Le Yu,Yangyang Liu,Pengfei Jing,Xiapu Luo,Lei Xue,Kaifa Zhao,Yajin Zhou,Ting Wang,Guofei Gu,Sen Nie,Shi Wu

2022-01-01

Abstract:In-vehicle protocols are very important to the security assessment and protection of modern vehicles since they are used in communicating with, accessing, and even manipulating ECUs (Electronic Control Units) that control various vehicle components. Unfortunately, the majority of in-vehicle protocols are proprietary without publicly available documents. Although recent studies proposed methods to reverse engineer the CAN protocol used in the communication among ECUs, they cannot be applied to vehicle diagnostics protocols, which have been widely exploited by attackers to launch remote attacks. In this paper, we propose a novel framework for automatically reverse engineering the diagnostic protocols of vehicles by leveraging professional diagnostic tools. Specifically, we design and develop a new cyber-physical system that uses a set of algorithms to control a programmable robotics arm with the aid of cameras to automatically trigger and capture the messages of diagnostics protocols as well as reverse engineer their formats, semantic meanings, and proprietary formulas required for processing the response messages. We perform a large-scale experiment to evaluate our prototype using 18 real vehicles. It successfully reverse engineers 570 messages (446 for reading sensor values and 124 for controlling components). The experimental results show that our framework achieves high precision in reverse engineering proprietary formulas and obtains much more messages than the prior approach based on app analysis.

Miao Xu,Wenyuan Xu,Jesse Walker,Benjamin Moore

DOI: https://doi.org/10.1145/2517968.2517973

2013-01-01

Abstract:Wireless sensor networks are increasingly being integrated into the modern automobile with the intention of improving safety and reducing costs. However, it has been shown that the first widely-deployed and mandatory in-car sensor networks --Tire Pressure Monitoring Systems (TPMSs) -- employ no cryptographic algorithms for protecting their wireless communication, incurring serious security and privacy risks for consumers. In this paper, we design and evaluate cost-effective secure communication protocols that can resolve the privacy and security vulnerabilities of existing TPMSs as well as other forthcoming in-car wireless sensor networks. Our implementation on Arduino platforms shows that the proposed protocol incurs modest overhead and is applicable to resource-constrained embedded systems.

Shlomi Dolev,Łukasz Krzywiecki,Nisha Panwar,Michael Segal

DOI: https://doi.org/10.48550/arXiv.1507.04491

2015-07-16

Abstract:Vehicular networks are used to coordinate actions among vehicles in traffic by the use of wireless transceivers (pairs of transmitters and receivers). Unfortunately, the wireless communication among vehicles is vulnerable to security threats that may lead to very serious safety hazards. In this work, we propose a viable solution for coping with Man-in-the-Middle attacks. Conventionally, Public Key Infrastructure (PKI) is utilized for a secure communication with the pre-certified public key. However, a secure vehicle-to-vehicle communication requires additional means of verification in order to avoid impersonation attacks. To the best of our knowledge, this is the first work that proposes to certify both the public key and out-of-band sense-able static attributes to enable mutual authentication of the communicating vehicles. Vehicle owners are bound to preprocess (periodically) a certificate for both a public key and a list of fixed unchangeable attributes of the vehicle. Furthermore, the proposed approach is shown to be adaptable with regards to the existing authentication protocols. We illustrate the security verification of the proposed protocol using a detailed proof in Spi calculus.

