An Adaptive Security Mechanism of CAN Bus in Vehicle

Abstract

Abstract: While the connected vehicles are promoting the development of important technologies such as intelligent transportation and smart cities, its security problems are increasingly severe at the same time. As the core bus network of connected vehicles, CAN bus is responsible for the transmission of sensor information and control instructions, therefore, the issue of its security protection attracts more and more attention. However，the existing security mechanism failed to consider the differentiated needs of messages and dynamic invehicle network environment. It is hard to balance security and network performance at the same time. Therefore, an adaptive security mechanism for CAN bus is proposed. Firstly, a factor set is established, and a differentiated security strategy and corresponding communication protocol are designed according to the requirement of message security and invehicle network environment. Then, the adaptive selection of security strategy is proposed based on the fuzzy decisionmaking idea and the consideration of the message requirements as well as the invehicle network factors. Finally, the feasibility and security of the proposed scheme are verified through theoretical analysis, Moreover, the experimental results indicated that the proposed scheme had limited computing cost, which made it suitable for ECU nodes with limited computing capacity and CAN bus networks with high realtime requirements.

Key words: in-vehicle network, CAN bus, security mechanism, fuzzy decision, key management

摘要： 网联汽车在推动智能交通、智慧城市等重要技术发展的同时，其存在的安全问题日益突出.作为网联汽车的核心总线网络，CAN总线主要负责传感器信息以及控制指令的传输，对其安全防护成为了研究重点.然而现有的CAN总线安全方案未考虑到报文安全需求的差异性以及车内网络环境的动态性，难以兼顾安全性和网络性能.因此，提出了一种自适应的车内CAN总线安全机制，首先根据报文安全需求和车内网络环境等因素建立因素集，并设计了差异化的安全策略及相应的通信协议.随后基于模糊决策的思想，根据报文安全需求和车内网络环境自适应地选取安全策略.最后通过理论分析验证了所提方案的可行性和安全性，同时，实验结果表明该方案所需计算开销有限，适用于计算能力受限的ECU节点和高实时性需求的CAN总线网络.

关键词: 车内网, CAN总线, 安全机制, 模糊决策, 密钥管理

陈颖钟成李兴华姜奇张会林景誉文. 自适应的车内CAN总线安全机制[J]. 信息安全研究, 2019, 5(12): 1076-1088.

