This content is not included in your SAE MOBILUS subscription, or you are not logged in.
Security Mechanisms Design for In-Vehicle Network Gateway
ISSN: 0148-7191, e-ISSN: 2688-3627
Published April 03, 2018 by SAE International in United States
This content contains downloadable datasetsAnnotation ability available
In the automotive network architecture, the basic functions of gateway include routing, diagnostic, network management and so on. With the rapid development of connected vehicles, the cybersecurity has become an important topic in the automotive network. A spoof ECU can be used to hack the automotive network. In order to prevent the in-vehicle networks from attacking, the automotive gateway is an important part of the security architecture. A secure gateway should be able to authenticate the connected ECU and control the access to the critical network domain. The data and signals transferred between gateway and ECUs should be protected to against wiretap attacking. The purpose of this paper is to design a secure gateway for in-vehicle networks. In this paper, the designing process of the automotive secure gateway is presented. Based on the threat analysis, security requirements for automotive gateway are defined. Secure communication, key master, and firewall are proposed as the security mechanisms to protect the automotive gateway. Secure communication mechanisms contain the message authentication and data encryption. Key master is a gateway function to distribute and update the keys for the secure communication of connected ECUs. Firewall based on message filter is designed to isolate the untrusted network domain and trusted network domain. The security functions of the automotive gateway are validated in a simulated attacking environment. A microcontroller with HSM is used to implement the secure gateway. Considering the influences of security mechanisms, the network latency is tested and the results have proved the secure gateway is effective and efficient.
|Technical Paper||Mitigating Unknown Cybersecurity Threats in Performance Constrained Electronic Control Units|
|Technical Paper||Safe and Secure Development: Challenges and Opportunities|
CitationLuo, F. and Hu, Q., "Security Mechanisms Design for In-Vehicle Network Gateway," SAE Technical Paper 2018-01-0018, 2018, https://doi.org/10.4271/2018-01-0018.
Data Sets - Support Documents
|Unnamed Dataset 1|
|Unnamed Dataset 2|
- Koscher , K. , Czeskis , A. , Roesner , F. , and Patel , S. Experimental Security Analysis of a Modern Automobile Proceedings of the Symposium on Security and Privacy May 2010
- Weyl , B. 2011
- Specification of Crypto
- Vehicle Cybersecurity Systems Engineering Committee 2016
- Seifert , S. , Roman O. Secure Automotive Gateway-Secure Communication for Future Cars Proceedings of 2014 12th IEEE International Conference on Industrial Informatics (INDIN) 2014
- Kurachi , R. , Takada , H. , Mizutani , T. , and Ueda , H. 2015
- Ruddle , A. 2009
- Samuel , W. A Practical Security Architecture for In-Vehicle CAN-FD IEEE Transactions on Intelligent Transportation Systems 17 8 2248 2261 2016
- Escherich , R. , Ledendecker , I. , Schmal , C. , and Kuhls , B. 2009
- Dolev , D. and Yao , A. On the Security of Public Key Protocols IEEE Transactions on Information Theory 29 198 208 1983