Cryptography and Security,Networking and Internet Architecture

Mehmet Mueller,Timo Häckel,Philipp Meyer,Franz Korf,Thomas C. Schmidt

DOI: https://doi.org/10.48550/arXiv.2303.15128

2023-03-27

Abstract:Automotive softwarization is progressing and future cars are expected to operate a Service-Oriented Architecture on multipurpose compute units, which are interconnected via a high-speed Ethernet backbone. The AUTOSAR architecture foresees a universal middleware called SOME/IP that provides the service primitives, interfaces, and application protocols on top of Ethernet and IP. SOME/IP lacks a robust security architecture, even though security is an essential in future Internet-connected vehicles. In this paper, we augment the SOME/IP service discovery with an authentication and certificate management scheme based on DNSSEC and DANE. We argue that the deployment of well-proven, widely tested standard protocols should serve as an appropriate basis for a robust and reliable security infrastructure in cars. Our solution enables on-demand service authentication in offline scenarios, easy online updates, and remains free of attestation collisions. We evaluate our extension of the common vsomeip stack and find performance values that fully comply with car operations.

Cryptography and Security,Networking and Internet Architecture

Albert Wasef,Yixin Jiang,Xuemin Shen

DOI: https://doi.org/10.1109/TVT.2009.2028893

2010-01-01

Abstract:In this paper, we propose an efficient distributed-certificate-service (DCS) scheme for vehicular networks. The proposed scheme offers flexible interoperability for certificate service in heterogeneous administrative authorities and an efficient way for any onboard units (OBUs) to update its certificate from the available infrastructure roadside units (RSUs) in a timely manner. In addition, the DCS scheme introduces an aggregate batch-verification technique for authenticating certificate-based signatures, which significantly decreases the verification overhead. Security analysis and performance evaluation demonstrate that the DCS scheme can reduce the complexity of certificate management and achieve excellent security and efficiency for vehicular communications.

Kai Fan,Ye Bi,Yintang Yang,Kuan Zhang,Hui Li

DOI: https://doi.org/10.1109/mnet.002.2300009

IF: 10.294

2023-12-01

IEEE Network

Abstract:With the increased number of vehicles, infrastructure, and demand for various road services, the traditional Internet of Vehicles (IoV) architecture fails to provide quality services to users. New frameworks combining the vehicular network with cloud computing to extend storage capacity and processing power are highly sought. The vehicles communicate with the roadside units (RSUs) and upload the road condition information to the cloud server, enabling dynamic resource scheduling. However, in practical applications, the authentication scheme for emergency vehicles as a special node in the vehicle network receives insufficient attention. This article proposes a multi-factor lightweight emergency vehicle authentication protocol for cloud environments. Our protocol enables mutual authentication among the vehicle, the RSU, and the cloud server. An essential feature of our scheme is that during the initial authentication process, the cloud server generates random temporary secrets for the emergency vehicle and subsequent RSUs on the planned route. During the re-authentication phase, the vehicles and RSUs are authenticated using temporary secrets, improving the efficiency. In addition, our protocol verifies the driver's identity and prevents the system from impersonation attacks and vehicle theft attacks. Extensive simulation comparisons and security analyses demonstrate that our protocol is more effective.

computer science, information systems,telecommunications,engineering, electrical & electronic, hardware & architecture

Congcong Li,Xi Zhang,Haiping Wang,Dongfeng Li

DOI: https://doi.org/10.3390/s18010194

2018-01-11

Abstract:Vehicular sensor networks have been widely applied in intelligent traffic systems in recent years. Because of the specificity of vehicular sensor networks, they require an enhanced, secure and efficient authentication scheme. Existing authentication protocols are vulnerable to some problems, such as a high computational overhead with certificate distribution and revocation, strong reliance on tamper-proof devices, limited scalability when building many secure channels, and an inability to detect hardware tampering attacks. In this paper, an improved authentication scheme using certificateless public key cryptography is proposed to address these problems. A security analysis of our scheme shows that our protocol provides an enhanced secure anonymous authentication, which is resilient against major security threats. Furthermore, the proposed scheme reduces the incidence of node compromise and replication attacks. The scheme also provides a malicious-node detection and warning mechanism, which can quickly identify compromised static nodes and immediately alert the administrative department. With performance evaluations, the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes.

