research-article

Security-Aware Obfuscated Priority Assignment for Automotive CAN Platforms

Authors:

Martin Lukasiewycz,

Philipp Mundhenk,

Sebastian SteinhorstAuthors Info & Claims

ACM Transactions on Design Automation of Electronic Systems (TODAES), Volume 21, Issue 2

Article No.: 32, Pages 1 - 27

https://doi.org/10.1145/2831232

Published: 28 January 2016 Publication History

Abstract

Security in automotive in-vehicle networks is an increasing problem with the growing connectedness of road vehicles. This article proposes a security-aware priority assignment for automotive controller area network (CAN) platforms with the aim of mitigating scaling effects of attacks on vehicle fleets. CAN is the dominating field bus in the automotive domain due to its simplicity, low cost, and robustness. While messages might be encrypted to enhance the security of CAN systems, their priorities are usually identical for automotive platforms, comprising generally a large number of vehicle models. As a result, the identifier uniquely defines which message is sent, allowing attacks to scale across a fleet of vehicles with the same platform. As a remedy, we propose a methodology that is capable of determining obfuscated message identifiers for each individual vehicle. Since identifiers directly represent message priorities, the approach has to take the resulting response time variations into account while satisfying application deadlines for each vehicle schedule separately. Our approach relies on Quadratically Constrained Quadratic Program (QCQP) solving in two stages, specifying first a set of feasible fixed priorities and subsequently bounded priorities for each message. With the obtained bounds, obfuscated identifiers are determined, using a very fast randomized sampling. The experimental results, consisting of a large set of synthetic test cases and a realistic case study, give evidence of the efficiency of the proposed approach in terms of scalability. The results also show that the diversity of obtained identifiers is effectively optimized with our approach, resulting in a very good obfuscation of CAN messages in in-vehicle communication.

References

[1]

AUTOSAR GbR. 2014. Specification of RTE, Version 4.2.1. (2014). http://www.autosar.org/.

[2]

L. L. Bello. 2011. The case for ethernet in automotive communications. ACM SIGBED Rev. 8, 4 (2011), 7--15.

Digital Library

[3]

Bosch. 1991. Controller area network, Version 2.0b. (1991). http://www.can.bosch.com/.

[4]

P. Caliebe, C. Lauer, and R. German. 2011. Flexible integration testing of automotive ECUs by combining AUTOSAR and XCP. In Proceedings of the International Conference on Computer Applications and Industrial Electronics (ICCAIE'11). 67--72.

[5]

S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage, K. Koscher, A. Czeskis, F. Roesner, and T. Kohno. 2011. Comprehensive experimental analyses of automotive attack surfaces. In Proceedings of the 20th USENIX Conference on Security (USENIX'11).

Digital Library

[6]

A. Davare, Q. Zhu, M. Di Natale, C. Pinello, S. Kanajan, and A. Sangiovanni-Vincentelli. 2007. Period optimization for hard real-time distributed automotive systems. In Proceedings of the 44th Design Automation Conference (DAC'07). 278--283.

Digital Library

[7]

R. I. Davis, A. Burns, R. J. Bril, and J. J. Lukkien. 2007. Controller area network (CAN) schedulability analysis: Refuted, revisited and revised. Real-Time Syst. 35, 3 (2007), 239--272.

Digital Library

[8]

M. Di Natale and A. Sangiovanni-Vincentelli. 2010. Moving from federated to integrated architectures in automotive: The role of standards, methods and tools. Proc. IEEE 98, 4 (2010), 603--620.

[9]

M. Di Natale and H. Zeng. 2010. System identification and extraction of timing properties from controller area network (CAN) message traces. In Proceedings of the Conference on Emerging Technologies and Factory Automation (ETFA). 1--8.

[10]

FlexRay Consortium. 2005. FlexRay communications systems - Protocol specification Version 2.1 Rev. A. (2005). http://www.flexray.com.

[11]

Gurobi Optimization, Inc. 2015. Gurobi optimizer reference manual. (2015). http://www.gurobi.com.

[12]

A. Hamann, M. Jersak, K. Richter, and R. Ernst. 2004. Design space exploration and system optimization with SymTA/S -- Symbolic timing analysis for systems. In Proceedings of the 25th IEEE Real-Time Systems Symposium (RTSS'04). 469--478.

