Controller Area Network; CAN FD; CAN XL; Response Time Analysis
Abstract :
[en] The Controller Area Network (CAN) dominates in-vehicle networking systems in modern vehicles. CAN was designed with low-latency and reliability as key features. Authenticity of a CAN frame was not considered in the design, thus, most in-vehicle network nodes inherently trust received messages as coming from a legitimate source. As a result, it is trivial to program (or hack) a network node to spoof traffic. Authentication is challenging for CAN and related protocols, such as SAE J1939, due to limited frame sizes and high bus utilization. Adding a message authentication code (MAC) as a separate message can unduly stress the real-time delivery of safety-critical messages. Although this stressor is well-known, the impact of authentication protocols on real-time message delivery in CAN has not yet been thoroughly examined. In this paper, we provide the first comprehensive analysis of realtime schedulability analysis applied to authentication schemes for CAN, CAN Flexible Data-rate (CAN FD), and CAN extra long payload (CAN XL). We formulate the response time analysis for addition of MACs and periodic transmission of MACs, and we examine their impact on two case studies and through evaluation with randomized schedulability experiments over a wide range of message sets.
Disciplines :
Computer science
Author, co-author :
Ikumapayi, Omolade; University of Colorado Colorado Springs
Olufowobi, Habeeb; University of Texas at Arlington
Daily, Jeremy; Colorado State University
Hu, Tingting ; University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)
Bertolotti, Ivan Cibrario; National Research Council of Italy, Institute of Electronics, Computer and Telecommunication Engineering (CNR-IEIIT)
Bloom, Gedare; University of Colorado Colorado Springs
External co-authors :
yes
Language :
English
Title :
CANASTA: Controller Area Network Authentication Schedulability Timing Analysis
R. I.Davis,A. Burns, R. J. Bril, and J. J. Lukkien, "Controller area network (CAN) schedulability analysis: Refuted, revisited and revised," Real-Time Syst., vol. 35, no. 3, pp. 239-272, 2007.
K. Tindell, A. Burns, and A. J. Wellings, "Calculating controller area network (CAN) message response times," Control Eng. Pract., vol. 3, no. 8, pp. 1163-1169, 1995.
K. Tindell, H. Hanssmon, and A. J. Wellings, "Analysing real-time communications: Controller area network (CAN)," in Proc. Real-Time Syst. Symp., 1994, pp. 259-263.
C. Autosar, "Specification of secure onboard communication," AUTOSAR CP Release, vol. 4, no. 1, pp. 1-161, 2017.
G. Bloom, "WeepingCAN: A stealthy CAN bus-off attack," in Proc. Workshop Automot. Auton. Veh. Security. Internet Soc., 2021, pp. 25-30.
B. Groza and P.-S. Murvay, "Security solutions for the controller area network: Bringing authentication to in-vehicle networks," IEEE Veh. Technol. Mag., vol. 13, no. 1, pp. 40-47, Mar. 2018.
B. Groza, S. Murvay, A. v. Herrewege, and I. Verbauwhede, "LiBrACAN: A lightweight broadcast authentication protocol for controller area networks," in Proc. 11th Int. Conf. Cryptol. Netw. Secur., 2012, pp. 185-200.
R. Kurachi, Y. Matsubara, H. Takada, N. Adachi, Y. Miyashita, and S. Horihata, "CaCAN-centralized authentication system in CAN (controller area network)," in Proc. 14th Int. Conf. Embedded Secur. Cars, 2014, pp. 118-130.
M. Zhang, P. Parsch, H. Hoffmann, and A. Masrur, "Analyzing CAN's timing under periodically authenticated encryption," in Proc. IEEE Des. Automat. Test Europe Conf. Exhib., 2022, pp. 620-623.
J. Daily, D. Nnaji, and B. Ettlinger, "Securing CAN traffic on J1939 networks," in Proc.Workshop Automot. Auton. Veh. Security. Internet Soc., 2021, pp. 31-37.
C.-W. Lin, Q. Zhu, C. Phung, and A. Sangiovanni-Vincentelli, "Securityaware mapping for can-based real-time distributed automotive systems," in Proc. IEEE/ACM Int. Conf. Comput.-Aided Des., 2013, pp. 115-121.
B. Groza, L. Popa, and P.-S. Murvay, "Highly efficient authentication for CAN by identifier reallocation with ordered CMACs," IEEE Trans. Veh. Technol., vol. 69, no. 6, pp. 6129-6140, Jun. 2020.