References

[1]. Koscher K, Czeskis A, Roesner F, et al. Experimental security analysis of a modern automobile [C] //Proc of the 31st IEEE Symp on Security and Privacy. Berleley/Oakland, California: IEEE, 2010: 16-19 [2]. Checkoway S, McCoy D, Kantor B, et al. Comprehensive experimental analyses of automotive attack surfaces[C] //Proc of the USENIX Security Symp. San Francisco: USENIX Association, 2011, 4: 447-462 [3]. Staggs J, “How to hack your mini cooper: reverse engineering controller area network (can) messages on passenger automobiles” [EB/OL].(2013)[2019-04-20].https://www.defcon.org/images/defcon-21/dc-21-presentations/Staggs/DEFCON-21-Staggs-How-to-Hack-Your-Mini Cooper-WP.pdf [4]. Miller C, Valasek C. Remote exploitation of an unaltered passenger vehicle[J]. Black Hat USA, 2015: 91 [5]. Watch thieves stealing a Tesla through keyfob hack and struggling miserably to unplug it. [EB/OL]. (2018-10-21)[2019-04-20]. https://electrek.co/2018/10/21/tesla-stealing-video-keyfob-hack/ [6]. International Organization for Standardization, Road vehicles - Controller area network (CAN) - Part 1: Data link layer and physical signaling [S], ISO11898-1, 2003 [7]. Muter M, Asaj N. Entropy-based anomaly detection for in-vehicle networks[J]. Intelligent Vehicles Symposium IEEE, 2011:1110-1115 [8]. Groza B, Murvay P S. Efficient Intrusion Detection With Bloom Filtering in Controller Area Networks[J]. IEEE Trans on Information Forensics and Security, 2019, 14(4): 1037-1051. [9]. Moore M R, Bridges R A, Combs F L, et al. Modeling inter-signal arrival times for accurate detection of CAN bus signal injection attacks: a data-driven approach to in-vehicle intrusion detection[C]// Proc of the 12th Annual Conf on Cyber and Information Security Research. New York: ACM, 2017:11 [10]. Taylor A, Japkowicz N, Leblanc S. Frequency-based anomaly detection for the automotive CAN bus[C]// 2015 World Congress on Industrial Control Systems Security (WCICSS). IEEE, 2015: 45-49 [11]. Cho K T, Shin K G. Fingerprinting electronic control units for vehicle intrusion detection[C]//Proc of the 25th USENIX Security Symposium (USENIX Security 16).Vancouver, Canada. IEEE， 2016: 911-927. [12]. Groza B , Murvay S . Efficient protocols for secure broadcast in controller area networks[J]. IEEE Transactions on Industrial Informatics, 2013, 9(4):2034-2042 [13]. Nilsson D K , Larson U E , Jonsson E . Efficient in-vehicle delayed data authentication based on compound message authentication codes[C]// Proc of the 68thVehicular Technology Conference, 2008. VTC 2008-Fall. Calgary, Canada. IEEE, 2008: 1-5 [14]. Woo S , Jo H J , Lee D H. A practical wireless attack on the connected car and security protocol for in-Vehicle CAN[J]. IEEE Transactions on Intelligent Transportation Systems, 2014, 16(2):1-14 [15]. Radu A I, Garcia F D. LeiA: A lightweight authentication protocol for CAN[C]//European Symposium on Research in Computer Security. Springer, Cham, 2016: 283-300. [16]. R. Kurachi, Y. Matsubara, H. Takada, , et al. 2014. CaCAN - Centralized authentication system in CAN (controller area network). [C]//In Proceedings of the 14th International Conference on Embedded Security in Cars.Munich, Germany.IEEE,2016 [17]. Van Herrewege, A., Singelee, D., Verbauwhede, I.: CANAuth - A simple, backward compatible broadcast authentication protocol for CAN bus. [C]// In: ECRYPT Workshop on Lightweight Cryptography. IEEE,2011, 229-235. [18]. Murvay S, Murvay S, Herrewege A V, et al. LiBrA-CAN: Lightweight broadcast authentication for controller area networks[J]. Acm Transactions on Embedded Computing Systems, 2017, 16(3):90 [19]. Ziermann T, Wildermann S, Teich J. CAN+: A new backward-compatible Controller Area Network (CAN) protocol with up to 16x higher data rates[C]//Proceedings of the Conference on Design, Automation and Test in Europe. European Design and Automation Association, 2009: 1088-1093. [20]. Hazem A, Fahmy H A. Lcap-a lightweight can authentication protocol for securing in-vehicle networks[C]//10th escar Embedded Security in Cars Conference, Berlin, Germany. 2012, 6. [21]. Jukl M, Čupera J. Using of tiny encryption algorithm in CAN-Bus communication[J]. Research in Agricultural Engineering, 2016, 62(2): 50-55. [22]. Woo S , Jo H J , Kim I S , et al. A practical security architecture for in-Vehicle CAN-FD[J]. IEEE Transactions on Intelligent Transportation Systems, 2016:1-14 [23]. Lin C W, Sangiovanni-Vincentelli A. Cyber-security for the controller area network (CAN) communication protocol[C]//2012 International Conference on Cyber Security. New York,IEEE, 2012: 1-7. [24]. Groza B , Murvay S . Security solutions for the controller area network: bringing authentication to in-Vehicle networks[J]. IEEE Vehicular Technology Magazine, 2018:1-1 [25]. Nürnberger S, Rossow C. –vatican–vetted, authenticated can bus[C]//International Conference on Cryptographic Hardware and Embedded Systems. Springer, Berlin, Heidelberg, 2016: 106-124. [26]. 万爱兰, 韩牟, 马世典, et al. 基于一次性密码本的车内网身份认证协议[J]. 计算机工程, 2018, 44(488). [27]. Zadeh L A. Fuzzy sets[J]. Information & Control, 1965, 8(3):338-353 [28]. Saaty T L. Decision making with the analytic hierarchy process[J]. International journal of services sciences, 2008, 1(1): 83-98 [29]. Hodjat A, Verbauwhede I. Minimum area cost for a 30 to 70 Gbits/s AES processor[C]//IEEE Computer Society Annual Symposium on VLSI. IEEE, 2004: 83-88.