A Hardware Based Solution for Freshness of Secure Onboard Communication in Vehicles

  • Sigrid GürgensEmail author
  • Daniel Zelle
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11387)


Information Technology has become eminent in the development of modern cars. More than 50 Electronic Control Units (ECUs) realize vehicular functions in hardware and software, ranging from engine control and infotainment to future autonomous driving systems. Not only the connections to the outside world pose new threats, also the in-vehicle communication between ECUs, realized with bus systems like CAN, needs to be protected against manipulation and replay of messages. Multiple countermeasures were presented in the past making use of Message Authentication Codes and specific values to provide message freshness, most prominently AUTOSAR’s Secure Onboard Communication (SecOC). However, the currently considered solutions exhibit deficiencies which are hard if not impossible to overcome within the scope of the respective approaches. In this paper we present a new, hardware-based approach that avoids these deficiencies and formally prove its freshness properties.


Security Automotive engineering Formal analysis Replay protection Freshness 


  1. 1.
    AUTOSAR: Specification of Module Secure Onboard Communication, Classic Platform, December 2017Google Scholar
  2. 2.
    Chavez, M.L., Rosete, C.H., Henriquez, F.R.: Achieving confidentiality security service for CAN. In: 15th International Conference on Electronics, Communications and Computers, CONIELECOMP 2005, pp. 166–170, February 2005Google Scholar
  3. 3.
    Elend, B., Adamson, T.: Cyber security enhancing CAN transceivers. In: Proceedings of the 16th International CAN Conference (2017)Google Scholar
  4. 4.
    Grimm, R., Ochsenschläger, P.: Binding cooperation, a formal model for electronic commerce. Comput. Netw. 37, 171–193 (2001)CrossRefGoogle Scholar
  5. 5.
    Groza, B., Murvay, S., van Herrewege, A., Verbauwhede, I.: LiBrA-CAN: a lightweight broadcast authentication protocol for controller area networks. In: Pieprzyk, J., Sadeghi, A.-R., Manulis, M. (eds.) CANS 2012. LNCS, vol. 7712, pp. 185–200. Springer, Heidelberg (2012). Scholar
  6. 6.
    Gürgens, S., Ochsenschläger, P., Rudolph, C.: Authenticity and provability — a formal framework. In: Davida, G., Frankel, Y., Rees, O. (eds.) InfraSec 2002. LNCS, vol. 2437, pp. 227–245. Springer, Heidelberg (2002). Scholar
  7. 7.
    Road vehicles - Controller Area Network (CAN). Standard, International Organization for Standardization, Geneva, CH, December 2015Google Scholar
  8. 8.
    Koscher, K., et al.: Experimental security analysis of a modern automobile. In: 2010 IEEE Symposium on Security and Privacy, pp. 447–462, May 2010.
  9. 9.
    Lu, S.: Vehicle Survivability and Travel Mileage Schedules. NHTSA’s National Center for Statistics and Analysis, Washington, DOT HS 809 952 edn. (2006)Google Scholar
  10. 10.
    Miller, C., Valasek, C.: A survey of remote automotive attack surfaces. In: Black Hat USA (2014)Google Scholar
  11. 11.
    Nilsson, D.K., Larson, U.E., Jonsson, E.: Efficient in-vehicle delayed data authentication based on compound message authentication codes. In: 2008 IEEE 68th Vehicular Technology Conference, pp. 1–5, September 2008Google Scholar
  12. 12.
    Nürnberger, S., Rossow, C.: – vatiCAN – vetted, authenticated CAN bus. In: Gierlichs, B., Poschmann, A.Y. (eds.) CHES 2016. LNCS, vol. 9813, pp. 106–124. Springer, Heidelberg (2016). Scholar
  13. 13.
    Radu, A.-I., Garcia, F.D.: LeiA: a lightweight authentication protocol for CAN. In: Askoxylakis, I., Ioannidis, S., Katsikas, S., Meadows, C. (eds.) ESORICS 2016. LNCS, vol. 9879, pp. 283–300. Springer, Cham (2016). Scholar
  14. 14.
    Schweppe, H., et al.: EVITA deliverable D3.3: secure on-board protocols specifcation. Technical report, EVITA, July 2011Google Scholar
  15. 15.
    Siddiqui, A.S., Gui, Y., Plusquellic, J., Saqib, F.: Secure communication over CAN bus. In: 2017 IEEE 60th International Midwest Symposium on Circuits and Systems (MWSCAS), pp. 1264–1267, August 2017Google Scholar
  16. 16.
    Szilagyi, C., Koopman, P.: Flexible multicast authentication for time-triggered embedded control network applications. In: 2009 IEEE/IFIP International Conference on Dependable Systems Networks, pp. 165–174, June 2009Google Scholar
  17. 17.
    Ueda, H., Kurachi, R., Takada, H., Mizutani, T., Inoue, M., Horihata, S.: Security authentication system for in-vehicle network. SEI Tech. Rev. 81, 5–9 (2015)Google Scholar
  18. 18.
    Zou, Q., et al.: The study of secure CAN communication for automotive applications. In: SAE Technical Paper. SAE International, March 2017Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Fraunhofer Institute for Secure Information TechnologyDarmstadtGermany

Personalised recommendations