Rule-based Transceiver (RbT) Protocol for Security in Controller Area Networks

Abstract
Authors
Keywords
Conclusion
References

Security researchers in Controller Area Networks (CAN) have addressed attacks targeting authentication, without being concerned about neither the protocol complexity nor the busload overhead. In this research, Rule-based CAN Transceiver (RbT) is introduced, proposing a security protocol targeting the validation of a set of rules, in addition to respecting real-time constraints in modern automotive CAN networks, and providing negligible busload overhead. In this research, modified CAN Transceiver hardware node is added to the network, acting as a network guard. Each node in the network will have to initiate a secure channel with RbT node, and during normal mode operation, the nodes will transmit a Message Authentication Code (MAC) as part of the data frame, with the MAC targeted to the RbT node. MAC will be built and validated based on a set of defined rules. RbT node will prevent the nodes from receiving the frame in case of invalid MAC by the transmission of CAN error frame, otherwise, it will allow normal frame reception by the network nodes. The protocol concept is proved and the busload overhead is implemented and proved using CANoe from Vector.

Published In : IJCSN Journal Volume 7, Issue 1

Date of Publication : February 2018

Pages : 14-17

Figures :04

Tables : 05

Khaled NAGA : received BSc degree in Electronics and Communication Engineering from Faculty of Engineering, Ain Shams University, Cairo, Egypt in 2008. He is a Software Architect and a Technical Consultant in Avelabs Egypt working for Automotive Tier-1 and Tier-2 companies including Delphi Automotive, Continental, Elektrobit, and Autoliv. He was a Principal Software Engineer in Valeo and IBM. He is also an experienced instructor conducting Embedded Systems specialized training in Delphi Automotive in the USA and several engineering institutes in Egypt including Information Technology Institute (ITI). His research interest includes embedded systems, real-time design, compilers, AUTOSAR, security, and automotive networks.

Ashraf TAMMAM : received BSc degree in Computer Engineering from Military Technical College (MTC), Cairo, Egypt in 1994. And received his MSc and Ph.D. degrees in Computer and Systems Engineering from Faculty of Engineering, Ain Shams University, Cairo, Egypt in 2004 and 2011 respectively. He is an Assistant Professor of Computer Engineering at Arab Academy for Science, Technology & Maritime Transport (AASTMT), Cairo, Egypt. He was the Chairman of Information and Decision Support Center (IDSC), Egyptian Cabinet in 2014. His research interest includes computer networks, security, and cloud computing.

Abdelmoneim WAHDAN : received BSc and MSc degrees in Computer Engineering from Faculty of Engineering, Ain Shams University, Cairo, Egypt in 1968 and 1972 respectively. And received his Ph.D. degree from École Centrale de Nantes, France in 1978. Since that, he worked as Assistant, Associate, and Full Professor of Systems and Computer Engineering in Faculty of Engineering, Ain Shams University, and on leave in KSU Saudi Arabia during 1985 to 1990. Professor Wahdan supervised many MSc and Ph.D. degrees in Egypt, Saudi Arabia, and France during his long career. And currently, he is with Computer Engineering department AASTMT, Cairo, Egypt. His research interest includes computer networks, computer hardware, embedded systems, automatic control, security, robotics, and other related areas.

Automotive, Security, Controller Area Networks (CAN), Transceivers

RbT Protocol is a proposed hardware-based solution that depends on a new modified CAN transceiver. RbT MAC generation and verification rules are based on sender's parameters and the transmitted message parameters, ensuring protection against attacks targeting messages' authentication, authentication, and authorization of the sender nodes. RbT is proved to add negligible busload overhead while respecting strict real-time response constraints. RbT is shown to provide much better busload overhead results than the studied software-based protocols, and a better busload overhead results over the studied hardware-based protocol. In addition, RbT protocol is invulnerable against MITM attacks unlike CaCAN protocol due to the sender node authentication applied in RbT protocol.

[1] M. Broy, I. H. Kruger, A. Pretschner, and C. Salzmann, Eds., Engineering Automotive Software, ser. 2, vol. 95. IEEE, 2 2007. [2] A. Albert, Ed., Comparison of Event-Triggered and Time-Triggered Concepts with Regard to Distributed Control Systems, ser. 5. Proceedings of Embedded World, 2004. [3] N. Navet, Y. Song, F. Simonot-Lion, and C. Wilwert, Eds., Trends in automotive communication systems, ser. 6, vol. 93. Proceedings of IEEE, 2005. [4] Vector ELearning, “Controller area networks,” 2016, https://elearning.vector.com/vl can introduction en.html. [5] “In-vehicle networking,” NXP, Tech. Rep., LIN/CAN/RF/FlexRay Technology. [6] K. Koscher, A. Czeskis, F. Roesner, S. Patel, T. Kohno, S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, , and S. Savage, “Experimental security analysis of a modern automobile,” in Security and Privacy (SP), 2010 IEEE Symposium, Oakland, CA, USA, 5 2010, p. 447462. [7] A. Hazem and H. A. Fahmy, “Lcap - a lightweight can authentication protocol for securing in-vehicle networks,” in 10th Int. Conf. on Embedded Security in Cars (ESCAR 2012), vol. 6, Berlin, Germany, 2012. [8] C. Miller and C. Valasek, “Remote exploitation of an unaltered passenger vehicle,” 8 2015, http://illmatics.com/Remote [9] C. Miller and C. Valasek, “Hackers remotely kill a jeep on the highway - with me in it,” 2015, https://www.wired.com/2015/07/hackers-remotely-killjeephighway/. [10] S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage, K. Koscher, A. Czeskis, F. Roesner, and T. Kohno, “Comprehensive experimental analyses of automotive attack surfaces.” in 20th USENIX Security Symposium (USENIX Security 2011). Berkeley, San Francisco, USA: Autosec, 8 2011. [11] R. Verdult and F. D. Garcia, “Cryptanalysis of the megamos crypto automotive immobilizer,” in USENIX Association, vol. 40, 2015. [12] R. Verdult, F. D. Garcia, and B. Ege, “Dismantling megamos crypto: Wirelessly lock picking a vehicle immobilizer,” in 22nd USENIX Security Symposium (USENIX Security 2013), 2013. [13] R. Verdult, F. D. Garcia, and J. Balasch, “Gone in 360 seconds: Hijacking with hitag2,” in 21st USENIX Security Symposium (USENIX Security 2012), 2012. [14] C. Szilagyi and P. Koopman, “Low cost multicast authentication via validity voting in time-triggered embedded control networks,” Workshop on Embedded System Security, 2010. [15] O. Hartkopp, C. Reuber, and R. Schilling, “Macan - message authenticated can,” in 10th Int. Conf. on Embedded Security in Cars (ESCAR 2012), vol. 6, Berlin, Germany, 2012. [16] C. W. Lin and A. Sangiovanni-Vincentelli, “Cybersecurity for the controller area network (can) communication protocol,” in 2012 IEEE ASE International Conference on Cyber Security, Washington, DC, USA, 2012, p. 344350. [17] A. Radu and F. Garcia, “Leia: A lightweight authentication protocol for can,” vol. 9879, European Symposium on Research in Computer Security (ESORICS). Springer, 9 2016, pp. 283–300. [18] R. Kurachi, Y. Matsubara, H. Takada, N. Adachi, Y. Miyashita, and S. Horihata, “Cacan - centralised authentication system in can,” in 12th Int. Conf. on Embedded Security in Cars (ESCAR 2012), 2014.