Chung-Wei Lin
Skip Abstract Section
Abstract
In this article, we address both security and safety requirements and solve security-aware design problems for the controller area network (CAN) protocol and time division multiple access (TDMA)-based protocols. To provide insights and guidelines for other similar security problems with limited resources and strict timing constraints, we propose a general security-aware design methodology to address security with other design constraints in a holistic framework and optimize design objectives. The security-aware design methodology is further applied to solve a security-aware design problem for vehicle-to-vehicle (V2V) communications with dedicated short-range communication (DSRC) technology. Experimental results demonstrate the effectiveness of our approaches in system design without violating design constraints and indicate that it is necessary to consider security together with other metrics during design stages.
- F. Ahmed-Zaid, F. Bai, S. Bai, C. Basnayake, B. Bellur, S. Brovold, G. Brown, L. Caminiti, D. Cunningham, H. Elzein, K. Hong, J. Ivan, D. Jiang, J. Kenney, H. Krishnan, J. Lovell, M. Maile, D. Masselink, E. Mcglohon, P. Mudalige, Z. Popovic, V. Rai, J. Stinnett, L. Tellis, K. Tirey, and S. Vansickle. 2011. Vehicle safety communications—Applications (VSC-A). Report No. DOT HS 811 492A (Sept. 2011). US. Department of Transportation National Highway Traffic Safety Administration.Google Scholar
- Bosch. 1991. CAN specification (Version 2.0). Robert Bosch GmbH.Google Scholar
- Bosch. 2011. CAN with flexible data-rate. White Paper (Version 1.1). Robert Bosch GmbH.Google Scholar
- S. Checkoway, D. Mccoy, B. Kantor, D. Anderson, H. Shacham, S. Savage, K. Koscher, A. Czeskis, F. Roesner, and T. Kohno. 2011. Comprehensive experimental analyses of automotive attack surfaces. In Proceedings of the USENIX Conference on Security. Google ScholarDigital Library
- R. De Cerchio and C. Riley. 2012. Aircraft systems cyber security. In Proceedings of the Integrated Communications, Navigation and Surveillance Conference (ICNS'12), 1--12.Google Scholar
- FlexRay. 2010. FlexRay communications system protocol specification (Version 3.0.1). FlexRay Consortium. (Oct. 2010).Google Scholar
- S. Gong, Z. Zhang, M. Trinkle, A. D. Dimitrovski, and H. Li. 2012. GPS spoofing based time stamp attack on real time wide area monitoring in smart grid. In Proceedings of the IEEE International Conference on Smart Grid Communications (SmartGridComm'12). 300--305.Google Scholar
- B. Groza, P.-S. Murvay, A. Van Herrewege, and I. Verbauwhede. 2012. LiBrA-CAN: A lightweight broadcast authentication protocol for controller area networks. In Proceedings of the International Conference on Cryptology and Network Security. 185--200.Google Scholar
- D. Halperin, T. S. Heydt-Benjamin, B. Ransford, S. S. Clark, B. Defend, W. Morgan, K. Fu, T. Kohno, and W. H. Maisel. 2008. Pacemakers and implantable cardiac defibrillators: Software radio attacks and zero-power defenses. In Proceedings of the IEEE Symposium on Security and Privacy (SP'08). 129--142. Google ScholarDigital Library
- J. Harding, G. Powell, R. Yoon, J. Fikentscher, C. Doyle, D. Sade, M. Lukuc, J. Simons, and J. Wang. 2014. Vehicle-to-vehicle communications: Readiness of V2V technology for application. Report No. DOT HS 812 014 (August 2014). US Department of Transportation National Highway Traffic Safety Administration.Google Scholar
- T. Hoppe, S. Kiltz, and J. Dittmann. 2008. Security threats to automotive CAN networks—Practical examples and selected short-term countermeasures. In Proceedings of the International Conference on Computer Safety, Reliability, and Security (SAFECOMP'08). 235--248. Google ScholarDigital Library
- IEEE. 2013. IEEE standard for wireless access in vehicular environments security services for applications and management messages. IEEE Std 1609.2-2013 (Revision of IEEE Std 1609.2-2006) (April 2013).Google Scholar