Digital Library

[13]

G. Han, H. Zeng, Y. Li, and W. Dou. 2014. SAFE: Security-aware FlexRay scheduling engine. In Proceedings of the Conference on Design, Automation and Test in Europe (DATE'14). 1--4.

Digital Library

[14]

John Harding, Gregory Powell, Rebecca Yoon, Joshua Fikentscher, Charlene Doyle, Dana Sade, Mike Lukuc, Jim Simons, and Jing Wang. 2014. Vehicle-to-vehicle Communications: Readiness of V2V Technology for Application. Technical Report. DOT HS 812 014. V. S. Department of Transportation, National Highway Traffic Safety Administration. http://www.nhtsa.gov.

[15]

F. Hartwich. 2012. CAN with flexible data-rate. In Proceedings of the 13th International CAN Conference (iCC'12). 10--19.

[16]

M. Joseph and P. Pandya. 1986. Finding response times in a real-time system. Comput. J. 29, 5 (1986), 390--395.

[17]

K. Koscher, A. Czeskis, F. Roesner, S. Patel, T. Kohno, S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, and S. Savage. 2010. Experimental security analysis of a modern automobile. In Proceeding of the IEEE Symposium on Security and Privacy (SP). 447--462.

Digital Library

[18]

J. Lehoczky. 1990. Fixed priority scheduling of periodic task sets with arbitrary deadlines. In Proceedings of the 11th International IEEE Real-Time Systems Symposium (RTSS'90). 201--209.

[19]

C.-W. Lin, Q. Zhu, C. Phung, and A. Sangiovanni-Vincentelli. 2013. Security-aware mapping for CAN-based real-time distributed automotive systems. In Proceedings of the International Conference on Computer-Aided Design (ICCAD'13). 115--121.

Digital Library

[20]

C.-W. Lin, Q. Zhu, and A Sangiovanni-Vincentelli. 2014. Security-aware modeling and efficient mapping for CAN-based real-time distributed automotive systems. IEEE Embed. Syst. Lett. PP, 99 (2014).

[21]

B. Lisper and P. Mellgren. 2001. Response-time calculation and priority assignment with integer programming methods. In Proceedings of the Work-in-Progress and Industrial Sessions at the 13th Euromicro Conference on Real-Time Systems (ECRTS'01). 13--16.

[22]

M. Lukasiewycz, S. Steinhorst, and S. Chakraborty. 2013. Priority assignment for event-triggered systems using mathematical programming. In Proceedings of the Conference on Design, Automation and Test in Europe (DATE'13). 982--987.

Digital Library

[23]

S. Matic and T. Henzinger. 2005. Trading end-to-end latency for composability. In Proceedings of the 26th International IEEE Real-Time Systems Symposium (RTSS'05). 99--110.

Digital Library

[24]

A. Metzner and C. Herde. 2006. Rtsat -- An optimal and efficient approach to the task allocation problem in distributed architectures. In Proceedings of the 27th International IEEE Real-Time Systems Symposium (RTSS'06). 147--158.

Digital Library

[25]

C. Miller and C. Valasek. 2013. Adventures in automotive networks and control units. In Proceedings of DEF CON.

[26]

C. Miller and C. Valasek. 2014. A survey of remote automotive attack surfaces. In Proceedings of Black Hat.

[27]

P. Mundhenk, S. Steinhorst, M. Lukasiewycz, S. A. Fahmy, and S. Chakraborty. 2015. Lightweight authentication for secure automotive networks. In Proceedings of the Conference on Design, Automation and Test in Europe (DATE'15).

Digital Library

[28]

F. Reimann, M. Glaß, C. Haubelt, M. Eberl, and J. Teich. 2010. Improving platform-based system synthesis by satisfiability modulo theories solving. In Proceedings of the 8th International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS). 135--144.

Digital Library

[29]

F. Reimann, M. Lukasiewycz, M. Glass, C. Haubelt, and J. Teich. 2011. Symbolic system synthesis in the presence of stringent real-time constraints. In Proceedings of the 48th Design Automation Conference (DAC'11). 393--398.

