Design and Implementation of Security Function According to Routing Method in Automotive Gateway

Abstract

In recent years, vehicle networks require high bandwidth due to the increasing complexity of electronic control devices for vehicles due to the demand for advanced driving aids, infotainment and V2X communication. Therefore, Ethernet protocol was introduced and vehicle gateway system was newly introduced in vehicle system. The vehicle gateway system provides an interface for continuously connecting and exchanging vehicle data in different communication environments between the Controller Area Network (CAN) protocol and the Ethernet network protocol. There are two types of data exchange in the vehicle gateway. These are direct routing and indirect routing. Vehicle gateways are connected to external networks, which can lead to security vulnerabilities. So it needs security function to ensure message integrity. Recently, vehicle manufacturers have introduced gateway systems with security features that operate to verify the integrity of messages using cipher-based message authentication codes (CMAC). But applying security functions to a gateway system introduces delays in performing security functions. Therefore, in this paper, to design stable and efficient the vehicle gateway system with security function, we have tested and evaluated the latency time that can occur according to the routing methods which are direct routing and indirect routing.

This is a preview of subscription content, access via your institution.

References

  1. Andreas, L. (2019). https://www.gsaglobal.org/wp-content/uploads/2019/05/Trends-of-Future-EE-Architectures.pdf

  2. AUTOSAR (2016). Specification of Crypto Service Manager. AUTOSAR CP Release 4.3.0.

  3. AUTOSAR (2017). Specification of SOME/IP Transformer. AUTOSAR CP Release 4.3.1.

  4. Bittl, S. (2014). Attack potential and efficient security enhancement of automotive bus networks using short MACs with rapid key change. Int. Workshop on Communication Technologies for Vehicles, Offenburg, Germany.

  5. Dworkin, M. (2005). Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication. NIST Special Publication 800-38B.

  6. Hu, Q. and Luo, F. (2018). Review of secure communication approaches for in-vehicle network. Int. J. Automotive Technology 19,5, 879–894.

    Article  Google Scholar 

  7. Infineon Technologies AG (2019). https://www.infineon.com/dgdl/Infineon-Automotive-Application-Guide-2019-ABR-v01_00-EN.pdf

  8. Kawahara, K., Matsubara, Y. and Takada, H. (2014). A simulation environment and preliminary evaluation for automotive CAN-ethernet AVB networks. arXiv: 1409.0998.

  9. Kim, D., Shin, E., Park, J. S., KyungSu, L. E. E., Gui, K. C. and Scheibert, K. (2017). Secure Boot Implementation for Hard Real-Time Powertrain System. SAE Technical Paper No. 2017-01-1656.

  10. Lastinec, J. and Hudec, L. (2016). Comparative analysis of TCP/IP security protocols for use in vehicle communication. 2016 17th Int. Carpathian Control Conf. (ICCC), High Tatras, Tatranská Lomnica, Slovak Republic.

  11. IEEE Std 1722TM (2016). IEEE Standard for a Transport Protocol for Time-Sensitive Application in Bridged Local Area Networks.

  12. Lim, H. T., Herrscher, D., Waltl, M. J. and Chaari, F. (2012). Performance analysis of the IEEE 802.1 ethernet audio/video bridging standard. SimuTools, 27–36.

  13. Lee, Y. S., Kim, J. H. and Jeon, J. W. (2014). Automotive diagnostic gateway using diagnostic over internet protocol. IEIE Trans. Smart Processing & Computing, 3,5, 313–318.

    Article  Google Scholar 

  14. Ruddle, A., Ward, D., Weyl, B., Idrees, S., Roudier, Y., Friedewald, M., Leimbach, T., Fuchs, A., Gürgens, S., Henniger, O., Rieke, R., Ritscher, M., Broberg, H., Apvrille, L., Pacalet, R., Pedroza, G. (2009). Security Requirements for Automotive On-board Networks Based on Dark-side

  15. Scenarios. EVITA Deliverable D, 2, 3.

  16. Wang, E., Xu, W., Sastry, S., Liu, S. and Zeng, K. (2017). Hardware module-based message authentication in intra-vehicle networks. 2017 ACM/IEEE 8th Int. Conf. Cyber-Physical Systems (ICCPS), Pittsburgh, PA, USA.

Download references

Acknowledgement

The authors and co-authors would like to thank Lee hyun-jung, CTO of FESCARO, and Hong Seok-min, CEO of FESCARO for their advice on the gateway routing method and security approach.

Author information

Affiliations

Authors

Corresponding author

Correspondence to Jin Seo Park.

Additional information

Publisher’s Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Park, J.S., Kim, D.H. & Suh, I.H. Design and Implementation of Security Function According to Routing Method in Automotive Gateway. Int.J Automot. Technol. 22, 19–25 (2021). https://doi.org/10.1007/s12239-021-0003-9

Download citation

Key Words

  • Automotive
  • Cybersecurity
  • Gateway
  • HSM
  • CMAC
  • CANFD
  • Ethernet