S. Nürnberger and C. Rossow, "-vatiCAN-vetted, authenticated can bus," in Proc. Int. Conf. Cryptograph. Hardware Embedded Syst., 2016, pp. 106-124.
J. Van Bulck, J. T. Mühlberg, and F. Piessens, "VulCan: Efficient component authentication and software isolation for automotive control networks," in Proc. 33rd Annu. Comput. Secur. Appl. Conf., 2017, pp. 225-237.
G. Xie, L. T. Yang, W. Wu, K. Zeng, X. Xiao, and R. Li, "Security enhancement for real-time parallel in-vehicle applications by CAN FD message authentication," IEEE Trans. Intell. Transp. Syst., vol. 22, no. 8, pp. 5038-5049, Aug. 2021.
J. Petit and Z. Mammeri, "Impact of message authentication on braking distance in vehicular networks," in Proc. 5th ERST2 Workshop, 2010, pp. 1-8.
Z.Wu, J.Zhao,Y. Zhu, and Q.Li, "Research on vehicle cybersecurity based on dedicated security hardware and ECDH algorithm" SAE, Warrendale, PA, USA, Tech. Paper 2017-01-2005, 2017.
Y. Xie, Y. Guo, S. Yang, J. Zhou, and X. Chen, "Security-related hardware cost optimization for CAN FD-based automotive cyber-physical systems," Sensors, vol. 21, no. 20, 2021, Art. no. 6807.
V. Lesi, I. Jovanov, and M. Pajic, "Security-aware scheduling of embedded control tasks," ACM Trans. Embedded Comput. Syst., vol. 16, no. 5 s, pp. 1-21, 2017.
S. K. Ghosh, J. S. RC, V. Jain, and S. Dey, "Reliable and secure designspace-exploration for cyber-physical systems," ACM Trans. Embedded Comput. Syst., vol. 19, no. 3, pp. 1-29, 2020.
U. D. Bordoloi and S. Samii, "The frame packing problem for CAN-FD," in Proc. IEEE Real-Time Syst. Symp., 2014, pp. 284-293.
R. De Andrade, K. N. Hodel, J. F. Justo, A. M. Laganá,M.M. Santos, and Z. Gu, "Analytical and experimental performance evaluations of CAN-FD bus," IEEE Access, vol. 6, pp. 21287-21295, 2018.
T. Nolte, H. Hansson, and C. Norström, "Minimizing CAN response-time jitter by message manipulation," in Proc. IEEE Real-Time Embedded Technol. Appl. Symp., 2002, pp. 197-206.
G. Cena, I. C. Bertolotti, T. Hu, and A. Valenzano, "Performance comparison ofmechanisms to reduce bit stuffing jitters in controller area networks," in Proc. IEEE 17thConf. Emerg. Technol. Factory Automat., 2012, pp. 1-8.
I. Broster, A. Burns, and G. Rodriguez-Navas, "Timing analysis of realtime communication under electromagnetic interference," Real-Time Syst., vol. 30, no. 1-2, pp. 55-81, 2005.
Road Veh.-Controller Area Netw. (CAN)-Part 1: Data Link Layer and Phys. Signalling, ISO Standard 11898-1, London, U.K.: ISO, 2015.
CiA, Draft specification CiA 610-1 version 1.0.0-CAN XL specifications and test plans-Part 1: Data link layer and physical coding sub-layer requirements, Nuremberg,Germany: CANin Automation (CiA),Mar. 2022.
M. Dworkin, "Recommendation for block cipher modes of operation: The CMAC mode for authentication," Nat. Inst. of Standards and Technol., NIST Special Publication (SP) 800-38B, Oct. 2016. [Online]. Available: https://csrc.nist.gov/publications/detail/sp/800-38b/final
R. Buttigieg, M. Farrugia, and C. Meli, "Security issues in controller area networks in automobiles," in Proc. IEEE 18th Int. Conf. Sci. Techn. Autom. Control Comput. Eng., 2017, pp. 93-98.
K. Tindell and A. Burns, "Guaranteeing message latencies on control area network (CAN)," in Proc. 1st Int. CAN Conf., 1994, pp. 1-11.
A.-I. Radu and F. D. Garcia, "Leia: A lightweight authentication protocol for can," in Proc. 21st Eur. Symp. Res. Comput. Secur., 2016, pp. 283-300.