- J. B. Kenney. 2007. Dedicated short-range communications (DSRC) standards in the United States. Proc. IEEE 99, 7 (July 2007), 1162--1182.Google Scholar
- H. Khurana, M. Hadley, N. Lu, and D. A. Frincke. 2010. Smart-grid security issues. IEEE Secur. Privacy 8, 1 (Jan. 2010), 81--85. Google ScholarDigital Library
- P. Kleberger, T. Olovsson, and E. Jonsson. 2011. Security aspects of the in-vehicle network in the connected car. In Proceedings of the IEEE Intelligent Vehicles Symposium (IV'11). 528--533.Google Scholar
- K. Koscher, A. Czeskis, F. Roesner, S. Patel, T. Kohno, S. Checkoway, D. Mccoy, B. Kantor, D. Anderson, H. Shacham, and S. Savage. 2010. Experimental security analysis of a modern automobile. In Proceedings of the IEEE Symposium on Security and Privacy (SP'10). 447--462. Google ScholarDigital Library
- F. Koushanfar, Sadeghi, A.-R. Koushanfa, and H. Seudie. 2012. EDA for secure and dependable cybercars: Challenges and opportunities. In Proceedings of the ACM/IEEE Design Automation Conference (DAC'12). 220--228. Google ScholarDigital Library
- H. Krishnan and A. Weimerskirch. 2011. Verify-on-demand—A practical and scalable approach for broadcast authentication in vehicle-to-vehicle communication. SAE Int. J. Passenger Cars—Mechani. Syst. 4, 1 (June 2011), 536--546.Google Scholar
- C. Li, A. Raghunathan, and N. K. Jha. 2011. Hijacking an insulin pump: Security attacks and defenses for a diabetes therapy system. In Proceedings of the IEEE International Conference on e-Health Networking Applications and Services (Healthcom'11). 150--156.Google Scholar
- C.-W. Lin and A. L. Sangiovanni-Vincentelli. 2012. Cyber-security for the controller area network (CAN) communication protocol. In Proceedings of the ASE International Conference on Cyber Security (CyberSecurity'12). 344--350. Google ScholarDigital Library
- C.-W. Lin, Q. Zhu, C. Phung, and A. L. Sangiovanni-Vincentelli. 2013. Security-aware mapping for CAN-based real-time distributed automotive systems. In Proceedings of the IEEE/ACM International Conference on Computer-Aided Design (ICCAD'13). 115--121. Google ScholarDigital Library
- C.-W. Lin, Q. Zhu, and A. L. Sangiovanni-Vincentelli. 2014. Security-aware mapping for TDMA-based real-time distributed systems. In Proceedings of the IEEE/ACM International Conference on Computer-Aided Design (ICCAD'14). 24--31. Google ScholarDigital Library
- P. Mcdaniel and S. Mclaughlin. 2009. Security and privacy challenges in the smart grid. IEEE Secur. Privacy 7, 3 (May 2009), 75--77. Google ScholarDigital Library
- D. K. Nilsson, U. E. Larson, and E. Jonsson. 2008. Efficient in-vehicle delayed data authentication based on compound message authentication codes. In Proceedings of the IEEE Vehicular Technology Conference (VTC'08). 1--5.Google Scholar
- A. Perrig, R. Canetti, D. Song, and J. D. Tygar. 2001. Efficient and secure source authentication for multicast. In Proceedings of the Network and Distributed System Security Symposium (NDSS'01). 35--46.Google Scholar
- A. Perrig, R. Canetti, J. D. Tygar, and D. Song. 2000. Efficient authentication and signing of multicast streams over lossy channels. In Proceedings of the IEEE Symposium on Security and Privacy (SP'00). 56--73. Google ScholarDigital Library
- I. Rouf, R. Miller, H. Mustafa, T. Taylor, S. Oh, W. Xu, M. Gruteser, W. Trappe, and I. Seskar. 2010. Security and privacy vulnerabilities of in-car wireless networks: A tire pressure monitoring system case study. In Proceedings of the USENIX Conference on Security. Google ScholarDigital Library
- U. Ruhrmair and M. van Dijk. 2013. PUFs in security protocols: Attack models and security evaluations. In Proceedings of the IEEE Symposium on Security and Privacy (SP'13). 286--300. Google ScholarDigital Library
- SAE. 2015. Dedicated short range communications (DSRC) message set dictionary. SAE Standard J2735 (April 2015).Google Scholar
- SAE. 2011a. Time-triggered ethernet. SAE Standard AS6802 (Nov. 2011).Google Scholar
