Security Aspects of Utilizing Ethernet AVB as the Converged Vehicle Backbone

摘要

With increasing demand for and sophistication of automotive applications such as infotainment and driver's assistance, the need for tighter integration between the many networks found in modern vehicles is likewise increasing. To enable this integrated vehicle architecture, there is a growing trend to use the Ethernet AVB as a converged backbone to enable cross-domain data exchange. This paper examines requirements for security and integrity posed by these inter- and intra-ECU and inter-vehicle communications. Solutions are proposed - and gaps are identified - with emphasis given to mapping the broad spectrum of Ethernet security mechanisms to vehicle networking solutions. We begin by examining the security aspects of bridging Body, Chassis/Safety, Powertrain, and Infotainment data, alongside sensor and actuator data across an Ethernet AVB backbone. Specifically discussed is partitioning and application of various Ethernet security solutions including protocols, algorithms, and encryption mechanisms appropriate for vehicular requirements. This includes a discussion of the strengths and vulnerabilities afforded by Ethernet for authenticated ECU/LAN access, data/message integrity, and intrusion protection.