B-FERL: Blockchain based framework for securing smart vehicles

doi:10.1016/j.ipm.2020.102426

Information Processing & Management

Volume 58, Issue 1, January 2021, 102426

https://doi.org/10.1016/j.ipm.2020.102426 Get rights and content

Highlights

•
Securing in-vehicle network components enhances the security of smart vehicles and prevents the potential for successful remote exploitation.
•
Integrity assessments of in-vehicle components enhances the credibility of data produced by smart vehicles.
•
Proposed security framework satisfies critical automotive functions including vehicular forensics and trust management.
•
Security framework facilitates the identification of compromised vehicles in the vehicular network.

Abstract

The ubiquity of connecting technologies in smart vehicles and the incremental automation of its functionalities promise significant benefits, including a significant decline in congestion and road fatalities. However, increasing automation and connectedness broadens the attack surface and heightens the likelihood of a malicious entity successfully executing an attack. In this paper, we propose a Blockchain based Framework for sEcuring smaRt vehicLes (B-FERL). B-FERL uses permissioned blockchain technology to tailor information access to restricted entities in the connected vehicle ecosystem. It also uses a challenge–response data exchange between the vehicles and roadside units to monitor the internal state of the vehicle to identify cases of in-vehicle network compromise. In order to enable authentic and valid communication in the vehicular network, only vehicles with a verifiable record in the blockchain can exchange messages. Through qualitative arguments, we show that B-FERL is resilient to identified attacks. Also, quantitative evaluations in an emulated scenario show that B-FERL ensures a suitable response time and required storage size compatible with realistic scenarios. Finally, we demonstrate how B-FERL achieves various important functions relevant to the automotive ecosystem such as trust management, vehicular forensics and secure vehicular networks.

Introduction

With technological advancements in the automotive industry in recent times, modern vehicles are no longer made up of only mechanical devices but are also an assemblage of complex electronic devices called electronic control units (ECUs) which provide advanced vehicle functionality and facilitate independent decision making. ECUs receive input from sensors and runs computations for their required tasks (Swawibe Ul Alam, 2018). These vehicles are also fitted with an increasing number of sensing and communication technologies to facilitate driving decisions and to be self aware (Chattopadhyay & Lam, 2018). However, the proliferation of these technologies has been found to facilitate the remote exploitation of the vehicle (Greenberg, 2015). Malicious entities could inject malware in ECUs to compromise the internal network of the vehicle (Chattopadhyay & Lam, 2018). The internal network of a vehicle refers to the communications between the multiple ECUs in the vehicle over on-board buses such as the controller area network (CAN) (Han, Weimerskirch, & Shin, 2014). The authors in Greenberg (2015) and Woo, Jo, and Lee (2015) demonstrated the possibility of such remote exploitation on a connected and autonomous vehicle (CAV), which allowed the malicious entity to gain full control of the driving system and bring the vehicle to a halt.

To comprehend the extent to which smart vehicles are vulnerable, we conducted a risk analysis for connected vehicles in Oham, Jurdak and Jha (2019) and identified likely threats and their sources. Furthermore, using the Threat Vulnerability Risk Assessment (TVRA) methodology, we classified identified threats based on their impact on the vehicles and found that compromising one or more of the myriad of ECUs installed in the vehicles poses a considerable threat to the security of smart vehicles and the vehicular network. Vehicular network here refers to communication between smart vehicles and roadside units (RSUs) which are installed and managed by the transport authority. These entities exchange routine and safety messages according to the IEEE802.11p standard (Chen, Li, & Panneerselvam, 2017). By compromising ECUs fitted in a vehicle, a malicious entity could for example, broadcast false information in the network to affect the driving decisions of other vehicles. Therefore, this paper presents a countermeasure to mitigate ECU exploitation by monitoring the state of the in-vehicle network to facilitate the detection of an ECU compromise.