Philipp Mundhenk,Andrew Paverd,Artur Mrowca,Sebastian Steinhorst,Martin Lukasiewycz,Suhaib A. Fahmy,Samarjit Chakraborty

DOI: https://doi.org/10.1145/2960407

2017-03-15

Abstract:With the increasing amount of interconnections between vehicles, the attack surface of internal vehicle networks is rising steeply. Although these networks are shielded against external attacks, they often do not have any internal security to protect against malicious components or adversaries who breach the network perimeter. To secure the in-vehicle network, all communicating components must be authenticated, and only authorized components should be allowed to send and receive messages. This is achieved using an authentication framework. Cryptography is widely used to authenticate communicating parties and provide secure communication channels (e.g., Internet communication). However, the real-time performance requirements of in-vehicle networks restrict the types of cryptographic algorithms and protocols that may be used. In particular, asymmetric cryptography is computationally infeasible during vehicle operation. In this work, we address the challenges of designing authentication protocols for automotive systems. We present Lightweight Authentication for Secure Automotive Networks (LASAN), a full lifecycle authentication approach. We describe the core LASAN protocols and show how they protect the internal vehicle network while complying with the real-time constraints and low computational resources of this domain. Unlike previous work, we also explain how this framework can be integrated into all aspects of the automotive lifecycle, including manufacturing, vehicle maintenance, and software updates. We evaluate LASAN in two different ways: First, we analyze the security properties of the protocols using established protocol verification techniques based on formal methods. Second, we evaluate the timing requirements of LASAN and compare these to other frameworks using a new highly modular discrete event simulator for in-vehicle networks, which we have developed for this evaluation.

Cryptography and Security

Feng Luo,Xuan Zhang,Zhenyu Yang,Yifan Jiang,Jiajia Wang,Mingzhi Wu,Wanqiang Feng

DOI: https://doi.org/10.3390/s22239211

2022-11-26

Abstract:Modern vehicles are more complex and interconnected than ever before, which also means that attack surfaces for vehicles have increased significantly. Malicious cyberattacks will not only exploit personal privacy and property, but also affect the functional safety of electrical/electronic (E/E) safety-critical systems by controlling the driving functionality, which is life-threatening. Therefore, it is necessary to conduct cybersecurity testing on vehicles to reveal and address relevant security threats and vulnerabilities. Cybersecurity standards and regulations issued in recent years, such as ISO/SAE 21434 and UNECE WP.29 regulations (R155 and R156), also emphasize the indispensability of cybersecurity verification and validation in the development lifecycle but lack specific technical details. Thus, this paper conducts a systematic and comprehensive review of the research and practice in the field of automotive cybersecurity testing, which can provide reference and advice for automotive security researchers and testers. We classify and discuss the security testing methods and testbeds in automotive engineering. Furthermore, we identify gaps and limitations in existing research and point out future challenges.

Yuanshuai Li,Li Cao,Guoli Zheng,Honglei Men,Liang Chen

DOI: https://doi.org/10.1016/j.compeleceng.2024.109261

IF: 4.152

2024-05-02

Computers & Electrical Engineering

Abstract:The Internet of Vehicles (IoV) provides various services to vehicles through information sharing to ensure road safety and improve traffic efficiency. However, malicious attackers can challenge the privacy and security systems of the IoV by conducting security attacks. Currently, many schemes use bilinear pairing or elliptic curves to construct authentication systems, ensuring anonymity of vehicle identities and message security. However, these schemes suffer drawbacks such as low computational efficiency and high communication overhead in highly dynamic IoV. Therefore, we propose a new efficient certificateless message authentication scheme. The proposed scheme constructs a lightweight security authentication protocol by improving the RSA dynamic accumulator and combining it with non-interactive discrete logarithm zero-knowledge proofs. In addition, our scheme eliminates the need for bilinear pairing operations, thereby reducing computational overhead. Simultaneously, it enables real-time tracking and revocation of malicious vehicle identities. Security analysis shows that our scheme can be reduced to a secure S-RSA assumption under the random oracle model, meeting various security requirements of the IoV. Performance analysis shows that our scheme diminishes not only the computational overhead but also the communication overhead.