Digital Library

[30]

F. Sagstetter, M. Lukasiewycz, S. Steinhorst, M. Wolf, A. Bouard, W. R. Harris, S. Jha, T. Peyrin, A. Poschmann, and S. Chakraborty. 2013. Security challenges in automotive hardware/software architecture design. In Proceedings of the Conference on Design, Automation and Test in Europe (DATE'13). 458--463.

Digital Library

[31]

H. Shacham, M. Page, B. Pfaff, E. Goh, N. Modadugu, and D. Boneh. 2004. On the effectiveness of address-space randomization. In Proceedings of the 11th ACM Conference on Computer and Communications Security (CCS'04). 298--307.

Digital Library

[32]

Lance Spitzner. 2003. Honeypots: Tracking Hackers. Vol. 1. Addison-Wesley Reading.

Digital Library

[33]

K. Tindell, A. Burns, and A. Wellings. 1995. Calculating controller area network (CAN) message response times. Control Eng. Practice 3, 8 (1995), 1163--1169.

[34]

Ken Tindell and Hans Hansson. 1995. Real Time Systems by Fixed Priority Scheduling. Technical Report. Department of Computer Systems - Uppsala University.

[35]

B. Wilhelm. 1997. Platform and modular concepts at Volkswagen - their effects on the assembly process. In Transforming Automobile Assembly. Springer, 146--156.

[36]

S. Woo, H. J. Jo, and D. H. Lee. 2014. A practical wireless attack on the connected car and security protocol for in-vehicle CAN. IEEE Trans. Intell. Transport. Syst. PP, 99 (2014), 1--14.

[37]

R. Zalman and A. Mayer. 2014. A secure but still safe and low cost automotive communication technique. In Proceedings of the 51st Design Automation Conference (DAC'14). 1--5.

Digital Library

[38]

W. Zheng, M. Di Natale, C. Pinello, P. Giusto, and A. Sangiovanni-Vincentelli. 2007. Synthesis of task and message activation models in real-time distributed automotive systems. In Proceedings of the Conference on Design, Automation and Test in Europe (DATE'07). 93--98.

Digital Library

[39]

Q. Zhu, H. Zeng, W. Zheng, M. Di Natale, and A. Sangiovanni-Vincentelli. 2012. Optimization of task allocation and priority assignment in hard real-time distributed systems. ACM Trans. Embed. Comput. Syst. (TECS) 11, 4 (2012), 85.

Digital Library

Cited By

Sun HSu HWeng JLiu ZLi MLiu YZhong YSun W(2024)MTDCAP: Moving Target Defense-Based CAN Authentication ProtocolIEEE Transactions on Intelligent Transportation Systems10.1109/TITS.2024.338405425:9(12800-12817)Online publication date: 16-Apr-2024
https://dl.acm.org/doi/10.1109/TITS.2024.3384054
Li BHu WQu XLi Y(2023)A Novel Multi-Attack IDS Framework for Intelligent Connected Terminals Based on Over-the-Air Signature UpdatesElectronics10.3390/electronics1210226712:10(2267)Online publication date: 17-May-2023
https://doi.org/10.3390/electronics12102267
Piao JJin SSeo DWoo SChung J(2023)MAC-Based Compression Ratio Improvement for CAN SecurityApplied Sciences10.3390/app1304265413:4(2654)Online publication date: 18-Feb-2023
https://doi.org/10.3390/app13042654
Show More Cited By

Index Terms

Security-Aware Obfuscated Priority Assignment for Automotive CAN Platforms
1. Networks
  1. Network protocols

Recommendations

A lightweight-X-authentication protocol over automotive gateway
Abstract
One of the most dynamic industries nowadays is the automotive industry. It has dramatically changed from safe, comfortable, and equipped with many entertainment systems to connected autonomous vehicles during the last decade. Although the “...
Graphical abstract

Display Omitted
VitroBench: Manipulating in-vehicle networks and COTS ECUs on your bench
Abstract
With the increasing connectivity employed in automotive systems, remote cyber attacks have now become a possibility and concrete threat. Prior works on automotive cyber security solutions have primarily focused evaluation either on real cars or ...
An Automotive Side-View System Based on Ethernet and IP
WAINA '12: Proceedings of the 2012 26th International Conference on Advanced Information Networking and Applications Workshops

Emerging driver assistance systems pose new requirements on the communication protocols. This is especially true for assistance systems based on cameras as sensors. This paper discusses the challenges of such systems using the Side View system, which ...