Previous efforts that focus on the security of in-vehicle networks have focused on intrusion and anomaly detection which enables the detection of unauthorized access to in-vehicle network (Akosan et al., 2015, Aloqaily et al., 2019, CUBE, 2018, Nilsson and Larson, 2008, Oguma et al., 2008, Salem et al., 2019), and the identification of deviations from acceptable vehicle behavior (Wasicek & Weimerskirch, 2014). Several challenges however persist. First, proposed security solutions are based on a centralized design which relies on a Master ECU that is responsible for ensuring valid communications between in-vehicle ECUs (Nilsson and Larson, 2008, Oguma et al., 2008, Salem et al., 2019). However, these solutions are vulnerable to a single point of failure attack where an attacker’s aim is to compromise the centralized security design. Furthermore, if the Master ECU is either compromised or faulty, the attacker could easily execute actions that undermine the security of the in-vehicle network. Also, actions that constitute intrusion have not been properly defined and intrusion detection is towards the request and provision of requisite services for smart vehicles (Aloqaily et al., 2019) and not towards secure inter-vehicular communications. In addition, efforts that focus on intrusion detection by comparing ECU firmware versions (Akosan et al., 2015, CUBE, 2018, Nilsson and Larson, 2008) are also vulnerable to a single point of exploitation whereby the previous version which is centrally stored could be altered. These works (Akosan et al., 2015, CUBE, 2018) also rely on the vehicle manufacturer to ultimately verify the state of ECUs. However, vehicle manufacturers could be motivated to execute malicious actions for their benefits such as to evade liability (Oham, Jurdak, Kanhere, Dorri and Jha, 2018). Therefore, decentralization of the ECU state verification among entities in the vehicular ecosystem is desirable for the security of smart vehicles. Finally, the solution proposed in Wasicek and Weimerskirch (2014) which focuses on observing deviations from acceptable behavior utilized data generated from a subset of ECUs. However, this present a data reliability challenge when an ECU not included in the ECU subset is compromised.

We argue in this paper that Blockchain (BC) (Nakamoto, 2008) technology has the potential to address the aforementioned challenges including centralization, availability and data reliability.

BC is an immutable and distributed ledger technology that provides verifiable record of transactions in the form of an interconnected series of data blocks. BC was initially introduced as a security solution for the Bitcoin cryptocurrency system (Nakamoto, 2008) but is now widely utilized for non-monetary applications including tackling the dissemination of fake news (Chena, Srivastava, Parizic, Aloqailyd, & Ridhawie, 2020), auditing of public cloud storage (Lia, Wu, Jiang, & Srikanthanb, 2020), and task scheduling optimization (Baniata, Anaqreh, & Kertesza, 2021). Furthermore, in Berdika, Otoum, Schmidta, Portera, and Jararweha (2020), the authors discuss more non-monetary BC applications.

BC can be public or permissioned (Oham, Jurdak, Kanhere et al., 2018) to differentiate user capabilities including who has the right to participate in the BC network. Compared to identified intrusion (CUBE, 2018, Nilsson and Larson, 2008, Salem et al., 2019), and anomaly detection (Swawibe Ul Alam, 2018) solutions, BC replaces centralization with a trustless consensus which when applied to our context can ensure that no single entity can assume full control of verifying the state of ECUs in a smart vehicle and could facilitate the identification of rogue actions executed by vehicle manufacturers (Oham, Jurdak, Kanhere et al., 2018). Furthermore, the decentralized consensus provided by BC is well-suited for securing the internal network of smart vehicles by keeping track of historical operations executed on the vehicle’s ECUs such as firmware updates, thus easily identifying any change to the ECU and entities responsible for that change. Finally, the distributed structure of BC provides robustness to a single point of failure.

Having identified the limitations of existing works, we propose a Blockchain based Framework for sEcuring smaRt vehicLes (B-FERL). B-FERL is an apposite countermeasure for in-vehicle network security that exposes threats in smart vehicles by ascertaining the state of the vehicle’s internal controls. Also, given that data modification depicts a successful attempt to alter the state of an ECU, B-FERL also suffices as a data reliability solution that ensures that a vehicle’s data is trustworthy. We utilize a permissioned BC to allow only trusted entities manage the record of vehicles in the BC network. This means that state changes of an ECU are summarized, stored and managed distributedly in the BC.