engineering, electrical & electronic,computer science, interdisciplinary applications, hardware & architecture

Han Zhang,Yingxu Lai,Ye Chen

DOI: https://doi.org/10.1016/j.simpat.2022.102681

IF: 4.199

2022-10-27

Simulation Modelling Practice and Theory

Abstract:This paper proposes an authentication protocol based on a trusted connection architecture to manage the security and reliability of the cloud service environment during the communication process, improve the trust of the cloud service platform toward vehicles, and ensure that vehicle terminals have reliable access to cloud services. Compared with prior Internet of Vehicle (IoV) authentication schemes, our scheme is the first to include platform identification in the authentication process. Based on the characteristics of the trusted connection architecture, the components that constitute the platform can be assessed for security by verifying the vehicle platform identity and platform integrity metrics, thereby eliminating internal threats. In addition, the protocol proposes an authentication scheme for the IoV environment, in which the trusted authority only needs to generate the user's partial key based on the identity, thereby avoiding the key escrow problem common to identity-based cryptosystems. Finally, the scheme is proven to be highly secure using various approaches, such as Syverson-Van Oorschot (SVO) logical analysis, simulated authentication via automated validation of internet security protocols and applications (AVISPA), and informal security analysis. In the identity authentication step, our method has low computation and communication overhead when compared with other schemes according to the performance analysis results.

computer science, interdisciplinary applications, software engineering

LIU Tong,ZHAO Yi-hong,CAI Wei-jie,CHEN Wen-qiang,WEI Xing-min,ZHAO Fu-quan

DOI: https://doi.org/10.13273/j.cnki.qcdq.2013.02.018

2013-01-01

Abstract:The United Diagnostic Services(UDS) is widely applied as an unified diagnostic service protocol for multiple on-board network buses.The mechanism to diagnose communication loss between control units is discussed. The effective diagnostic and management measures are established with principle analysis of diagnostic protocol based on UDS.

Zhen Li,Qingkai Miao,Shehzad Ashraf Chaudhry,Chien-Ming Chen

DOI: https://doi.org/10.1177/15501329221104332

IF: 1.938

2022-06-26

International Journal of Distributed Sensor Networks

Abstract:International Journal of Distributed Sensor Networks, Volume 18, Issue 6, June 2022. The Internet of vehicles technology has developed rapidly in recent years and has become increasingly important. The social Internet of vehicles provides better resources and services for the development of the Internet of vehicles and provides better experience for users. However, there are still many security problems in social vehicle networking environments. Once the vehicle is networked, the biggest problem is data security according to the three levels of data collection, intelligent analysis, and decision control of the Internet of vehicles. Recently, Wu et al. proposed a lightweight vehicle social network security authentication protocol based on fog nodes. They claimed that their security authentication protocol could resist various attacks. However, we found that their authentication protocols are vulnerable to internal attacks, smart card theft attacks, and lack perfect forward security. In this study, we propose a new protocol to overcome these limitations. Finally, security and performance analyses show that our protocol perfectly overcomes these limitations and exhibits excellent performance and efficiency.

computer science, information systems,telecommunications

Wufei Wu,Junhao Dai,Huijuan Huang,Qinmin Zhao,Gang Zeng,Renfa Li

DOI: https://doi.org/10.1109/tvt.2023.3247180

IF: 6.8

2023-01-01

IEEE Transactions on Vehicular Technology

Abstract:In recent years, automobiles have become increasingly networked with the development of information and communication technology (ICT). With the enhancement of the connectivity between the electronic control units of the vehicle and the external network, cybersecurity and driving safety issues have also arisen. However, as a traditional in-vehicle network standard, the controller area network (CAN) protocol lacks a network security mechanism design, making it vulnerable to hacker attacks. The current research on the cybersecurity enhancement method for in-vehicle CAN is a multi-objective optimization problem with response time, bandwidth consumption and computational complexity reduction. This study presents an in-vehicle message authentication method based on digital watermark and Huffman coding that are compatible with current CAN bus protocols. Our method not only minimize the delay of message authentication, but also save the storage resources to the greatest extent. Moreover, to tackle the issue of low computing resources, multiple messages can be authenticated at one time. In order to evaluate the performance, we implement our method on CAN communication platform and validate its high accuracy, low latency, and compatibility.

