE 802.1 AVB and Its Application in Carrier-Grade Ethernet [Standards Topics] , 2007, IEEE Communications Magazine.

[7]  Charlie McCarthy,et al.  A Summary of Cybersecurity Best Practices , 2014 .

[8]  Erland Jonsson,et al.  A First Simulation of Attacks in the Automotive Network Communications Protocol FlexRay , 2008, CISIS.

[9]  André Weimerskirch,et al.  Do Vehicles Need Data Security , 2011 .

[10]  Ludovic Apvrille,et al.  Security requirements for automotive on-board networks , 2009, 2009 9th International Conference on Intelligent Transport Systems Telecommunications, (ITST).

[11]  William Stallings,et al.  THE ADVANCED ENCRYPTION STANDARD , 2002, Cryptologia.

[12]  Kang G. Shin,et al.  Viden: Attacker Identification on In-Vehicle Networks , 2017, CCS.

[13]  Roman Obermaisser,et al.  Secure automotive gateway — Secure communication for future cars , 2014, 2014 12th IEEE International Conference on Industrial Informatics (INDIN).

[14]  Claudia Eckert,et al.  Automotive Proxy-Based Security Architecture for CE Device Integration , 2012, MOBILWARE.

[15]  Dong Hoon Lee,et al.  A Practical Security Architecture for In-Vehicle CAN-FD , 2016, IEEE Transactions on Intelligent Transportation Systems.

[16]  Alberto L. Sangiovanni-Vincentelli,et al.  Cyber-Security for the Controller Area Network (CAN) Communication Protocol , 2012, 2012 International Conference on Cyber Security.

[17]  Steven E. Shladover,et al.  Potential Cyberattacks on Automated Vehicles , 2015, IEEE Transactions on Intelligent Transportation Systems.

[18]  Camille Vuillaume,et al.  Cyber-security for Engine ECUs: Past, Present and Future , 2015 .

[19]  Hirofumi Yamashita,et al.  Automotive Attacks and Countermeasures on LIN-Bus , 2017, J. Inf. Process..

[20]  Kirsten Matheus Automotive Ethernet , 2014 .

[21]  Sebastian Bittl,et al.  Attack Potential and Efficient Security Enhancement of Automotive Bus Networks Using Short MACs with Rapid Key Change , 2014, Nets4Cars/Nets4Trains/Nets4Aircraft.

[22]  Tomas Olovsson,et al.  Security aspects of the in-vehicle network in the connected car , 2011, 2011 IEEE Intelligent Vehicles Symposium (IV).

[23]  Wenhua Dou,et al.  SAFE: Security-Aware FlexRay Scheduling Engine , 2014, 2014 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[24]  Masaya Yoshikawa,et al.  Secure in-vehicle systems against Trojan attacks , 2015, 2015 IEEE/ACIS 14th International Conference on Computer and Information Science (ICIS).

[25]  Christof Paar,et al.  Security in Automotive Bus Systems , 2004 .

[26]  Ladislav Hudec,et al.  Comparative analysis of TCP/IP security protocols for use in vehicle communication , 2016, 2016 17th International Carpathian Control Conference (ICCC).

[27]  Roland Rieke,et al.  Identification of Security Requirements in Systems of Systems by Functional Security Analysis , 2009, WADS.

[28]  Marko Wolf,et al.  Security Crash Test - Practical Security Evaluations of Automotive Onboard IT Components , 2014, Automotive - Safety & Security.

[29]  Stephen Northcutt,et al.  Network intrusion detection , 2003 .

[30]  Keith Mayes,et al.  CAN Bus Risk Analysis Revisit , 2014, WISTP.

[31]  Ingrid Verbauwhede,et al.  CANAuth - A Simple, Backward Compatible Broadcast Authentication Protocol for CAN bus , 2011 .

[32]  Jean-Jacques Quisquater,et al.  SEA: A Scalable Encryption Algorithm for Small Embedded Applications , 2006, CARDIS.

[33]  Michael Paulitsch,et al.  Time-Triggered Ethernet , 2014 .