The key contributions of this paper are summarized as follows:

(1) We present B-FERL; a decentralized security framework for in-vehicle networks. B-FERL ascertains the integrity of in-vehicle ECUs and highlights the existence of threats in a smart vehicle. To achieve this, we define a two-tier blockchain-based architecture, which introduces an initialization operation used to create record vehicles for authentication purposes and a challenge–response mechanism where the integrity of a vehicle’s internal network is queried when it connects to an RSU to ensure its security.

(2) We conduct a qualitative evaluation of B-FERL to evaluate its resilience to identified attacks. We also conduct a comparative evaluation with existing approaches and highlight the practical benefits of B-FERL. Finally, we characterize the performance of B-FERL via simulations using the CORE simulator against key performance measures such as the time and storage overheads for smart vehicles and RSUs.

(3) Our proposal is tailored to meet the integrity requirement for securing smart vehicles and the availability requirement for securing vehicular networks and we provide succinct discussion on the applicability of our proposal to achieve various critical automotive functions such as vehicular forensics, secure vehicular communication and trust management.

This paper is an extension of our preliminary ideas presented in Oham, Jurdak, Jha et al. (2019). Here, we present a security framework for detecting when an in-vehicle network compromise occurs and provide evidence that reflect actions on ECUs in a vehicle. Also, we present evaluations to demonstrate the efficacy of B-FERL.

The rest of the paper is structured as follows. In Section 2, we discuss related works and present an overview of our proposed framework in Section 3, where we also describe our system, network and threat model. Section 4 describes the details of our proposed framework. In Section 5, we discuss results of the performance evaluation. Section 6 present discussions on the potential use cases of B-FERL, comparative evaluation with closely related works, and we conclude the paper in Section 7.

Section snippets

Related work

BC has been proposed as security solutions for vehicular networks. Proposed solutions have focused on securing automotive networks, privacy preservation and on reputation and trust management. While these solutions enhance the security of vehicular networks, none have focused on the identification of compromised ECUs which constitutes a significant point for unauthorized access to vehicular networks (Oham, Jurdak, Jha et al., 2019).

B-FERL overview and threat model

In this section, we present a brief overview of B-FERL including the roles of interacting entities, and a description of the network and threat models.

Blockchain based framework for sEcuring smaRt vehicles (B-FERL)

This section outlines the architecture of the proposed framework. As described in Fig. 1, entities involved in our framework include vehicle manufacturers, service technicians, insurance companies, CAVs, RSUs, road transport and legal authorities. Based on entity-roles described in Section 2, we categorize entities as verifiers and proposers. Verifiers are entities that verify and validate data sent to the BC. Verifiers in B-FERL include RSUs, road transport and legal authorities. Proposers are

Performance evaluation

The evaluation of B-FERL was performed in an emulated scenario using Common Open Research Emulator (CORE), running in a Linux Virtual Machine using six processor cores and 12 Gb of RAM. Based on the appendable blocks concept described in Section 4, B-FERL supports adding transactions of a specific CAV to a block. This block is used to identify the CAV in the lower tier and stores all of its records.

The initial experiments aim to identify the project viability, and thus enable us to plan ahead

Discussion

In this section, we provide a further discussion considering the security, Use cases as well a comparative evaluation of B-FERL against related work.

