Extending AUTOSAR's Counter-based Solution for Freshness of Authenticated Messages in Vehicles
Paper in proceeding, 2019

Nowadays vehicles have an internal network consisting of more than 100 microcontrollers, so-called Electronic Control Units (ECUs), which control core functionalities, active safety, diagnostics, comfort and infotainment. The Controller Area Network (CAN) bus is one of the most widespread bus technologies in use, and thus is a primary target for attackers. AUTOSAR, an open system platform for vehicles, introduced in version 4.3 SecOC Profile 3, a counter-based solution to provide freshness in authenticated messages to protect the system against replay attacks. In this paper, we analyse and assess this method regarding safety constraints and usability, and discuss design considerations when implementing such a system. Furthermore, we propose a novel security profile addressing the identified deficiencies which allows faster resynchronisation when only truncated counter values are transmitted. Finally, we evaluate our solution in an experimental setup in regard to communication overhead and time to synchronise the freshness counter.

security

freshness

message au-thentication

cyber-physical systems

automotive

Author

Thomas Rosenstatter

Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)

Christian Sandberg

Volvo Group

Tomas Olovsson

Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)

Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC

15410110 (ISSN)

Vol. 2019-December 1-109

2019 IEEE 24th Pacific Rim International Symposium on Dependable Computing (PRDC)
Kyoto, Japan,

Holistiskt angreppssätt att förbättra datasäkerhet (HoliSec)

VINNOVA (2015-06894), 2016-04-01 -- 2019-03-31.

Areas of Advance

Information and Communication Technology

Transport

Subject Categories

Communication Systems

Electrical Engineering, Electronic Engineering, Information Engineering

Embedded Systems

Computer Systems

DOI

10.1109/PRDC47002.2019.00012

More information

Latest update

7/17/2024