Connected Vehicles; Time Sensitive Networking; Cybersecurity; Automotive Ethernet
Abstract :
[en] Time Sensitive Network (TSN) standards are gaining traction in the scientific community and automotive Original Equipment Manufacturers (OEMs) due their promise of deterministic Ethernet networking. Among these standards, Generalized Precision Time Protocol (gPTP) - IEEE 802.1AS - allows network devices to be synchronized with a precision far higher than other synchronization standards, such as Network Time Protocol (NTP). gPTP is a profile of Precision Time Protocol (PTP) which, due to its robustness to delay variations, has been designated for automotive applications. Nonetheless, gPTP was designed without security controls, which makes it vulnerable to a number of attacks. This work reveals a critical vulnerability caused by a common implementation practice that opens the door to spoofing attacks on gPTP. To assess the impact of this vulnerability, we built two real gPTP-capable testbeds. Our results show high risks of this vulnerability destabilizing the system functionality.
Disciplines :
Computer science
Author, co-author :
Fotouhi, Mahdi ; University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)
Buscemi, Alessio ; University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)
Boualouache, Abdelwahab ; University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)
Jomrich, Florian; Honda R&D (Germany)
Koebel, Christian; Honda R&D (Germany)
Engel, Thomas ; University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)
External co-authors :
yes
Language :
English
Title :
Assessing the Impact of Attacks on an Automotive Ethernet Time Synchronization Testbed
Publication date :
April 2023
Event name :
2023 IEEE Vehicular Networking Conference (VNC)
Event date :
From 26-04-2023 to 28-04-2023
Main work title :
2023 IEEE Vehicular Networking Conference (VNC), Istanbul 26-28 April 2023
M. Traub, A. Maier, and K. L. Barbehön, "Future automotive architecture and the impact of IT trends," IEEE Software, vol. 34, no. 3, pp. 27-32, 2017
M. L. Sichitiu and M. Kihl, "Inter-vehicle communication systems: A survey," IEEE Communications Surveys & Tutorials, vol. 10, no. 2, pp. 88-105, 2008
P. Hank, T. Suermann, and S. Müller, "Automotive Ethernet, a holistic approach for a next generation in-vehicle networking standard," in Advanced Microsystems for Automotive Applications 2012: Smart Systems for Safe, Sustainable and Networked Vehicles, Springer, 2012, pp. 79-89
D. Ergenç, C. Brülhart, J. Neumann, L. Krüger, and M. Fischer, "On the security of IEEE 802.1 time-sensitive networking," in 2021 IEEE International Conference on Communications Workshops (ICC Workshops), IEEE, 2021, pp. 1-6
"Draft Standard for Local and metropolitan area networks - Time-Sensitive Networking Profile for Automotive In-Vehicle Ethernet Communications," IEEE Draft Std P802.1DG/D1.4 Dec 2020, 2020
IEEE. "P802.1DG-TSN Profile for Automotive In-Vehicle Ethernet Communications." (), [Online]. Available: Https://1.ieee802.org/tsn/802-1dg/ (visited on 03/08/2023)
"IEEE Draft Standard for Local and Metropolitan Area Networks-Timing and Synchronization for Time-Sensitive Applications in Bridged Local Area Networks," IEEE Draft Std P802.1AS/D2.0 Feb 2008, 2008
IEEE Std 1588™-2019, "IEEE Standard for a Precision Clock Synchronization Protocol for Networked Measurement and Control Systems," IEEE SA, Standard, 2019
M. Mizrahi, "RFC 7384: Security requirements of time protocols in packet switched networks," Tools. ietf. org (online) https://tools. ietf. org/html/rfc7384 (accessed 26 Sep 2020), 2014
E. Itkin and A. Wool, "A security analysis and revised security extension for the precision time protocol," IEEE Transactions on Dependable and Secure Computing, pp. 22-34, 2017
"IEEE Standard for a Precision Clock Synchronization Protocol for Networked Measurement and Control Systems-Redline," IEEE Std 1588-2008 (Revision of IEEE Std 1588-2002)-Redline, pp. 1-300, 2008
G. Gaderer, A. Treytl, and T. Sauter, "Security aspects for IEEE 1588 based clock synchronization protocols," in Proc. IEEE Int. Workshop Factory Commun. Syst.(WFCS), Citeseer, 2006, pp. 247-250
J. Tsang and K. Beznosov, "A security analysis of the precise time protocol (short paper)," in International Conference on Information and Communications Security, Springer, 2006, pp. 50-59
A. Treytl and B. Hirschler, "Security flaws and workarounds for IEEE 1588 (transparent) clocks," in 2009 International Symposium on Precision Clock Synchronization for Measurement, Control and Communication, IEEE, 2009, pp. 1-6
C. DeCusatis, R. M. Lynch, W. Kluge, J. Houston, P. A. Wojciak, and S. Guendert, "Impact of Cyberattacks on Precision Time Protocol," IEEE Transactions on Instrumentation and Measurement, vol. 69, no. 5, pp. 2172-2181, 2020
W. Alghamdi and M. Schukat, "Precision time protocol attack strategies and their resistance to existing security extensions," Cybersecurity, vol. 4, no. 1, pp. 1-17, 2021
J. Neyer, L. Gassner, and C. Marinescu, "Redundant schemes or how to counter the delay attack on time synchronization protocols," in 2019 IEEE International Symposium on Precision Clock Synchronization for Measurement, Control, and Communication (ISPCS), IEEE, 2019, pp. 1-6
Q. Yang, D. An, and W. Yu, "On time desynchronization attack against IEEE 1588 protocol in power grid systems," in 2013 IEEE Energytech, IEEE, 2013, pp. 1-5
R. Annessi, J. Fabini, F. Iglesias, and T. Zseby, "Encryption is futile: Delay attacks on high-precision clock synchronization," arXiv preprint arXiv:1811.08569, 2018
M. Han and P. Crossley, "Vulnerability of IEEE 1588 under Time Synchronization Attacks," in 2019 IEEE Power & Energy Society General Meeting (PESGM), 2019, pp. 1-5
Netgear. "A New Generation of Gigabit Smart Switches." (2019), [Online]. Available: Https://www.downloads.netgear.com/files/GDC/ datasheet/en/GS716Tv3-GS724Tv4-GS748Tv5.pdf?_ga=2.213794839. 222651013.1652102686-21276228.1652102686
P. Engine, apu2e4, May 2016. [Online]. Available: Https://pcengines.ch/ apu2e4.htm
Avnu Alliance, TSN Documentation Project for Linux. [Online]. Available: Https://tsn.readthedocs.io/timesync.html
Tcpdump Group. "Tcpdump and Libcap." (), [Online]. Available: Https: //www.tcpdump.org/ (visited on 11/26/2021)
E. Grossman, T. Mizrahi, and A. Hacker, "Deterministic Networking (DetNet) Security Considerations," RFC Editor, Tech. Rep. RFC9055, Jun. 2021, RFC9055
"802.1AE: MAC Security (MACsec)," IEEE Standard Association, 2018
S. Kent, "IP encapsulating security payload (ESP)," Tech. Rep., 2005
A. Boualouache and T. Engel, "A Survey on Machine Learning-based Misbehavior Detection Systems for 5G and Beyond Vehicular Networks," IEEE Communications Surveys & Tutorials, pp. 1-1, 2023