Encrypted Signal Transmission with AUTOSAR in a CAN-FD Network: Page 5 of 5

July 23, 2015 // By Armin Happel, Vector Informatik
Encrypted Signal Transmission with AUTOSAR in a CAN-FD Network
In today’s vehicle networks, data transmission is for the most part performed without any special security measures. That is, in accessing a vehicle’s bus system, it is possible to read the data transmitted in raw format or to even play it into the bus system in modified form. Encrypted data transmission would not only ensure that this information can only be evaluated by authorized recipients, it would also make it much more difficult to intercept or alter the messages.

In new development projects, the new AUTOSAR 4.x standard is used instead of AUTOSAR 3.x. The latest version, AUTOSAR 4.2.1, contains the basic software module “Secured Onboard Communication” [5]. While preserving the RTE mechanisms for signal handling, it enables transparent authentication of messages. This involves adding portions of a Message Authentication Code (MAC) to the message. In Secured Onboard Communication, authentication is the primary method for secure communication; encryption is not currently planned, so the messages are transmitted as plain text. Like for the AES algorithm for CAN message encryption, the MAC calculation also requires symmetrical keys which must be provided here as well. A Freshness Counter ensures that it is possible to check the currency of the data.

In the near future, remote connections such as Car2x communication, WLAN, Bluetooth and Internet will continue to grow and will necessitate much more stringent requirements for IT security. These access modes must be made secure against attacks and must not permit any remote manipulation. This is especially true of information to driver assistance systems, which rely on reliable messages from other traffic participants and/or the infrastructure. Vector is also providing suitable support for the analysis and development of such systems.

About the Author:

Armin Happel (Graduate Engineer) is Principal Software Development Engineer at Vector Informatik GmbH in the area of Research and Development for Innovative Applications where he is responsible for the area of Applied Security.
Tel. +49 711 80670-2133
E-mail: armin.happel@vector.com

Literature:
[1] https://www.chip.de/news/CAN-Hacking-Tool-Autos-hacken-fuer-20-Dollar_67066892.html [only German]
[2] https://www.can-newsletter.org/engineering/engineering-miscellaneous/140822_list-of-potentially-vulnerable-cars_blackhat/
[3] Advanced Encryption Standard (AES), FIPS PUB 197
[4] CAN with Flexible Data Rate – Specification Version 1.0, Robert Bosch, GmbH; April, 2012
https://www.bosch-semiconductors.de/en/ubk_semiconductors/safe/ip_modules/can_fd/can.html
[5] AUTOSAR Specification of Module Secure Onboard Communication, Release 4.2.1
[6] AUTOSAR Software Specification Crypto Abstraction Library Release 4.2.1
[7] AUTOSAR CryptoService Manager, Release 4.2.1

All figures (c) Vector Informatik GmbH

Design category: 

Vous êtes certain ?

Si vous désactivez les cookies, vous ne pouvez plus naviguer sur le site.

Vous allez être rediriger vers Google.