Informatik-Kolloquien
344. Informatik-Kolloquium
Öffentliche Verteidigung im Rahmen des Promotionsverfahrens
Herr Mingqing Zhang, M.Sc.
TU Chemnitz
Fakultät für Informatik
Professur Rechnerarchitekturen und -systeme
"Safety/Security Co-design for Automotive CAN Buses"
Mittwoch, 04.12.2024, 10:00 Uhr, Straße der Nationen 62, Böttcher-Bau, A12.336 (alt: 1/336)
Alle interessierten Personen sind herzlich eingeladen!
Abstract
The automotive industry heavily relies on the controller area network (CAN) due to its low cost and robustness. However, as vehicle connectivity grows, CAN buses become more vulnerable to cyberattacks such as spoofing, sniffing, replay, and denial of service (DoS), compromising both safety and (cyber-)security.
Most existing attempts to secure CAN buses necessitate modifications to the hardware or protocol, which increase costs and complicate implementation, or they employ security schemes that negatively impact timing behavior and safety for both passengers and other road participants. To address this problem, we first propose a safety/security co-design approach based on combining a technique we call periodic authenticated encryption. On the other hand, DoS attacks on CAN buses can typically only be mitigated rather than completely rejected, due to CAN's inherent characteristics. We hence propose a priority-raise approach to this aim. Further, securing CAN buses requires sending additional frames, which frames undergo individual arbitration processes, further increasing delay. To alleviate this situation, we propose an ID mirroring technique. Finally, to accommodate to varying timing requirements in safety-critical applications, we propose a dynamic encryption switching approach.
To evaluate the efficacy of these techniques, we conducted experiments on real hardware and carried out extensive simulations using MATLAB/Simulink and OMNeT++. Additionally, we presented various case studies involving electronic stability control (ESC), emergency braking, adaptive cruise control (ACC), and cooperative driving. Our findings demonstrate that the proposed techniques effectively reduce transmission delays while mitigating or preventing all major cyberattacks on the CAN bus. Furthermore, these techniques enable us to meet typical automotive deadlines on CAN buses, fulfilling both safety and security requirements within automotive systems.