Formal analysis of an AUTOSAR-based basic software module
Pages 495 - 508
Abstract
The widespread use of advanced driver assistance systems in modern vehicles, together with their integration with the Internet and other road nodes, has made vehicle more vulnerable to cyber-attacks. To address these risks, the automotive industry is increasingly focusing on the development of security solutions: formal methods and software verification techniques, which have been successfully applied to a number of safety-critical systems, could be a promising approach in the automotive area. In this work, we concentrate on in-vehicle communications, provided by many Electronic Control Units (ECUs) that work together thanks to serial protocols such as Controller Area Network (CAN). However, increasing connectivity exposes the internal network to a variety of cyber-risks. Our aim is to formally verify the AUTOSAR-based Basic Software module called CINNAMON, designed to ensure confidentiality, integrity, and authentication at the same time for traffic exchanged over CAN protocol. More precisely, it adds confidentiality guarantees to the Secure Onboard Communication (SecOC) module. We formally analyze CINNAMON with the verification tool Tamarin. Our analysis shows that CINNAMON could be an effective security solution, as it can ensure the desired properties, in particular, confidentiality in a send-receive scenario between two ECUs. Finally, we describe a potential application scenario.
References
[1]
Automated vehicles for safety. https://www.nhtsa.gov/technology-innovation/automated-vehicles-safety. Last accessed on May 29, 2024
[2]
Bella G., Biondi P., Costantino G., and Matteucci I. Cinnamon: a module for AUTOSAR secure onboard communication 2020 16th European Dependable Computing Conference (EDCC) 2020 103-110
[3]
Bella, G., Biondi, P., Costantino, G., Matteucci, I.: TOUCAN: a proTocol tO secUre Controller Area Network. CoRR (2021). https://arxiv.org/abs/2111.10642
[4]
Bella, G., Biondi, P., Costantino, G., Matteucci, I.: Designing and implementing an AUTOSAR-based Basic Software Module for enhanced security. Comput. Netw. 109377, (2022).
[5]
Birkinshaw, C., Rouka, E., Vassilakis, V.G.: Implementing an intrusion detection and prevention system using software-defined networking: Defending against port-scanning and denial-of-service attacks. J. Netw. Comput. Appl., 71–85 (2019).
[6]
Blanchet B. The security protocol verifier proverif and its horn clause resolution algorithm Electr. Proc. Theor. Comput. Sci. 2022 373 14-22
[7]
Bodei C., Costantino G., Vincenzi M.D., Matteucci I., and Monreale A. Mori P., Lenzini G., and Furnell S. Vehicle data collection: a privacy policy analysis and comparison Proceedings of the 9th International Conference on Information Systems Security and Privacy, ICISSP 2023 2023 626-633 SciTePress
[8]
Bodei C., Ferrari G.L., Galletta L., and Degano P. Arceri V., Cortesi A., Ferrara P., and Olliaro M. Risk estimation in IoT systems Challenges of Software Verification 2023 Berlin Springer
[9]
Bruni A., Sojka M., Nielson F., and Nielson H.R. Albert E. and Sekerinski E. Formal security analysis of the macan protocol Integrated Formal Methods – IFM 2014 2014 Berlin Springer 241-255
[10]
Cancrypt. https://cancrypt.net/index.php/en/. Last accessed on May 29, 2024
[11]
Carmakers strive to stay ahead of hackers. https://www.nytimes.com/2021/03/18/business/hacking-cars-cybersecurity.html. Last accessed on May 29, 2024
[12]
Chris Valasek C.M. Adventures in Automotive Networks and Control Units 2014 http://illmatics.com/car_hacking.pdf
[13]
Costa G., Degano P., Galletta L., and Soderi S. Formally verifying security protocols built on watermarking and jamming Comput. Secur. 2023 128
[14]
Costantino G., Vincenzi M.D., Martinelli F., and Matteucci I. A privacy-preserving solution for intelligent transportation systems: private driver DNA IEEE Trans. Intell. Transp. Syst. 2023 24 1 258-273
[15]
Dolev D. and Yao A. On the security of public key protocols IEEE Trans. Inf. Theory 1983 29 2 198-208
[16]
Fuhrman T.E. Ramesh S. and Sampath P. Role of formal methods in the automobile industry Next Generation Design and Verification Methodologies for Distributed Embedded Control Systems 2007 Dordrecht Springer 175-175
[17]
Gleirscher M., Pol J., and Woodcock J. A manifesto for applicable formal methods Softw. Syst. Model. 2023 22 1-13
[18]
Hofer-Schmitz K. and Stojanović B. Towards formal verification of iot protocols: a review Comput. Netw. 2020 174 https://www.sciencedirect.com/science/article/pii/S1389128619317116
[19]
International Organization for Standardization: Road vehicles — Controller area network (CAN) – Part 1: Data link layer and physical signalling (2015). https://www.iso.org/standard/63648.html
[20]
ISO: Road vehicles — cybersecurity engineering. Standard ISO/SAE FDIS 21434:2021 Ed.1, International Organization for Standardization, Geneva, CH (2021). https://www.iso.org/standard/70918.html
[21]
Krook, J., Selvaraj, Y., Ahrendt, W., Fabian, M.: A formal-methods approach to provide evidence in automated-driving safety cases. CoRR (2022).
