With every generation, vehicles are becoming smarter and more oriented toward information and communications technology (ICT). However, computerization is posing unforeseen challenges in a sector for which the first goal must be safety: car hacking has been shown to be a real threat. This article presents a novel mechanism to provide improved security for applications executed in the vehicle based on the principle of defining exactly who can talk to whom. The proposed security framework targets Ethernet-based com - munications and is tightly integrated within the emerging Scalable service-Oriented MiddlewarE over IP (SOME/IP) middleware. No complex configurations are needed: simple high-level rules, clearly stating the communications allowed, are the only element required to enable the security features. The designed solution has been implemented as a proof of concept (PoC) inside the vsomeip stack to evaluate the validity of the approach proposed: experimental measurements confirm that the additional overhead introduced in end-to-end communication is negligible.

中文翻译：

---

保护车载服务：启用安全的 SOME/IP 中间件

随着每一代人的进步，车辆变得越来越智能，并且更加面向信息和通信技术 (ICT)。然而，计算机化在一个首要目标必须是安全的行业中带来了无法预料的挑战：汽车黑客已被证明是一个真正的威胁。本文基于准确定义谁可以与谁交谈的原则，提出了一种新机制，为在车辆中执行的应用程序提供更高的安全性。提议的安全框架针对基于以太网的通信，并紧密集成在新兴的可扩展的面向服务的 IP 中间件 (SOME/IP) 中间件中。不需要复杂的配置：简单的高级规则，明确说明允许的通信，是启用安全功能所需的唯一元素。