Conclusion

In this paper, we have presented a Blockchain based Framework for sEcuring smaRt vehicLes (B-FERL). The purpose of B-FERL is to identify when an ECU of a smart vehicle have been compromised by querying the internal state of the vehicle and escalate identified compromise to requisite authorities such as the road transport and legal authority who takes necessary measure to prevent such compromised vehicles from causing harm to the vehicular network. Given this possibility, B-FERL doubles as a

CRediT authorship contribution statement

Chuka Oham: Idea of the manuscript, Writing - original draft, Literature review, System design, Security analysis, Comparative evaluations and selection, Justification for evaluation parameters. Regio A. Michelin: Writing - original draft, Designed and developed the simulation environment. Raja Jurdak: Writing - review & editing, Offering timely and critical suggestions to improve the quality of the paper. Salil S. Kanhere: Writing - review & editing, Offering timely and critical suggestions to

Acknowledgment

This work has been supported by Cyber Security Cooperative Research Centre Limited (CSCRC) whose activities are partially funded by the Australian Government’s Cooperative Research Centres Program .

References (40)

LiL. et al.
Creditcoin: A privacy-preserving blockchain-based incentive announcement network for communications of smart vehicles
IEEE Transactions on Intelligent Transportation Systems
(2018)
AkosanN. et al.
Scalable embedded device attestation
(2015)
AloqailyMoayad et al.
An intrusion detection system for connected vehicles in smart cities, Volume 90
(2019)
BaniataH. et al.
PF-BTS: A privacy-aware fog-enhanced blockchain-assisted task scheduling
Information Processing and Management
(2021)
BerdikaD. et al.
A survey on blockchain for
Information Systems Management and Security Information Processing and Management
(2020)
ButtT.A. et al.
Privacy management in social internet of vehicles: Review, challenges and blockchain based solutions in
IEEE Access
(2019)
ChattopadhyayAnupam et al.
Autonomous vehicle: security by design
(2018)
ChenJ. et al.
TMEC: A trust management based on evidence combination on attack-resistant and collaborative internet of vehicles
(2017)
ChenaQ. et al.
An incentive-aware blockchain-based solution for internet of fake media things
Information Processing and Management
(2020)
Autonomous car network security platform based on blockchain
(2018)

van Dijk, Luc (2017). Future vehicle networks and ecus architecture and technology considerations, NXP Semiconductors,...

DingQ. et al.

Reputation-based trust model in vehicular Ad-Hoc networks

(2010)

DorriA. et al.

A distributed solution to automotive security and privacy

(2017)

DotzerF. et al.

Vars: a vehicle ad-hoc network reputation system

FulbrightNorton Rose

Autonomous vehicles: The legal landscape of dedicated short range communication in the US, UK and Germany

(2017)

GreenbergAndy

Hackers remotely kill a jeep on the highway – with me in it. Andy greenberg security

(2015)

Han, Kyusuk, Weimerskirch, André, & Shin, Kang G. (2014). Automotive cybersecurity for in-vehicle communication IQT...

HeijdenR. et al.

Scalability for resource-constrained accountable vehicle-to-x communication

KangJiawen et al.

Towards secure blockchain-enabled internet of vehicles: Optimizing consensus management using reputation and contract theory

(2018)

LiW. et al.

ART: An attack-resistant trust management scheme for securing vehicular ad hoc networks

IEEE Transactions on Intelligent Transportation Systems

(2016)

Cited by (92)

