TY - JOUR
T1 - Ensuring Safety and Security in CAN-Based Automotive Embedded Systems
T2 - A Combination of Design Optimization and Secure Communication
AU - Mun, Hyeran
AU - Han, Kyusuk
AU - Lee, Dong Hoon
N1 - Funding Information:
Manuscript received April 9, 2019; revised August 14, 2019, September 24, 2019, and February 5, 2020; accepted April 7, 2020. Date of publication April 23, 2020; date of current version July 16, 2020. This work was supported in part by the Korea Agency for Infrastructure Technology Advancement and in part by the Ministry of Land, Infrastructure and Transport under Grant 20TLRP-B152761-02. The review of this article was coordinated by Dr. M. Kisacikoglu. (Corresponding author: Dong Hoon Lee.) Hyeran Mun and Dong Hoon Lee are with the Graduate School of Information Security, Korea University in Seoul, Seoul 02841, South Korea (e-mail: smartran@korea.ac.kr; donghlee@korea.ac.kr).
Publisher Copyright:
© 1967-2012 IEEE.
PY - 2020/7
Y1 - 2020/7
N2 - As automotive embedded systems comprised of electronic control units (ECUs) connected via a controller area network (CAN) have continued to develop, the volume of information these systems are required to handle has also rapidly increased. Cyber attacks targeting vulnerable points of automotive embedded systems in particular are on the rise to hinder normal operation of a vehicle. However, adding security mechanisms to defend against attacks cannot neglect timing requirements in terms of vehicle safety. This is because it may lead to a violation of automobile safety. In short, both sides of this issue must be addressed from the outset of the system design stage to provide optimal security and safety. As a response to this pressing issue, we propose a novel and efficient scheme. The design optimization during the system design phase not only ensures all the real-time applications are executed within their deadline but also reduces the number of transmitted messages over the CAN bus. After optimization, we apply a hash message authentication code (HMAC) to specific messages, providing secure communication between ECUs and protecting against cyber attacks. Security analysis and experimental results prove that the proposed scheme can counter attacks on the CAN bus while meeting timing requirements. Therefore, our proposed scheme is effective in satisfying improvement of both safety and security.
AB - As automotive embedded systems comprised of electronic control units (ECUs) connected via a controller area network (CAN) have continued to develop, the volume of information these systems are required to handle has also rapidly increased. Cyber attacks targeting vulnerable points of automotive embedded systems in particular are on the rise to hinder normal operation of a vehicle. However, adding security mechanisms to defend against attacks cannot neglect timing requirements in terms of vehicle safety. This is because it may lead to a violation of automobile safety. In short, both sides of this issue must be addressed from the outset of the system design stage to provide optimal security and safety. As a response to this pressing issue, we propose a novel and efficient scheme. The design optimization during the system design phase not only ensures all the real-time applications are executed within their deadline but also reduces the number of transmitted messages over the CAN bus. After optimization, we apply a hash message authentication code (HMAC) to specific messages, providing secure communication between ECUs and protecting against cyber attacks. Security analysis and experimental results prove that the proposed scheme can counter attacks on the CAN bus while meeting timing requirements. Therefore, our proposed scheme is effective in satisfying improvement of both safety and security.
KW - In-vehicle network
KW - authentication
KW - controller area network (CAN)
KW - electronic control unit (ECU)
KW - optimization of task allocation
KW - safety
KW - security
UR - http://www.scopus.com/inward/record.url?scp=85088518704&partnerID=8YFLogxK
U2 - 10.1109/TVT.2020.2989808
DO - 10.1109/TVT.2020.2989808
M3 - Article
AN - SCOPUS:85088518704
VL - 69
SP - 7078
EP - 7091
JO - IEEE Transactions on Vehicular Technology
JF - IEEE Transactions on Vehicular Technology
SN - 0018-9545
IS - 7
M1 - 9076873
ER -