Network security; Cryptographic protocols; Controller area network (CAN)
Abstract :
[en] The ever-increasing variety of services built on top of the Controller Area Network (CAN), along with the recent discovery of vulnerabilities in CAN-based automotive systems (some of them demonstrated in practice) stimulated a renewed attention to security-oriented enhancements of the CAN protocol. The issue is further compounded nowadays because, unlike in the past, security can no longer be enforced by physical bus segregation.
This paper describes how CAN XR, a recently proposed extension of the CAN data-link layer, can effectively support the distributed calculation of arbitrary binary Boolean functions, which are the foundation of most security protocols, without necessarily disclosing their operands on the bus. The feasibility of the approach is then shown through experimental evaluation and by confirming its applicability to a shared key generation protocol proposed in literature.
Disciplines :
Engineering, computing & technology: Multidisciplinary, general & others
Author, co-author :
Bloom, Gedare; Howard University, USA > Department of Electrical Engineering and Computer Science
Cena, Gianlua; National Research Council of Italy (CNR)–IEIIT
Cibrario Bertolotti, Ivan; National Research Council of Italy (CNR)–IEIIT
Hu, Tingting ; University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
Valenzano, Adriano; National Research Council of Italy (CNR)–IEIIT
External co-authors :
yes
Language :
English
Title :
Supporting Security Protocols on CAN-Based Networks
Publication date :
2017
Event name :
IEEE 18th International Conference on Industrial Technology (ICIT2017)
Event place :
Toronto, Canada
Event date :
from 22-03-2017 to 25-03-2017
Audience :
International
Main work title :
2017 IEEE 18th International Conference on Industrial Technology (ICIT2017)
ISO, ISO 11898-1:2015-Road vehicles-Controller area network (CAN)-Part 1: Data link layer and physical signalling, International Organization for Standardization, Dec. 2015.
SAE, SAE J1939/21-Data Link Layer, SAE International, Dec. 2010.
ISO, ISO 15031-5:2015-Road vehicles-Communication between vehicle and external equipment for emissions-related diagnostics-Part 5: Emissions-related diagnostic services, International Organization for Standardization, Aug. 2015.
CiA, CiA 301 V4. 2. 0-CANopen application layer and communication profile, CAN in Automation e. V., Feb. 2011.
K. Koscher, A. Czeskis, F. Roesner, S. Patel, T. Kohno, S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, and S. Savage, "Experimental security analysis of a modern automobile, " in Proc. IEEE Symposium on Security and Privacy (SP), 2010, pp. 447-462.
Y. Burakova, B. Hass, L. Millar, and A. Weimerskirch, "Truck hacking: An experimental analysis of the SAE J1939 standard, " in Proc. 10th USENIX Workshop on Offensive Technologies (WOOT), 2016, pp. 1-10.
P. Marino, F. Poza, M. A. Dominguez, and S. Otero, "Electronics in automotive engineering: A top-down approach for implementing industrial fieldbus technologies in city buses and coaches, " IEEE Transactions on Industrial Electronics, vol. 56, no. 2, pp. 589-600, Feb. 2009.
S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage, K. Koscher, A. Czeskis, F. Roesner, and T. Kohno, "Comprehensive experimental analyses of automotive attack surfaces, " in Proc. 20th USENIX Conference on Security (SEC), 2011, pp. 1-16.
G. Cena, I. Cibrario Bertolotti, T. Hu, and A. Valenzano, "CAN XR: CAN with eXtensible in-frame Reply, " in Proc. of 14th IEEE Intl. Conference on Industrial Informatics (INDIN), Jul. 2016, pp. 1198-1201.
A. Mueller and T. Lothspeich, "Plug-and-secure communication for CAN, " in Proc. of the Intl. CAN Conference (iCC), Oct. 2015, pp. 06-6-06-14.
G. Cena, I. Cibrario Bertolotti, T. Hu, and A. Valenzano, "Design, verification, and performance of a MODBUS-CAN adaptation layer, " in Proc. 10th IEEE International Workshop on Factory Communication Systems (WFCS), May 2014, pp. 1-10.
-, "Seamless integration of CAN in intranets, " Computer Standards & Interfaces, vol. 46, pp. 1-14, May 2016.
G. Cena and A. Valenzano, "On the properties of the flexible time division multiple access technique, " IEEE Transactions on Industrial Informatics, vol. 2, no. 2, pp. 86-94, May 2006.
LPC17XX User manual, UM10360 rev. 2, NXP B. V., Aug. 2010.
D. E. Knuth, The Art of Computer Programming, Volume 2: Seminumerical Algorithms, 3rd ed. Boston, MA, USA: Addison-Wesley Longman Publishing Co., Inc., 1997.
T. Ulversoy, "Software defined radio: Challenges and opportunities, " IEEE Communications Surveys Tutorials, vol. 12, no. 4, pp. 531-550, fourth quarter 2010.
P. Mundhenk, A. Mrowca, S. Steinhorst, M. Lukasiewycz, S. A. Fahmy, and S. Chakraborty, "Open source model and simulator for real-time performance analysis of automotive network security, " SIGBED Rev., vol. 13, no. 3, pp. 8-13, Aug. 2016.