A practical security architecture for in-vehicle CAN-FD

Samuel Woo, Hyo Jin Jo, In Seok Kim, Dong Hoon Lee

Research output: Contribution to journalArticlepeer-review

93 Citations (Scopus)


The controller area network with flexible data rate (CAN-FD) is attracting attention as the next generation of in-vehicle network technology. However, security issues have not been completely taken into account when designing CAN-FD, although every bit of information transmitted could be critical to driver safety. If we fail to solve the security vulnerabilities of CAN-FD, we cannot expect Vehicle-Information and Communications Technology (Vehicle-ICT) convergence to continue to develop. Fortunately, secure in-vehicle CAN-FD communication environments can be constructed using the larger data payload of CAN-FD. In this paper, we propose a security architecture for in-vehicle CAN-FD as a countermeasure (designed in accordance with CAN-FD specifications). We considered the characteristics of the International Organization for Standardization (ISO) 26262 Automotive Safety Integrity Level and the in-vehicle subnetwork to design a practical security architecture. We also evaluated the feasibility of the proposed security architecture using three kinds of microcontroller unit and the CANoe software. Our evaluation findings may be used as an indicator of the performance level of electronic control units for manufacturing next-generation vehicles.

Original languageEnglish
Article number7435304
Pages (from-to)2248-2261
Number of pages14
JournalIEEE Transactions on Intelligent Transportation Systems
Issue number8
Publication statusPublished - 2016 Aug


  • ASIL
  • CAN-FD
  • Controller area network
  • ISO 26262
  • in-vehicle network security
  • key management

ASJC Scopus subject areas

  • Automotive Engineering
  • Mechanical Engineering
  • Computer Science Applications


Dive into the research topics of 'A practical security architecture for in-vehicle CAN-FD'. Together they form a unique fingerprint.

Cite this