This content is not included in
your SAE MOBILUS subscription, or you are not logged in.
UDS Security Access for Constrained ECUs
Technical Paper
2022-01-0132
ISSN: 0148-7191, e-ISSN: 2688-3627
Annotation ability available
Sector:
Language:
English
Abstract
Legacy electronic control units are, nowadays, required to implement cybersecurity measures, but they often do not have all the elements that are necessary to realize industry-standard cybersecurity controls. For example, they may not have hardware cryptographic accelerators, segregated areas of memory for storing keys, or one-time programmable memory areas. Such systems must still be protected with a sufficient level of rigor against attackers who wish to modify their operation or extract confidential information from them. A critical interface to defend is the Unified Diagnostics Service (UDS) interface which is used in many areas across the whole vehicle lifecycle. While the UDS service $27 (Security Access) has a reputation for poor cybersecurity, there is nothing inherent in the way it operates which prevents a secure access-control from being implemented. This paper describes an approach to providing UDS Security Access within systems which have very constrained processors (in terms of processing power, memory size and, in particular, cybersecurity features) which can be applied to multiple vehicles across many manufacturers. It describes, in detail, methods for generating UDS-Seeds and UDS-Keys in the absence of a hardware security module (HSM) with a true-random number generator, and without use (by the user who is requesting access) of IT-infrastructure. In addition, the problem of key-management and distribution is tackled head-on and not left as an implementation detail. A threat analysis has been performed (according to ISO/SAE 21434) using model-based tools, the results of which are presented in this paper. The constraints (some of which make it difficult to properly secure certain key material) result in risks which become clear in the threat analysis. Potential future users of this scheme can use this analysis to assess the residual risks in their own applications.
Recommended Content
Authors
Citation
Thompson, M., "UDS Security Access for Constrained ECUs," SAE Technical Paper 2022-01-0132, 2022, https://doi.org/10.4271/2022-01-0132.Also In
References
- Zhu , D. , Pritchard , E. , Reddy Dadam , S. , Kumar , V. et al. Optimization of Rule-Based Energy Management Strategies for Hybrid Vehicles Using Dynamic Programming Combustion Engines 184 2021
- ISO 2020 https://www.iso.org/standard/72439.html
- Wikipedia https://en.wikipedia.org/wiki/Challenge%E2%80%93response_authentication
- Yubico 2021 https://developers.yubico.com/U2F/Protocol_details/Overview.html
- NIST FIPS180-4—Secure Hash Standard (SHS) 2015 https://csrc.nist.gov/publications/detail/fips/180/4/final
- NIST SP 800-90A—Recommendation for Random Number Generation Using Deterministic Random Bit Generators 2015 https://csrc.nist.gov/publications/detail/sp/800-90a/rev-1/final
- Microsoft 2021 https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-overview
- Basel Committee on Banking Supervision 2019 https://www.bis.org/basel_framework/chapter/BCP/01.htm?inforce=20191215&published=20191215
- NIST 2020
- FIDO Alliance 2017 https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-overview-v1.2-ps-20170411.pdf
- IETF 2016 https://tools.ietf.org/html/rfc8017
- IEEE/SAE 2021 https://www.iso.org/standard/70918.html
- Garcia , F. and Van den Herrewegen , J. 2018 https://www.cs.bham.ac.uk/~garciaf/publications/BtB.pdf
- NIST https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf