当前位置:
X-MOL 学术
›
arXiv.cs.AR
›
论文详情
Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
Fortifying Vehicular Security Through Low Overhead Physically Unclonable Functions
arXiv - CS - Hardware Architecture Pub Date : 2021-06-05 , DOI: arxiv-2106.02976 Carson Labrado, Himanshu Thapliyal, Saraju P. Mohanty
arXiv - CS - Hardware Architecture Pub Date : 2021-06-05 , DOI: arxiv-2106.02976 Carson Labrado, Himanshu Thapliyal, Saraju P. Mohanty
Within vehicles, the Controller Area Network (CAN) allows efficient
communication between the electronic control units (ECUs) responsible for
controlling the various subsystems. The CAN protocol was not designed to
include much support for secure communication. The fact that so many critical
systems can be accessed through an insecure communication network presents a
major security concern. Adding security features to CAN is difficult due to the
limited resources available to the individual ECUs and the costs that would be
associated with adding the necessary hardware to support any additional
security operations without overly degrading the performance of standard
communication. Replacing the protocol is another option, but it is subject to
many of the same problems. The lack of security becomes even more concerning as
vehicles continue to adopt smart features. Smart vehicles have a multitude of
communication interfaces would an attacker could exploit to gain access to the
networks. In this work we propose a security framework that is based on
physically unclonable functions (PUFs) and lightweight cryptography (LWC). The
framework does not require any modification to the standard CAN protocol while
also minimizing the amount of additional message overhead required for its
operation. The improvements in our proposed framework results in major
reduction in the number of CAN frames that must be sent during operation. For a
system with 20 ECUs for example, our proposed framework only requires 6.5% of
the number of CAN frames that is required by the existing approach to
successfully authenticate every ECU.
中文翻译:
通过低开销的物理不可克隆功能增强车辆安全性
在车辆内,控制器局域网 (CAN) 允许负责控制各种子系统的电子控制单元 (ECU) 之间进行高效通信。CAN 协议并未设计为包含对安全通信的大量支持。如此多的关键系统可以通过不安全的通信网络访问这一事实提出了一个主要的安全问题。由于单个 ECU 可用的资源有限,并且在不过度降低标准通信性能的情况下添加必要的硬件以支持任何额外的安全操作会产生相关成本,因此向 CAN 添加安全功能很困难。更换协议是另一种选择,但它会遇到许多相同的问题。随着车辆继续采用智能功能,缺乏安全性变得更加令人担忧。智能车辆具有多种通信接口,攻击者可以利用这些接口来访问网络。在这项工作中,我们提出了一个基于物理不可克隆功能 (PUF) 和轻量级加密 (LWC) 的安全框架。该框架不需要对标准 CAN 协议进行任何修改,同时还最大限度地减少了其操作所需的额外消息开销。我们提议的框架的改进导致在操作期间必须发送的 CAN 帧的数量大大减少。例如,对于具有 20 个 ECU 的系统,我们提出的框架只需要现有方法成功验证每个 ECU 所需的 CAN 帧数量的 6.5%。
更新日期:2021-06-08
中文翻译:
通过低开销的物理不可克隆功能增强车辆安全性
在车辆内,控制器局域网 (CAN) 允许负责控制各种子系统的电子控制单元 (ECU) 之间进行高效通信。CAN 协议并未设计为包含对安全通信的大量支持。如此多的关键系统可以通过不安全的通信网络访问这一事实提出了一个主要的安全问题。由于单个 ECU 可用的资源有限,并且在不过度降低标准通信性能的情况下添加必要的硬件以支持任何额外的安全操作会产生相关成本,因此向 CAN 添加安全功能很困难。更换协议是另一种选择,但它会遇到许多相同的问题。随着车辆继续采用智能功能,缺乏安全性变得更加令人担忧。智能车辆具有多种通信接口,攻击者可以利用这些接口来访问网络。在这项工作中,我们提出了一个基于物理不可克隆功能 (PUF) 和轻量级加密 (LWC) 的安全框架。该框架不需要对标准 CAN 协议进行任何修改,同时还最大限度地减少了其操作所需的额外消息开销。我们提议的框架的改进导致在操作期间必须发送的 CAN 帧的数量大大减少。例如,对于具有 20 个 ECU 的系统,我们提出的框架只需要现有方法成功验证每个 ECU 所需的 CAN 帧数量的 6.5%。
京公网安备 11010802027423号