[22]
Lauser T. and Krauß C. Formal security analysis of vehicle diagnostic protocols Proceedings of the 18th International Conference on Availability, Reliability and Security, ARES 2023 2023 New York ACM 21:1-21:11
[23]
Lauser T., Zelle D., and Krauß C. Security analysis of automotive protocols Proceedings of the 4th ACM Computer Science in Cars Symposium, CSCS’20 2020 New York Association for Computing Machinery
[24]
Matichuk D., Murray T., Andronick J., Jeffery R., Klein G., and Staples M. Empirical study towards a leading indicator for cost of formal software verification 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering 2015 722-732
[25]
Meier S., Schmidt B., Cremers C., and Basin D. Sharygina N. and Veith H. The TAMARIN prover for the symbolic analysis of security protocols Computer Aided Verification 2013 Berlin Springer 696-701
[26]
Nyberg M., Gurov D., Lidström C., Rasmusson A., and Westman J. Margaria T. and Steffen B. Formal verification in automotive industry: enablers and obstacles Leveraging Applications of Formal Methods, Verification and Validation. Industrial Practice 2018 Cham Springer 139-158
[27]
Oliveira L.P., da Silva A.W.N., de Azevedo L.P., and da Silva M.V.L. Barolli L., Woungang I., and Enokido T. Formal methods to analyze energy efficiency and security for iot: a systematic review Advanced Information Networking and Applications 2021 Cham Springer 270-279
[28]
OWASP: Stride model (2023). https://owasp.org/www-community/Threat_Modeling_Process. Last accessed on May 29, 2024
[29]
Plappert C., Fenzl F., Rieke R., Matteucci I., Costantino G., and De Vincenzi M. González-Escribano A., García J.D., Torquati M., and Skavhaug A. SECPAT: security patterns for resilient automotive E / E architectures 30th Euromicro International Conference on Parallel, Distributed and Network-Based Processing, PDP 2022 2022 255-264 IEEE
[30]
Schlick R., Felderer M., Majzik I., Nardone R., Raschke A., Snook C., and Vittorini V. Margaria T. and Steffen B. A proposal of an example and experiments repository to Foster industrial adoption of formal methods Leveraging Applications of Formal Methods, Verification and Validation. Industrial Practice 2018 Cham Springer 249-272
[31]
Specification of key manager. https://www.autosar.org/fileadmin/standards/R22-11/CP/AUTOSAR_SWS_KeyManager.pdf. Last accessed on May 29, 2024
[32]
Tamarin github. https://tamarin-prover.github.io/. Last accessed on May 29, 2024
[33]
Tamarin manual. https://tamarin-prover.github.io/manual/master/tex/tamarin-manual.pdf. Last accessed on August 31, 2023
[34]
Toman Z.H., Hamel L., Toman S.H., Graiet M., and Valadares D.C.G. Formal verification for security and attacks in IoT physical layer J. Reliab. Intel. Environ. 2024 10 1 73-91
[35]
UNECE: Uniform provisions concerning the approval of vehicles with regards to cyber security and cyber security management system. Regulation Addendum 154 – UN Regulation No. 155, United Nations Economic Commission for Europe, Geneva, CH (2021). https://unece.org/sites/default/files/2021-03/R155e.pdf
[36]
When testing is not enough. Software complexity drives technology leaders to adopt formal methods. https://issuu.com/rtcgroup/docs/cots-2007-july-web/s/10872490. Last accessed on May 29, 2024
[37]
Yoshizawa, T., Singelée, D., Muehlberg, J.T., Delbruel, S., Taherkordi, A., Hughes, D., Preneel, B.: A survey of security and privacy issues in V2X communication systems. ACM Comput. Surv. 55(9) (2023).
[38]
Zelle D., Lauser T., Kern D., and Krauß C. Analyzing and Securing SOME/IP Automotive Services with Formal and Practical Methods 2021 New York Association for Computing Machinery
[39]
Zimmermann T., Bauer J., and Aschenbruck N. Reinhardt D., Langweg H., Witt B.C., and Fischer M. CryptoCAN – ensuring confidentiality in controller area networks for agriculture SICHERHEIT 2020 2020 Bonn Gesellschaft für Informatik e.V 79-90
Index Terms
- Formal analysis of an AUTOSAR-based basic software module
Index terms have been assigned to the content through auto-classification.
Recommendations
A lightweight-X-authentication protocol over automotive gateway
AbstractOne of the most dynamic industries nowadays is the automotive industry. It has dramatically changed from safe, comfortable, and equipped with many entertainment systems to connected autonomous vehicles during the last decade. Although the “...
Graphical abstractDisplay Omitted
Designing and implementing an AUTOSAR-based Basic Software Module for enhanced security
AbstractElectronic Control Units (ECUs) communicate with each other to accomplish the functionalities of modern vehicles. ECUs form an in-vehicle network that is precisely regulated and must be adequately protected from malicious activity, ...
VESecure: Verifiable authentication and efficient key exchange for secure intelligent transport systems deployment
AbstractThe Intelligent Transportation Systems (ITS) is a leading-edge, developing idea that seeks to revolutionize how people and things move inside and outside cities. Internet of Vehicles (IoV) forms a networked environment that joins infrastructure, ...
Comments
Information & Contributors
Information
Published In
© The Author(s) 2024.
Publisher
Springer-Verlag
Berlin, Heidelberg
Publication History
Published: 05 August 2024
Accepted: 16 July 2024
Author Tags
Qualifiers
- Research-article
Funding Sources
- Università di Pisa
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 16 Jan 2025