Encrypted Signal Transmission with AUTOSAR in a CAN-FD Network: Page 4 of 5

July 23, 2015 // By Armin Happel, Vector Informatik
Encrypted Signal Transmission with AUTOSAR in a CAN-FD Network
In today’s vehicle networks, data transmission is for the most part performed without any special security measures. That is, in accessing a vehicle’s bus system, it is possible to read the data transmitted in raw format or to even play it into the bus system in modified form. Encrypted data transmission would not only ensure that this information can only be evaluated by authorized recipients, it would also make it much more difficult to intercept or alter the messages.

Vector implemented the protocol for CAN FD in a CANoe environment. The Vector specialists subjected the protocol to extensive tests using this software tool for development, simulation and testing of ECUs and networks. Along with the required robustness against replay attacks, another focus was to study message losses, failure and re-entry of sender and receiver as well as timing errors and burst attacks. In all of these cases, the encryption system provided stable transmission.

Summary and Outlook

In CAN FD, in particular, it took relatively little effort to implement robust transmission of encrypted data with multiple nodes, and this method can also fit into an existing AUTOSAR-3.x environment. One disadvantage is the serialization and deserialization of the data on the application level (Figure 3), which means that modeling properties of the RTE cannot be used any longer for individual signals. The classic points of attack on such systems must still be kept in mind. They include, for example, weak random number generators for the ID keys (at startup) or spying the symmetrical keys.

Figure 3: Software components for encrypted transmission

In the security technology world, the AES-128 algorithm is considered secure, at least for the near future, and its implementation is mature or even supported by hardware accelerators. The method presented here makes attacks on the CAN(-FD) communication much more difficult, and manipulation is hardly possible without “insider knowledge”. On CAN it has already been in production use for several years, and it also has led to favorable classification of the relevant vehicle for insurance premiums. In this case, security not only protects data; it even offers a direct cost advantage to the end user.

Design category: 

Vous êtes certain ?

Si vous désactivez les cookies, vous ne pouvez plus naviguer sur le site.

Vous allez être rediriger vers Google.