Enhancing In-Vehicle Communication by Authentication and Security: An incremental approach with an example for CAN message authentication

摘要

Modern automotive E/E architectures consist of a huge number of nodes communicating over an openly accessible network inside the car. To ensure authenticity, integrity and protection against external attacks, a secure communication is mandatory. The challenge is to manage the complexity and variety of different communication protocols and nodes, as well as interoperability between different vendors. Rearchitecting a complete E/E architecture to ensure 100% of secured nodes is almost infeasible. This paper presents a flexible and scalable approach for enhancing security in an in-vehicle network. The solution scales very well across all in-vehicle communication networks, from CAN to Ethernet communication with support for TLS. An example of CAN message authentication is shown in detail. One can selectively decide which ECUs need to be re-architected and which ECUs can remain almost unchanged. This minimally intrusive approach allows the system architect to better adjust the overall network architecture to the security needs with incremental change. Consequently, this reduces effort and risk while significantly reducing re-qualification efforts. Legacy ECUs can be preserved when needed, while feature-rich ECUs may undergo an architecture redesign.