A Centrally Managed Identity-Anonymized CAN Communication System*

Published May 16, 2018 by SAE International in United States
Citation: Xia, Z., Komano, Y., Kawabata, T., and Shimizu, H., "A Centrally Managed Identity-Anonymized CAN Communication System*," SAE Int. J. Cybersecurity 1(1):19-38, 2018, https://doi.org/10.4271/11-01-01-0002.
Language: English

Abstract:

Identity-Anonymized CAN (IA-CAN) protocol is a secure CAN protocol, which provides the sender authentication by inserting a secret sequence of anonymous IDs (A-IDs) shared among the communication nodes. To prevent malicious attacks from the IA-CAN protocol, a secure and robust system error recovery mechanism is required. This article presents a central management method of IA-CAN, named the IA-CAN with a global A-ID, where a gateway plays a central role in the session initiation and system error recovery. Each ECU self-diagnoses the system errors, and (if an error happens) it automatically resynchronizes its A-ID generation by acquiring the recovery information from the gateway. We prototype both a hardware version of an IA-CAN controller and a system for the IA-CAN with a global A-ID using the controller to verify our concept.