Loading web-font TeX/Main/Regular
CEAMP: A Cross-Domain Entity Authentication and Message Protection Framework for Intra-Vehicle Network | IEEE Journals & Magazine | IEEE Xplore
Scheduled Maintenance: On Monday, 30 June, IEEE Xplore will undergo scheduled maintenance from 1:00-2:00 PM ET (1800-1900 UTC).
On Tuesday, 1 July, IEEE Xplore will undergo scheduled maintenance from 1:00-5:00 PM ET (1800-2200 UTC).
During these times, there may be intermittent impact on performance. We apologize for any inconvenience.

CEAMP: A Cross-Domain Entity Authentication and Message Protection Framework for Intra-Vehicle Network


Abstract:

Controller Area Network (CAN) is the most wide-used bus system in Intra-Vehicle Networks(IVN). However, the nature of broadcast communication and the lack of security mec...Show More

Abstract:

Controller Area Network (CAN) is the most wide-used bus system in Intra-Vehicle Networks(IVN). However, the nature of broadcast communication and the lack of security mechanisms make the CAN bus extremely fragile against malicious attacks. Although there are works protecting IVN, most of them are not feasible when applied to real vehicles because they do not consider the IVN node capability. In this paper, we propose a security framework for the CAN bus, covering ECU entity identity management and authentication, symmetric key generation and update, intra-domain, cross-domain secure transmission, and sensitivity-based security classification methods. We formally verify our protocols using the up-to-date tool Tamarin and simulate real attacks in a simulation environment and the results show that the proposed protocol can resist these attacks. By the use of speck encryption and the Chaskey MAC algorithm in our schemes, the analysis results show that the increased time of a frame for a single ECU in our proposed intra-domain scheme is 2.09 ms to 2.78 ms on Arduino Mega, and 121.65 \mu s to 152.15 \mu s on Arduino DUE, which takes up 6.08% to 7.61% of a 10ms cyclic time frame. And in the cross-domain scheme is 2.55 ms to 3.24 ms on Arduino Mega, and 134.30 \mu s to 164.80 \mu s on Arduino DUE, which takes up 6.72% to 8.24% of a 10ms frame. To the best of our knowledge, this is the first time an IVN cross-domain secure transmission protocol has been proposed without changing the IVN network topology or the CAN protocol. Our work brings practical protection to IVN.
Published in: IEEE Transactions on Intelligent Transportation Systems ( Volume: 25, Issue: 7, July 2024)
Page(s): 6780 - 6795
Date of Publication: 21 December 2023

ISSN Information:

Funding Agency:


I. Introduction

After centuries of development in the automobile industry, vehicle construction has evolved from pure mechanical-based handmade vehicles to microchip-based intelligent electric vehicles. In particular, in recent years, with the urgency of microchips and various types of sensors, great attention has been paid to software-defined vehicles and the intra-vehicle network (IVN). Universally, in a modern electric vehicle IVN, more than one bus (and perhaps more than one type) are combined by a central gateway to divide and conquer. Different types of IVN bus systems, such as the Controller Area Network (CAN), FlexRay, Local Interconnect Network (LIN), and Media Oriented System Transport (MOST), have been designed to perform specific functions during vehicle operation. For example, several CAN buses are deployed to support essential functions for Engine Control Module, Supplemental Restraint System, Electronic Stability Program, and Anti-lock Brake System (ABS); a LIN bus is deployed to control Front Lights, Air Condition, and Door Locks; a MOST bus is used to provide Navigator and Media Entertainment System. Among the intra-vehicle bus systems, CAN is the most well-known because of its strong robustness and well efficiency with low cost. Generally, in a CAN bus system, Electronic Control Units (ECUs) are connected together and could share CAN frames with each other. To be specific, the ECUs together with sensors or actuators act as basic units to collect or process data such as acceleration, speed, temperature, etc. After being primarily processed, the data is encapsulated into a CAN frame and is broadcasted on the CAN bus. The rest of the ECUs can accept or discard the frames broadcasted on the bus.

Contact IEEE to Subscribe

References

References is not available for this document.