B-FERL: Blockchain based framework for securing smart vehicles
Introduction
With technological advancements in the automotive industry in recent times, modern vehicles are no longer made up of only mechanical devices but are also an assemblage of complex electronic devices called electronic control units (ECUs) which provide advanced vehicle functionality and facilitate independent decision making. ECUs receive input from sensors and runs computations for their required tasks (Swawibe Ul Alam, 2018). These vehicles are also fitted with an increasing number of sensing and communication technologies to facilitate driving decisions and to be self aware (Chattopadhyay & Lam, 2018). However, the proliferation of these technologies has been found to facilitate the remote exploitation of the vehicle (Greenberg, 2015). Malicious entities could inject malware in ECUs to compromise the internal network of the vehicle (Chattopadhyay & Lam, 2018). The internal network of a vehicle refers to the communications between the multiple ECUs in the vehicle over on-board buses such as the controller area network (CAN) (Han, Weimerskirch, & Shin, 2014). The authors in Greenberg (2015) and Woo, Jo, and Lee (2015) demonstrated the possibility of such remote exploitation on a connected and autonomous vehicle (CAV), which allowed the malicious entity to gain full control of the driving system and bring the vehicle to a halt.
To comprehend the extent to which smart vehicles are vulnerable, we conducted a risk analysis for connected vehicles in Oham, Jurdak and Jha (2019) and identified likely threats and their sources. Furthermore, using the Threat Vulnerability Risk Assessment (TVRA) methodology, we classified identified threats based on their impact on the vehicles and found that compromising one or more of the myriad of ECUs installed in the vehicles poses a considerable threat to the security of smart vehicles and the vehicular network. Vehicular network here refers to communication between smart vehicles and roadside units (RSUs) which are installed and managed by the transport authority. These entities exchange routine and safety messages according to the IEEE802.11p standard (Chen, Li, & Panneerselvam, 2017). By compromising ECUs fitted in a vehicle, a malicious entity could for example, broadcast false information in the network to affect the driving decisions of other vehicles. Therefore, this paper presents a countermeasure to mitigate ECU exploitation by monitoring the state of the in-vehicle network to facilitate the detection of an ECU compromise.
Previous efforts that focus on the security of in-vehicle networks have focused on intrusion and anomaly detection which enables the detection of unauthorized access to in-vehicle network (Akosan et al., 2015, Aloqaily et al., 2019, CUBE, 2018, Nilsson and Larson, 2008, Oguma et al., 2008, Salem et al., 2019), and the identification of deviations from acceptable vehicle behavior (Wasicek & Weimerskirch, 2014). Several challenges however persist. First, proposed security solutions are based on a centralized design which relies on a Master ECU that is responsible for ensuring valid communications between in-vehicle ECUs (Nilsson and Larson, 2008, Oguma et al., 2008, Salem et al., 2019). However, these solutions are vulnerable to a single point of failure attack where an attacker’s aim is to compromise the centralized security design. Furthermore, if the Master ECU is either compromised or faulty, the attacker could easily execute actions that undermine the security of the in-vehicle network. Also, actions that constitute intrusion have not been properly defined and intrusion detection is towards the request and provision of requisite services for smart vehicles (Aloqaily et al., 2019) and not towards secure inter-vehicular communications. In addition, efforts that focus on intrusion detection by comparing ECU firmware versions (Akosan et al., 2015, CUBE, 2018, Nilsson and Larson, 2008) are also vulnerable to a single point of exploitation whereby the previous version which is centrally stored could be altered. These works (Akosan et al., 2015, CUBE, 2018) also rely on the vehicle manufacturer to ultimately verify the state of ECUs. However, vehicle manufacturers could be motivated to execute malicious actions for their benefits such as to evade liability (Oham, Jurdak, Kanhere, Dorri and Jha, 2018). Therefore, decentralization of the ECU state verification among entities in the vehicular ecosystem is desirable for the security of smart vehicles. Finally, the solution proposed in Wasicek and Weimerskirch (2014) which focuses on observing deviations from acceptable behavior utilized data generated from a subset of ECUs. However, this present a data reliability challenge when an ECU not included in the ECU subset is compromised.
We argue in this paper that Blockchain (BC) (Nakamoto, 2008) technology has the potential to address the aforementioned challenges including centralization, availability and data reliability.