Blockchain meets Internet of Things (IoT) forensics: A unified framework for IoT ecosystems
2023, Internet of Things (Netherlands)
With the continuously increasing number of security incidents targeting sensors, embedded devices, and other electronics appliances and systems that comprise the so-called Internet of things (IoT), the field of IoT forensics emerged as a branch of digital forensics focusing on the investigation of attacks in the IoT ecosystem. Digital evidence authenticity, integrity, confidentiality, and privacy are among the factors affecting the investigation process in IoT forensics, which can be addressed by employing the blockchain as the means not only for the preservation of digital evidence, but also for other steps of a digital forensics investigation process. The high-level goal of the paper is three-fold: to establish a holistic IoT forensics process as a reference point against which blockchain integration patterns and best practices will be identified in order to yield a robust, widely accepted and scalable architecture of the blockchain-enabled solution; to integrate the blockchain with the proposed IoT forensics process for addressing the above challenges; and to evaluate the overall solution highlighting improvements and potential performance bottlenecks. The proposed blockchain-enabled platform leverages multi-access edge computing and has been implemented with Hyperledger Fabric on an extensive virtualized testbed providing a realistic smart home environment. A thorough evaluation was conducted with real cyber-attacks generating digital evidence at high rates for testing the platform’s behavior at high load. The experimental results showed that the proposed platform achieved high throughput, excessively low latency, and zero error rate in the operation of the blockchain network.
Blockchain from the information systems perspective: Literature review, synthesis, and directions for future research
2023, Information and Management
This paper profiled blockchain studies in information systems (IS) journals from 2016 to 2022. Drawing on the 443 selected articles from 77 IS journals, we proposed a classification scheme from the IS perspective. Current blockchain articles are highly skewed, focusing on research agendas and system design. We proposed a theoretical framework by summarizing the current status of the blockchain literature and highlighting 15 future research questions for the IS research community. We are optimistic that the proposed framework and future research questions can guide blockchain research and advance its scale and impact.
Impacts of 5G on cyber-physical risks for interdependent connected smart critical infrastructure systems
2023, International Journal of Critical Infrastructure Protection
5 G technology promises a wide range of benefits for critical infrastructure (CI), including improved reliability, increased efficiency, cost savings, and increased worker safety. However, it also brings many new risks that CI owners and operators must be prepared for to facilitate effective risk mitigation and response. These risks, however, have not been systematically assessed for CI systems. This paper investigates how the cyber-physical risk landscape will be impacted by 5 G for four major CI sectors in detail: smart transportation, smart water, smart power, and smart oil and gas networks. Compared to prior work only examining a single CI network, the authors present a comprehensive assessment of the types of threats that these sectors can expect based on past incidents, the new vulnerabilities introduced by 5 G and existing vulnerabilities exacerbated by the introduction of more connected devices, along with mitigation recommendations for each risk. Risks associated with the rollout of and transition to 5 G, risks from 5 G network disruptions, cyberattack risks, and privacy risks are included. While each of the sectors has a unique risk profile, general themes also emerged across multiple CI networks. Notably, there will be an increased number of threat vectors from smart devices reliant on the telecommunications network to provide monitoring and control of infrastructure services. Because many of these devices are accessible by the public, the risk of social engineering attacks and vulnerability to physical hacking are exacerbated. Successful risk mitigation requires collaboration among CI's many stakeholders to implement security measures at the interfaces between connected devices to limit the access to assets in case one security measure is successfully bypassed. Due to the increased interdependencies between CI networks, operators must create backup plans to keep the most essential services running on a smaller bandwidth in case of a 5 G outage or similar failure. As 5 G capabilities continue to develop and the risk landscape evolves, ongoing research is needed and CI owners and operators should be prepared to update security measures to remain ahead of identified risks and threats.
A Survey on Role of Blockchain for IoT: Applications and Technical Aspects
2023, Computer Networks
In recent times, IoT has emerged as a new paradigm for the interconnection of heterogeneous, resource-constrained, and communication-capable smart devices. It has been anticipated as a key enabler for various domains of applications such as health care, automotive, agriculture, industrial operations, automation, energy, and the next generation of living. However, the current IoT applications face significant challenges in terms of the huge amount of collected data, intensive data exchange, security, privacy, centralized processing, and interoperability. To mitigate many of these issues, blockchain has been identified as a promising innovative technology. Blockchain, in conjunction with smart contracts, has received significant attention both from the industry and academia and offers features such as irreversibility, non-repudiation, proof of provenance, fault tolerance, pseudonymity, decentralized operations and decision-making, and distributed ledger. The integration of blockchain with IoT requires essential insights concerning the application areas, scalability, security, privacy, data college and storage, performance, and governance. Thus, this paper intends to expound on the opportunities and key aspects of using blockchain in the IoT landscape. Specifically, this paper surveys the utilization of blockchain for various IoT applications. Besides, the paper distinguishes different technical aspects and presents the associated research challenges. At last, future research directions are discussed depending on the lessons learned.
Performance analysis of a private blockchain network built on Hyperledger Fabric for healthcare
2023, Information Processing and Management
The healthcare industry suffers from poor interoperability due to its fragmented communication systems. Each medical institution has a communication system that is not necessarily compatible with the other systems on the same network. Poor communication has serious implications for patients, resources, and costs. The literature proposes blockchain technology as a governance data management system that optimizes the flow of information between multiple organizations by providing a trust component. However, much of the literature is conceptual and addresses blockchain in healthcare in a very general way. This paper contributes to the literature by presenting the use of Hyperledger Fabric in healthcare to improve information flow and solve the fragmentation problem between two medical institutions. In addition, two rate controllers on Hyperledger Caliper are used to evaluate the performance of our network: fixed and linear. We believe that our work will be useful for those working in value chains in healthcare and academia.
Functional analysis of blockchain consensus algorithms
2023, Distributed Computing to Blockchain: Architecture, Technology, and Applications
The underlying notion of blockchain block verification is represented by consensus algorithms in the blockchain that validates the safety and liveliness of a publicly accessible ledger system. It specifies the requirements that nodes and validators must achieve before new blocks can be added to the blockchain. It is the foundation concept of the whole cryptocurrency sector that develops a protocol that enables the timely dissemination and atomic broadcast of messages between nodes. It is crucial because it specifies how a distributed consensus is established and maintained in a number of different ways, all of which serve as the idea behind the defining components of blockchain technology: a decentralized, distributed, public ledger. The first blockchain consensus algorithm was proof of work (PoW). It was introduced with the advent of the Bitcoin blockchain. It was originally proposed by Dwork and Naor in 1993 to avoid e-mail spamming. The introduction of Bitcoin led developers to experiment with blockchain technology, leading to the development of novel consensus mechanisms. After proof of work (PoW), Ethereum’s proof of stake (PoS) and VeChain’s proof of authority (PoA) are two of the most widely used consensus techniques today. Other consensus methods prioritize a certain criterion to achieve agreement and allow transaction validation and block generation (contribution, service power, etc.). This chapter covers a detailed interpretation of algorithms for blockchain consensus, as well as the necessity for lightweight blockchain for resource-constrained devices and an enhanced PBFT blockchain consensus mechanism based on a reward and punishment scheme.

View all citing articles on Scopus

View full text

B-FERL: Blockchain based framework for securing smart vehicles

Highlights

Abstract

Introduction

Section snippets

Related work

B-FERL overview and threat model

Blockchain based framework for sEcuring smaRt vehicles (B-FERL)

Performance evaluation

Discussion

Conclusion

CRediT authorship contribution statement

Acknowledgment

IEEE Transactions on Intelligent Transportation Systems

Scalable embedded device attestation

An intrusion detection system for connected vehicles in smart cities, Volume 90

PF-BTS: A privacy-aware fog-enhanced blockchain-assisted task scheduling

Information Processing and Management

A survey on blockchain for

Information Systems Management and Security Information Processing and Management

Privacy management in social internet of vehicles: Review, challenges and blockchain based solutions in

IEEE Access

Autonomous vehicle: security by design

TMEC: A trust management based on evidence combination on attack-resistant and collaborative internet of vehicles

An incentive-aware blockchain-based solution for internet of fake media things

Information Processing and Management

Autonomous car network security platform based on blockchain

Reputation-based trust model in vehicular Ad-Hoc networks

A distributed solution to automotive security and privacy

Vars: a vehicle ad-hoc network reputation system

Autonomous vehicles: The legal landscape of dedicated short range communication in the US, UK and Germany

Hackers remotely kill a jeep on the highway – with me in it. Andy greenberg security

Scalability for resource-constrained accountable vehicle-to-x communication

Towards secure blockchain-enabled internet of vehicles: Optimizing consensus management using reputation and contract theory

ART: An attack-resistant trust management scheme for securing vehicular ad hoc networks

IEEE Transactions on Intelligent Transportation Systems