Alessandro Lotto,Francesco Marchiori,Alessandro Brighente,Mauro Conti

2024-01-19

Abstract:The large number of Electronic Control Units (ECUs) mounted on modern cars and their expansive communication capabilities create a substantial attack surface for potential exploitation. Despite the evolution of automotive technology, the continued use of the originally insecure Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure. In response to the absence of standardized authentication protocols within the automotive domain, researchers propose diverse solutions, each with unique strengths and vulnerabilities. However, the continuous influx of new protocols and potential oversights in meeting security requirements and essential operational features further complicate the implementability of these protocols. This paper comprehensively reviews and compares the 15 most prominent authentication protocols for the CAN bus. Our analysis emphasizes their strengths and weaknesses, evaluating their alignment with critical security requirements for automotive authentication. Additionally, we evaluate protocols based on essential operational criteria that contribute to ease of implementation in predefined infrastructures, enhancing overall reliability and reducing the probability of successful attacks. Our study reveals a prevalent focus on defending against external attackers in existing protocols, exposing vulnerabilities to internal threats. Notably, authentication protocols employing hash chains, Mixed Message Authentication Codes, and asymmetric encryption techniques emerge as the most effective approaches. Through our comparative study, we classify the considered protocols based on their security attributes and suitability for implementation, providing valuable insights for future developments in the field.

Cryptography and Security

Sekar Kulandaivel,Wenjuan Lu,Brandon Barry,Jorge Guajardo

2024-04-03

Abstract:In the automotive security sector, the absence of a testing platform that is configurable, practical, and user-friendly presents considerable challenges. These difficulties are compounded by the intricate design of vehicle systems, the rapid evolution of attack vectors, and the absence of standardized testing methodologies. We propose a next-generation testing platform that addresses several challenges in vehicle cybersecurity testing and research domains. In this paper, we detail how the Vehicle Security Engineering Cloud (VSEC) Test platform enables easier access to test beds for efficient vehicle cybersecurity testing and advanced (e.g., penetration, fuzz) testing and how we extend such test beds to benefit automotive security research. We highlight methodology on how to use this platform for a variety of users and use cases with real implemented examples.

Cryptography and Security,Systems and Control

Algimantas Venčkauskas,Marius Taparauskas,Šarūnas Grigaliūnas,Rasa Brūzgienė

DOI: https://doi.org/10.3390/electronics13061003

IF: 2.9

2024-03-08

Electronics

Abstract:Confronting the challenges of securing communication in-vehicle wireless sensor networks demands innovative solutions, particularly as vehicles become more interconnected. This paper proposes a tailored communication security framework for in-vehicle wireless sensor networks, addressing both scientific and technical challenges through effective encryption methods. It segments the local vehicle network into independent subsystems communicating via encrypted and authenticated tunnels, enhancing automotive system safety and integrity. The authors introduce a process for periodic cryptographic key exchanges, ensuring secure communication and confidentiality in key generation without disclosing parameters. Additionally, an authentication technique utilizing the sender's message authentication code secures communication tunnels, significantly advancing automotive cybersecurity and interconnectivity protection. Through a series of steps, including key generation, sending, and cryptographic key exchange, energy costs were investigated and compared with DTLS and TLS methods. For cryptographic security, testing against brute-force attacks and analysis of potential vulnerabilities in the AES-CBC 128 encryption algorithm, HMAC authentication, and HKDF key derivation function were carried out. Additionally, an evaluation of the memory resource consumption of the DTLS and TLS protocols was compared with the proposed solution. This work is crucial for mitigating risks associated with in-vehicle communication compromises within smart cities.