BC is an immutable and distributed ledger technology that provides verifiable record of transactions in the form of an interconnected series of data blocks. BC was initially introduced as a security solution for the Bitcoin cryptocurrency system (Nakamoto, 2008) but is now widely utilized for non-monetary applications including tackling the dissemination of fake news (Chena, Srivastava, Parizic, Aloqailyd, & Ridhawie, 2020), auditing of public cloud storage (Lia, Wu, Jiang, & Srikanthanb, 2020), and task scheduling optimization (Baniata, Anaqreh, & Kertesza, 2021). Furthermore, in Berdika, Otoum, Schmidta, Portera, and Jararweha (2020), the authors discuss more non-monetary BC applications.
BC can be public or permissioned (Oham, Jurdak, Kanhere et al., 2018) to differentiate user capabilities including who has the right to participate in the BC network. Compared to identified intrusion (CUBE, 2018, Nilsson and Larson, 2008, Salem et al., 2019), and anomaly detection (Swawibe Ul Alam, 2018) solutions, BC replaces centralization with a trustless consensus which when applied to our context can ensure that no single entity can assume full control of verifying the state of ECUs in a smart vehicle and could facilitate the identification of rogue actions executed by vehicle manufacturers (Oham, Jurdak, Kanhere et al., 2018). Furthermore, the decentralized consensus provided by BC is well-suited for securing the internal network of smart vehicles by keeping track of historical operations executed on the vehicle’s ECUs such as firmware updates, thus easily identifying any change to the ECU and entities responsible for that change. Finally, the distributed structure of BC provides robustness to a single point of failure.
Having identified the limitations of existing works, we propose a Blockchain based Framework for sEcuring smaRt vehicLes (B-FERL). B-FERL is an apposite countermeasure for in-vehicle network security that exposes threats in smart vehicles by ascertaining the state of the vehicle’s internal controls. Also, given that data modification depicts a successful attempt to alter the state of an ECU, B-FERL also suffices as a data reliability solution that ensures that a vehicle’s data is trustworthy. We utilize a permissioned BC to allow only trusted entities manage the record of vehicles in the BC network. This means that state changes of an ECU are summarized, stored and managed distributedly in the BC.
The key contributions of this paper are summarized as follows:
(1) We present B-FERL; a decentralized security framework for in-vehicle networks. B-FERL ascertains the integrity of in-vehicle ECUs and highlights the existence of threats in a smart vehicle. To achieve this, we define a two-tier blockchain-based architecture, which introduces an initialization operation used to create record vehicles for authentication purposes and a challenge–response mechanism where the integrity of a vehicle’s internal network is queried when it connects to an RSU to ensure its security.
(2) We conduct a qualitative evaluation of B-FERL to evaluate its resilience to identified attacks. We also conduct a comparative evaluation with existing approaches and highlight the practical benefits of B-FERL. Finally, we characterize the performance of B-FERL via simulations using the CORE simulator against key performance measures such as the time and storage overheads for smart vehicles and RSUs.
(3) Our proposal is tailored to meet the integrity requirement for securing smart vehicles and the availability requirement for securing vehicular networks and we provide succinct discussion on the applicability of our proposal to achieve various critical automotive functions such as vehicular forensics, secure vehicular communication and trust management.
This paper is an extension of our preliminary ideas presented in Oham, Jurdak, Jha et al. (2019). Here, we present a security framework for detecting when an in-vehicle network compromise occurs and provide evidence that reflect actions on ECUs in a vehicle. Also, we present evaluations to demonstrate the efficacy of B-FERL.
The rest of the paper is structured as follows. In Section 2, we discuss related works and present an overview of our proposed framework in Section 3, where we also describe our system, network and threat model. Section 4 describes the details of our proposed framework. In Section 5, we discuss results of the performance evaluation. Section 6 present discussions on the potential use cases of B-FERL, comparative evaluation with closely related works, and we conclude the paper in Section 7.
Section snippets
Related work
BC has been proposed as security solutions for vehicular networks. Proposed solutions have focused on securing automotive networks, privacy preservation and on reputation and trust management. While these solutions enhance the security of vehicular networks, none have focused on the identification of compromised ECUs which constitutes a significant point for unauthorized access to vehicular networks (Oham, Jurdak, Jha et al., 2019).
B-FERL overview and threat model
In this section, we present a brief overview of B-FERL including the roles of interacting entities, and a description of the network and threat models.