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Design Automation of Electronic Systems

ACM Transactions on Design Automation of Electronic Systems Volume 21, Issue 2

January 2016

422 pages

ISSN:1084-4309

EISSN:1557-7309

DOI:10.1145/2888405

Editor:
Naehyuck Chang
Korea Advanced Institute of Science and Technology, Korea

Issue’s Table of Contents

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Journal Family

ACM Journals for the Design of Smart and Connected Systems

Publication History

Published: 28 January 2016

Accepted: 01 September 2015

Revised: 01 May 2015

Received: 01 February 2015

Published in TODAES Volume 21, Issue 2

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed

Funding Sources

Singapore National Research Foundation under its Campus for Research Excellence and Technological Enterprise (CREATE) programme

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

44
Total Citations
View Citations
461
Total Downloads

Downloads (Last 12 months)15
Downloads (Last 6 weeks)1

Reflects downloads up to 06 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Sun HSu HWeng JLiu ZLi MLiu YZhong YSun W(2024)MTDCAP: Moving Target Defense-Based CAN Authentication ProtocolIEEE Transactions on Intelligent Transportation Systems10.1109/TITS.2024.338405425:9(12800-12817)Online publication date: 16-Apr-2024
https://dl.acm.org/doi/10.1109/TITS.2024.3384054
Li BHu WQu XLi Y(2023)A Novel Multi-Attack IDS Framework for Intelligent Connected Terminals Based on Over-the-Air Signature UpdatesElectronics10.3390/electronics1210226712:10(2267)Online publication date: 17-May-2023
https://doi.org/10.3390/electronics12102267
Piao JJin SSeo DWoo SChung J(2023)MAC-Based Compression Ratio Improvement for CAN SecurityApplied Sciences10.3390/app1304265413:4(2654)Online publication date: 18-Feb-2023
https://doi.org/10.3390/app13042654
Chen JKloda TTabish RBansal AChen CLiu BMohan SCaccamo MSha L(2023)SchedGuard++: Protecting against Schedule Leaks Using Linux Containers on Multi-Core ProcessorsACM Transactions on Cyber-Physical Systems10.1145/35659747:1(1-25)Online publication date: 20-Feb-2023
https://doi.org/10.1145/3565974
Lee YKim YChung JWoo S(2023)Real Time Perfect Bit Modification Attack on In-Vehicle CANIEEE Transactions on Vehicular Technology10.1109/TVT.2023.329569572:12(15154-15171)Online publication date: Dec-2023
https://doi.org/10.1109/TVT.2023.3295695
de Andrade RSantos MJusto JYoshioka LHof HKleinschmidt J(2023)Security architecture for automotive communication networks with CAN FDComputers and Security10.1016/j.cose.2023.103203129:COnline publication date: 1-Jun-2023
https://dl.acm.org/doi/10.1016/j.cose.2023.103203
Kukkala VBradley TPasricha S(2023)Security-Aware Design of Time-Critical Automotive Cyber-Physical SystemsMachine Learning and Optimization Techniques for Automotive Cyber-Physical Systems10.1007/978-3-031-28016-0_4(121-153)Online publication date: 2-Sep-2023
https://doi.org/10.1007/978-3-031-28016-0_4
Kelly TGu WMaksimovski V(2021)Schrödinger's CodeQueue10.1145/3466132.346826319:2(28-44)Online publication date: 27-May-2021
https://dl.acm.org/doi/10.1145/3466132.3468263
Mashatan AHeintzman D(2021)The Complex Path to Quantum ResistanceQueue10.1145/3466132.346677919:2(65-92)Online publication date: 18-May-2021
https://dl.acm.org/doi/10.1145/3466132.3466779
Srinivasan RChander A(2021)Biases in AI SystemsQueue10.1145/3466132.346613419:2(45-64)Online publication date: 12-May-2021
https://dl.acm.org/doi/10.1145/3466132.3466134
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents