
The Library
Security in automotive networks : lightweight authentication and authorization
Tools
Mundhenk, Philipp, Paverd, Andrew, Mrowca, Artur, Steinhorst, Sebastian, Lukasiewycz, Martin, Fahmy, Suhaib A. and Chakraborty, Samarjit (2017) Security in automotive networks : lightweight authentication and authorization. ACM Transactions on Design Automation of Electronic Systems, 22 (2). 25. doi:10.1145/2960407 ISSN 1084-4309.
|
PDF
WRAP_todaes2016-mundhenk.pdf - Accepted Version - Requires a PDF viewer. Download (948Kb) | Preview |
|
![]() |
PDF
SHERPA_RoMEO-ACM-Transactions-DAES-18-02-2019.pdf - Permissions Correspondence Embargoed item. Restricted access to Repository staff only - Requires a PDF viewer. Download (136Kb) |
Official URL: http://dx.doi.org/10.1145/2960407
Abstract
With the increasing amount of interconnections between vehicles, the attack surface of internal vehicle networks is rising steeply. Although these networks are shielded against external attacks, they often do not have any internal security to protect against malicious components or adversaries who can breach the network perimeter. To secure the in-vehicle network, all communicating components must be authenticated, and only authorized components should be allowed to send and receive messages. This is achieved through the use of an authentication framework. Cryptography is widely used to authenticate communicating parties and provide secure communication channels (e.g. Internet communication). However, the real-time performance requirements of in-vehicle networks restrict the types of cryptographic algorithms and protocols that may be used. In particular, asymmetric cryptography is computationally infeasible during vehicle operation.
In this work, we address the challenges of designing authentication protocols for automotive systems. We present Lightweight Authentication for Secure Automotive Networks (LASAN), a full life-cycle authentication approach. We describe the core LASAN protocols and show how they protect the internal vehicle network while complying with the real-time constraints and low computational resources of this domain. By leveraging on the fixed structure of automotive networks, we minimize bandwidth and computation requirements. Unlike previous work, we also explain how this framework can be integrated into all aspects of the automotive product life cycle, including manufacturing, vehicle maintenance and software updates. We evaluate LASAN in two different ways: Firstly, we analyze the security properties of the protocols using established protocol verification techniques based on formal methods. Secondly, we evaluate the timing requirements of LASAN and compare these to other frameworks using a new highly modular discrete event simulator for in-vehicle networks, which we have developed for this evaluation.
Item Type: | Journal Article | ||||||
---|---|---|---|---|---|---|---|
Subjects: | Q Science > QA Mathematics > QA76 Electronic computers. Computer science. Computer software T Technology > TE Highway engineering. Roads and pavements T Technology > TL Motor vehicles. Aeronautics. Astronautics |
||||||
Divisions: | Faculty of Science, Engineering and Medicine > Engineering > Engineering | ||||||
Library of Congress Subject Headings (LCSH): | Automobiles -- Electronic equipment, Automotive computers, Automobiles -- Motors -- Computer control systems, Vehicular ad hoc networks (Computer networks), Intelligent transportation systems, Computer Communication Networks | ||||||
Journal or Publication Title: | ACM Transactions on Design Automation of Electronic Systems | ||||||
Publisher: | Association for Computing Machinery | ||||||
ISSN: | 1084-4309 | ||||||
Official Date: | 31 March 2017 | ||||||
Dates: |
|
||||||
Volume: | 22 | ||||||
Number: | 2 | ||||||
Article Number: | 25 | ||||||
DOI: | 10.1145/2960407 | ||||||
Status: | Peer Reviewed | ||||||
Publication Status: | Published | ||||||
Access rights to Published version: | Restricted or Subscription Access | ||||||
Date of first compliant deposit: | 14 September 2016 | ||||||
Date of first compliant Open Access: | 27 March 2017 | ||||||
Funder: | National Research Foundation (Singapore) (NRF) |
Request changes or add full text files to a record
Repository staff actions (login required)
![]() |
View Item |
Downloads
Downloads per month over past year