Loading web-font TeX/Main/Regular
CEAMP: A Cross-Domain Entity Authentication and Message Protection Framework for Intra-Vehicle Network | IEEE Journals & Magazine | IEEE Xplore
Scheduled Maintenance: On Monday, 30 June, IEEE Xplore will undergo scheduled maintenance from 1:00-2:00 PM ET (1800-1900 UTC).
On Tuesday, 1 July, IEEE Xplore will undergo scheduled maintenance from 1:00-5:00 PM ET (1800-2200 UTC).
During these times, there may be intermittent impact on performance. We apologize for any inconvenience.
Subscribe
ADVANCED SEARCH
Journals & Magazines >IEEE Transactions on Intellig... >Volume: 25 Issue: 7

CEAMP: A Cross-Domain Entity Authentication and Message Protection Framework for Intra-Vehicle Network

PDF
Chao Shang; Jin Cao; Jiajia Liu; Yinghui Zhang; Ben Niu; Hui Li
All Authors

Abstract:

Controller Area Network (CAN) is the most wide-used bus system in Intra-Vehicle Networks(IVN). However, the nature of broadcast communication and the lack of security mec...Show More

Metadata

Abstract:

Controller Area Network (CAN) is the most wide-used bus system in Intra-Vehicle Networks(IVN). However, the nature of broadcast communication and the lack of security mechanisms make the CAN bus extremely fragile against malicious attacks. Although there are works protecting IVN, most of them are not feasible when applied to real vehicles because they do not consider the IVN node capability. In this paper, we propose a security framework for the CAN bus, covering ECU entity identity management and authentication, symmetric key generation and update, intra-domain, cross-domain secure transmission, and sensitivity-based security classification methods. We formally verify our protocols using the up-to-date tool Tamarin and simulate real attacks in a simulation environment and the results show that the proposed protocol can resist these attacks. By the use of speck encryption and the Chaskey MAC algorithm in our schemes, the analysis results show that the increased time of a frame for a single ECU in our proposed intra-domain scheme is 2.09 ms to 2.78 ms on Arduino Mega, and 121.65 \mu s to 152.15 \mu s on Arduino DUE, which takes up 6.08% to 7.61% of a 10ms cyclic time frame. And in the cross-domain scheme is 2.55 ms to 3.24 ms on Arduino Mega, and 134.30 \mu s to 164.80 \mu s on Arduino DUE, which takes up 6.72% to 8.24% of a 10ms frame. To the best of our knowledge, this is the first time an IVN cross-domain secure transmission protocol has been proposed without changing the IVN network topology or the CAN protocol. Our work brings practical protection to IVN.
Published in: IEEE Transactions on Intelligent Transportation Systems ( Volume: 25, Issue: 7, July 2024)
Page(s): 6780 - 6795
Date of Publication: 21 December 2023

ISSN Information:

DOI: 10.1109/TITS.2023.3339821

Funding Agency:

Contents

I. Introduction

After centuries of development in the automobile industry, vehicle construction has evolved from pure mechanical-based handmade vehicles to microchip-based intelligent electric vehicles. In particular, in recent years, with the urgency of microchips and various types of sensors, great attention has been paid to software-defined vehicles and the intra-vehicle network (IVN). Universally, in a modern electric vehicle IVN, more than one bus (and perhaps more than one type) are combined by a central gateway to divide and conquer. Different types of IVN bus systems, such as the Controller Area Network (CAN), FlexRay, Local Interconnect Network (LIN), and Media Oriented System Transport (MOST), have been designed to perform specific functions during vehicle operation. For example, several CAN buses are deployed to support essential functions for Engine Control Module, Supplemental Restraint System, Electronic Stability Program, and Anti-lock Brake System (ABS); a LIN bus is deployed to control Front Lights, Air Condition, and Door Locks; a MOST bus is used to provide Navigator and Media Entertainment System. Among the intra-vehicle bus systems, CAN is the most well-known because of its strong robustness and well efficiency with low cost. Generally, in a CAN bus system, Electronic Control Units (ECUs) are connected together and could share CAN frames with each other. To be specific, the ECUs together with sensors or actuators act as basic units to collect or process data such as acceleration, speed, temperature, etc. After being primarily processed, the data is encapsulated into a CAN frame and is broadcasted on the CAN bus. The rest of the ECUs can accept or discard the frames broadcasted on the bus.

Contact IEEE to Subscribe
More Like This
5G Wireless Network Security: Investigating Next-Generation Mobile Communication Data Encryption Methods and Authentication Protocols

2025 3rd International Conference on Device Intelligence, Computing and Communication Technologies (DICCT)

Published: 2025

Enhancing Data Security Using Rubik’s Encryption and CNN Model for Biometric Authentication

2025 International Conference on Knowledge Engineering and Communication Systems (ICKECS)

Published: 2025

Show More

References

References is not available for this document.

IEEE Account

Purchase Details

Profile Information

Need Help?

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.
© Copyright 2025 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.