当前位置: X-MOL 学术IEEE Trans. Veh. Technol. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Securing SOME/IP for In-Vehicle Service Protection
IEEE Transactions on Vehicular Technology ( IF 6.1 ) Pub Date : 2020-10-06 , DOI: 10.1109/tvt.2020.3028880
Marco Iorio , Massimo Reineri , Fulvio Risso , Riccardo Sisto , Fulvio Valenza

Although high-speed in-vehicle networks are being increasingly adopted by the industry to support emerging use cases, previous research already demonstrated that car hacking is a real threat. This paper formalizes a novel framework proposed to provide improved security to the emerging SOME/IP middleware, without introducing at the same time limitations in the communication patterns available. Most notably, the entire traffic matrix is designed to be configured using simple high-level rules, clearly stating who can talk to whom according to the service abstraction adopted by SOME/IP. Three incremental security levels are made available, accounting for different services being associated with different requirements. The core security protocol, encompassing a session establishment phase followed by the transmission of secured SOME/IP messages, has been formally verified, to prove its correctness in terms of authentication and secrecy properties. Performance-wise, in-depth experimental evaluations conducted with an extended version of vsomeip confirmed the introduction of quite limited penalties compared to the bare unsecured implementation.

中文翻译:


确保 SOME/IP 的安全以实现车载服务保护



尽管业界越来越多地采用高速车载网络来支持新兴用例,但之前的研究已经证明汽车黑客攻击是一个真正的威胁。本文正式提出了一种新颖的框架,旨在为新兴的 SOME/IP 中间件提供更高的安全性,同时不会引入可用通信模式的限制。最值得注意的是,整个流量矩阵被设计为使用简单的高级规则进行配置,根据 SOME/IP 采用的服务抽象清楚地说明谁可以与谁通信。提供了三个增量安全级别,考虑到与不同需求相关的不同服务。核心安全协议(包括会话建立阶段和随后传输安全 SOME/IP 消息)已经过正式验证,以证明其在身份验证和保密属性方面的正确性。在性能方面,使用 vsomeip 的扩展版本进行的深入实验评估证实,与纯粹的不安全实施相比,引入的惩罚相当有限。
更新日期:2020-10-06
down
wechat
bug