[34]  Kang G. Shin,et al.  On authentication in a connected vehicle: Secure integration of mobile devices with vehicular networks , 2013, 2013 ACM/IEEE International Conference on Cyber-Physical Systems (ICCPS).

[35]  Lei Sun,et al.  A Framework for Self-Verification of Firmware Updates over the Air in Vehicle ECUs , 2008, 2008 IEEE Globecom Workshops.

[36]  Karsten Schmidt,et al.  Hardware and Software Constraints for Automotive Firewall Systems , 2016 .

[37]  Andreas Herkersdorf,et al.  Spatial and temporal isolation of virtual CAN controllers , 2014, SIGBED.

[38]  Martin,et al.  “Seis” — security in embedded IP-based systems , 2010 .

[39]  Bogdan Groza,et al.  Efficient Protocols for Secure Broadcast in Controller Area Networks , 2013, IEEE Transactions on Industrial Informatics.

[40]  Christoph Krauß,et al.  On Using TLS to Secure In-Vehicle Networks , 2017, ARES.

[41]  Marianne Azer,et al.  Lightweight Authentication Protocol Deployment over FlexRay , 2016, INFOS '16.

[42]  Marko Wolf Security Engineering For Vehicular It Systems , 2009 .

[43]  Naim Asaj,et al.  Entropy-based anomaly detection for in-vehicle networks , 2011, 2011 IEEE Intelligent Vehicles Symposium (IV).

[44]  Christoph Ruland,et al.  Secure and authentic communication on existing in-vehicle networks , 2009, 2009 IEEE Intelligent Vehicles Symposium.

[45]  Benjamin Glas,et al.  Towards an Information Security Framework for the Automotive Domain , 2014, Automotive - Safety & Security.

[46]  Shwetak N. Patel,et al.  Experimental Security Analysis of a Modern Automobile , 2010, 2010 IEEE Symposium on Security and Privacy.

[47]  Kazuomi Oishi,et al.  A Method of Preventing Unauthorized Data Transmission in Controller Area Network , 2012, 2012 IEEE 75th Vehicular Technology Conference (VTC Spring).

[48]  Mara Tanelli,et al.  A Security Layer for Smartphone-to-Vehicle Communication Over Bluetooth , 2013, IEEE Embedded Systems Letters.

[49]  Youngjin Park,et al.  Degree of fault isolability and active fault diagnosis for redundantly actuated vehicle system , 2016 .

[50]  Dong Hoon Lee,et al.  A Practical Wireless Attack on the Connected Car and Security Protocol for In-Vehicle CAN , 2015, IEEE Transactions on Intelligent Transportation Systems.

[51]  Jürgen Teich,et al.  CAN+: A new backward-compatible Controller Area Network (CAN) protocol with up to 16× higher data rates. , 2009, 2009 Design, Automation & Test in Europe Conference & Exhibition.

[52]  Andrey Bogdanov,et al.  PRESENT: An Ultra-Lightweight Block Cipher , 2007, CHES.

[53]  Charlie McCarthy,et al.  National Institute of Standards and Technology (NIST) Cybersecurity Risk Management Framework Applied to Modern Vehicles , 2014 .

[54]  Hovav Shacham,et al.  Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[55]  Barbara J. Czerny System Security and System Safety Engineering: Differences and Similarities and a System Security Engineering Process Based on the ISO 26262 Process Framework , 2013 .

[56]  David D. Ward,et al.  Cybersecurity Testing and Validation , 2017 .

[57]  Thomas M. Forest,et al.  On the Fault Detection Capabilities of AUTOSAR's End-to-End Communication Protection CRC's , 2011 .

[58]  Muhammad Sabir Idrees,et al.  Effective and Efficient Security Policy Engines for Automotive On-Board Networks , 2012, Nets4Cars/Nets4Trains.

[59]  Alastair R. Ruddle,et al.  Threat Analysis and Risk Assessment in Automotive Cyber Security , 2013 .

[60]  Marko Wolf,et al.  Automotive Security Testing—The Digital Crash Test , 2016 .

[61]  Michael Schaffert,et al.  (R)evolution of E/E Architectures , 2015 .