Blockchain based framework for sEcuring smaRt vehicles (B-FERL)
This section outlines the architecture of the proposed framework. As described in Fig. 1, entities involved in our framework include vehicle manufacturers, service technicians, insurance companies, CAVs, RSUs, road transport and legal authorities. Based on entity-roles described in Section 2, we categorize entities as verifiers and proposers. Verifiers are entities that verify and validate data sent to the BC. Verifiers in B-FERL include RSUs, road transport and legal authorities. Proposers are
Performance evaluation
The evaluation of B-FERL was performed in an emulated scenario using Common Open Research Emulator (CORE), running in a Linux Virtual Machine using six processor cores and 12 Gb of RAM. Based on the appendable blocks concept described in Section 4, B-FERL supports adding transactions of a specific CAV to a block. This block is used to identify the CAV in the lower tier and stores all of its records.
The initial experiments aim to identify the project viability, and thus enable us to plan ahead
Discussion
In this section, we provide a further discussion considering the security, Use cases as well a comparative evaluation of B-FERL against related work.
Conclusion
In this paper, we have presented a Blockchain based Framework for sEcuring smaRt vehicLes (B-FERL). The purpose of B-FERL is to identify when an ECU of a smart vehicle have been compromised by querying the internal state of the vehicle and escalate identified compromise to requisite authorities such as the road transport and legal authority who takes necessary measure to prevent such compromised vehicles from causing harm to the vehicular network. Given this possibility, B-FERL doubles as a
CRediT authorship contribution statement
Chuka Oham: Idea of the manuscript, Writing - original draft, Literature review, System design, Security analysis, Comparative evaluations and selection, Justification for evaluation parameters. Regio A. Michelin: Writing - original draft, Designed and developed the simulation environment. Raja Jurdak: Writing - review & editing, Offering timely and critical suggestions to improve the quality of the paper. Salil S. Kanhere: Writing - review & editing, Offering timely and critical suggestions to
Acknowledgment
This work has been supported by Cyber Security Cooperative Research Centre Limited (CSCRC) whose activities are partially funded by the Australian Government’s Cooperative Research Centres Program .
References (40)
- et al.
Creditcoin: A privacy-preserving blockchain-based incentive announcement network for communications of smart vehicles
IEEE Transactions on Intelligent Transportation Systems
(2018) - et al.
Scalable embedded device attestation
(2015) - et al.
An intrusion detection system for connected vehicles in smart cities, Volume 90
(2019) - et al.
PF-BTS: A privacy-aware fog-enhanced blockchain-assisted task scheduling
Information Processing and Management
(2021) - et al.
A survey on blockchain for
Information Systems Management and Security Information Processing and Management
(2020) - et al.
Privacy management in social internet of vehicles: Review, challenges and blockchain based solutions in
IEEE Access
(2019) - et al.
Autonomous vehicle: security by design
(2018) - et al.
TMEC: A trust management based on evidence combination on attack-resistant and collaborative internet of vehicles
(2017) - et al.
An incentive-aware blockchain-based solution for internet of fake media things
Information Processing and Management
(2020) Autonomous car network security platform based on blockchain
(2018)
Reputation-based trust model in vehicular Ad-Hoc networks
A distributed solution to automotive security and privacy
Vars: a vehicle ad-hoc network reputation system
Autonomous vehicles: The legal landscape of dedicated short range communication in the US, UK and Germany
Hackers remotely kill a jeep on the highway – with me in it. Andy greenberg security
Scalability for resource-constrained accountable vehicle-to-x communication
Towards secure blockchain-enabled internet of vehicles: Optimizing consensus management using reputation and contract theory
ART: An attack-resistant trust management scheme for securing vehicular ad hoc networks
IEEE Transactions on Intelligent Transportation Systems
Cited by (92)
Blockchain meets Internet of Things (IoT) forensics: A unified framework for IoT ecosystems
2023, Internet of Things (Netherlands)Blockchain from the information systems perspective: Literature review, synthesis, and directions for future research
2023, Information and ManagementImpacts of 5G on cyber-physical risks for interdependent connected smart critical infrastructure systems
2023, International Journal of Critical Infrastructure ProtectionA Survey on Role of Blockchain for IoT: Applications and Technical Aspects
2023, Computer NetworksPerformance analysis of a private blockchain network built on Hyperledger Fabric for healthcare
2023, Information Processing and ManagementFunctional analysis of blockchain consensus algorithms
2023, Distributed Computing to Blockchain: Architecture, Technology, and Applications