engineering, electrical & electronic,computer science, information systems,physics, applied

Ivan Edmar Carvajal Roca,Jian Wang,Jun Du,Shuangqing Weit

DOI: https://doi.org/10.1109/iwcmc48107.2020.9148360

2020-01-01

Abstract:Despite the benefits of electric and autonomous vehicles, current in-vehicle networks lack a robust and feasible security framework that considers the authentication, confidentiality, and integrity for the communication of Electronic Control Units (ECUs). Although a centralized key management mechanism offers an efficient solution, the security fully relies on this centralized unit, which leads to a single point of failure problem. In this paper, we present a semi-centralized key management framework to secure in-vehicle networks. It provides a decentralized and dynamic key distribution during the vehicle's operation and considers different aspects such as ECU's broadcast communication, ECU manufacturing process and ECU authentication without the use of certificates from external third parties. Finally, the implementation and the simulation of our framework validate the feasibility and practical use of our approach.

Franco Oberti,Alessandro Savino,Ernesto Sanchez,Filippo Parisi,Stefano Di Carlo

DOI: https://doi.org/10.1109/TDMR.2022.3157000

2022-03-07

Abstract:The automobile industry is no longer relying on pure mechanical systems; instead, it benefits from advanced Electronic Control Units (ECUs) in order to provide new and complex functionalities in the effort to move toward fully connected cars. However, connected cars provide a dangerous playground for hackers. Vehicles are becoming increasingly vulnerable to cyber attacks as they come equipped with more connected features and control systems. This situation may expose strategic assets in the automotive value chain. In this scenario, the Controller Area Network (CAN) is the most widely used communication protocol in the automotive domain. However, this protocol lacks encryption and authentication. Consequently, any malicious/hijacked node can cause catastrophic accidents and financial loss. Starting from the analysis of the vulnerability connected to the CAN communication protocol in the automotive domain, this paper proposes EXT-TAURUM P2T a new low-cost secure CAN-FD architecture for the automotive domain implementing secure communication among ECUs, a novel key provisioning strategy, intelligent throughput management, and hardware signature mechanisms. The proposed architecture has been implemented, resorting to a commercial Multi-Protocol Vehicle Interface module, and the obtained results experimentally demonstrate the approach's feasibility.

Cryptography and Security

Lu Wei,Jie Cui,Yan Xu,Jiujun Cheng,Hong Zhong

DOI: https://doi.org/10.1109/tifs.2020.3040876

IF: 7.231

2021-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Owing to the development of wireless communication technology and the increasing number of automobiles, vehicular ad hoc networks (VANETs) have become essential tools to secure traffic safety and enhance driving convenience. It is necessary to design a conditional privacy-preserving authentication (CPPA) scheme for VANETs because of their vulnerability and security requirements. Traditional CPPA schemes have two deficiencies. One is that the communication or storage overhead is not sufficiently low, but the traffic emergency message requires an ultra-low transmission delay. The other is that traditional CPPA schemes do not consider updating the system secret key (SSK), which is stored in an unhackable Tamper Proof Device (TPD), whereas side-channel attack methods and the wide usage of the SSK increase the probability of breaking the SSK. To solve the first issue, we propose a CPPA signature scheme based on elliptic curve cryptography, which can achieve message recovery and be reduced to elliptic curve discrete logarithm assumption, so that traffic emergency messages are secured with ultra-low communication overhead. To solve the second issue, we design an SSK updating algorithm, which is constructed on Shamir's secret sharing algorithm and secure pseudo random function, so that the TPDs of unrevoked vehicles can update SSK securely. Formal security proof and analysis show that our proposed scheme satisfies the security and privacy requirements of VANETs. Performance analysis demonstrates that our proposed scheme requires less storage size and has a lower transmission delay compared with related schemes.

computer science, theory & methods,engineering, electrical & electronic