- SAE. 2011b. TTP communication protocol. SAE Standard AS6003 (Feb. 2011).Google Scholar
- K. Sampigethaya, R. Poovendran, S. Shetty, T. Davis, and C. Royalty. 2011. Future E-enabled aircraft communications and security: The next 20 years and beyond. Proc. IEEE 99, 11 (Nov. 2011), 2040--2055.Google ScholarCross Ref
- A. L. Sangiovanni-Vincentelli. 2007. Quo vadis, SLD? Reasoning about the trends and challenges of system level design. Proc. IEEE 95, 3 (March 2007), 467--506.Google ScholarCross Ref
- S. Seifert and R. Obermaisser. 2014. Secure automotive gateway—Secure communication for future cars. In Proceedings of the IEEE International Conference on Industrial Informatics (INDIN'14). 213--220.Google Scholar
- G. E. Suh and S. Devadas. 2007. Physical unclonable functions for device authentication and secret key generation. In Proceedings of the ACM/IEEE Design Automation Conference (DAC'07). 9--14. Google ScholarDigital Library
- A. Van Herrewege, D. Singelee, and I. Verbauwhede. 2011. CANAuth—A simple, backward compatible broadcast authentication protocol for CAN bus. In Proceedings of the Workshop on Embedded Security in Cars.Google Scholar
- A. Wasicek, P. Derler, and E. A. Lee. 2014. Aspect-oriented modeling of attacks in automotive cyber-physical systems. In Proceedings of the ACM/IEEE Design Automation Conference (DAC'14). 21:1--21:6. Google ScholarDigital Library
- A. Wasicek, C. El Salloum, and H. Kopetz. 2011. Authentication in time-triggered systems using time-delayed release of keys. In Proceedings of the IEEE International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing (ISORC'11). 31--39. Google ScholarDigital Library
- M. Wolf and T. Gendrullis. 2011. Design, implementation, and evaluation of a vehicular hardware security module. In Proceedings of the International Conference on Information Security and Cryptology (ICISC'11). 302--318. Google ScholarDigital Library
- M.-D. Yu and S. Devadas. 2010. Secure and robust error correction for physical unclonable functions. IEEE Design Test Comput. 27, 1 (Jan. 2010), 48--65. Google ScholarDigital Library
- Q. Zeng, H. Li, and L. Qian. 2012. GPS spoofing attack on time synchronization in wireless networks and detection scheme design. In Proceedings of the Military Communications Conference (MILCOM'12). 1--5.Google Scholar
- Q. Zhu, Y. Yang, M. Di Natale, E. Scholte, and A. L. Sangiovanni-Vincentelli. 2010. Optimizing the software architecture for extensibility in hard real-time distributed systems. IEEE Trans. Indust. Informa. 6, 4 (Nov. 2010), 621--636.Google Scholar
Index Terms
- Security-Aware Design Methodology and Optimization for Automotive Systems
Recommendations
Security-aware development of cyber-physical systems illustrated with automotive case study
DATE '16: Proceedings of the 2016 Conference on Design, Automation & Test in EuropeWe present a method for systematic consideration of security attributes in development of cyber-physical systems. We evaluate our method in development of commercial vehicles that were so far unreasonably excluded from automotive security studies (...
Invited - Cooperation or competition?: coexistence of safety and security in next-generation ethernet-based automotive networks
DAC '16: Proceedings of the 53rd Annual Design Automation ConferenceSafety is traditionally the most relevant property for automotive systems, and it is further enhanced by Advanced Driver Assistance Systems (ADAS) in modern automotive systems. To support ADAS and other advanced autonomous functions, automotive ...
CAN coach: vehicular control through human cyber-physical systems
ICCPS '21: Proceedings of the ACM/IEEE 12th International Conference on Cyber-Physical SystemsThis work addresses whether a human-in-the-loop cyber-physical system (HCPS) can be effective in improving the longitudinal control of an individual vehicle in a traffic flow. We introduce the CAN Coach, which is a system that gives feedback to the ...
Comments