Hardware Implementation of an Enhanced Securityand Authentication-Related Automotive CAN Bus Prototype

Authors

  • Asmae Zniti Faculty of Sciences and Technology (FST), University Sidi Mohamed Ben Abdellah, Signals Systems and Components Laboratory (LSSC), Fez, Morocco.
  • Nabih EL Ouazzani Faculty of Sciences and Technology (FST), University Sidi Mohamed Ben Abdellah, Signals Systems and Components Laboratory (LSSC), Fez, Morocco.

Abstract

In this paper a new security technique aiming to ensure safe and reliable communications between different nodes on an automotive Controller Area Network (CAN) is presented. The proposed method relies on a robust authentication code using Blake-3 as a hash algorithm within an adapted structure that includes a monitor node. A prototype is implemented and run effectively to perform hardware simulations of real case-based security problems of automotive embedded CAN systems. As a result, data transfer can take place on a newly enhanced CAN bus according to the standard protocol without being intercepted nor tampered with by unauthorized parties thereby highlighting the effectiveness of the proposed technique.

Author Biographies

Asmae Zniti, Faculty of Sciences and Technology (FST), University Sidi Mohamed Ben Abdellah, Signals Systems and Components Laboratory (LSSC), Fez, Morocco.

Asmae Zniti received the Master’s degree in Industrial Engineering from Sidi Mohamed Ben Abdellah University, Faculty of Sciences and Technology, Fez, Morocco (FST –Fez). I'am currently pursuing the PhD degree in Automotive Electronics with the Laboratory of signals, systems and components (LSSC), FST –Fez. The research interests include controller area network security,  cryptographic and authentication.

Nabih EL Ouazzani, Faculty of Sciences and Technology (FST), University Sidi Mohamed Ben Abdellah, Signals Systems and Components Laboratory (LSSC), Fez, Morocco.

received the Ph.D degree in microwave circuits,
especially microwave filters, from the University of Limoges - France at the Xlim institute in 1995. Since then he has been a professor at the faculty of sciences and technology – Fez, Morocco (FST –Fez) and a member of the Laboratory of signals, systems and components (LSSC). He has been carrying out several activities with respect to research and education. The disciplines that are relevant to his expertise are high frequency technology and telecommunication devices. He is also involved in the research area of 
embedded systems particularly in the field of automotive with regard to the VLSI and MMIC circuits protection and networks security. He co-organized many international conferences related the ICT and telecommunication
subjects in Morocco and participated in scientific committees.

References

P. Mundhenk, ”Security for Automotive Electrical / Electronic ( E / E )

Architectures”, Cuvillier Verlag, Gottingen, Germany, 2017. ¨

”‘ECU’ is a Three Letter Answer for all the Innovative Features

in Your Car: Know How the Story Unfolded”, Embitel, 2017. [Online]. https://www.embitel.com/blog/embeddedblog/automotive-controlunits-development-innovationsmechanical-to-electronics. [Accessed: 23-

May-2018].

R. Buttigieg, M. Farrugia, and C. Meli, ”Security Issues in Controller

Area Networks in Automobiles”, in 18th international conference on

Sciences and Techniques of Automatic Control Computer Engineering,

, pp. 21–23. https://doi.org/10.1109/STA.2017.8314877

P. Carsten, T. R. Yampolskiy, and J.T. Macdonald, ”In-vehicle networks:

Attacks, vulnerabilities, and proposed solutions”, In Proceedings of the

th Annual Cyber and Information Security Research Conference. Oak Ridge. (p. 1). (2015). https://doi.org/10.1145/2746266.2746267

M. Rogers, ”How we hacked a Tesla Model S in 30 minutes”. Black Hat,

https://www.blackhat.com/us-15/briefings.htmlhow-we-hacked-atesla-model-s-in-30-minutes.

S. Nie, L. Liu, and Y. Du, “Free-fall: hacking tesla from wireless to can bus”, Briefing, Black Hat USA, pp. 1–16, 2017.

https://doi.org/10.1145/2746266.2746267

A. Zniti, and N. E. Ouazzani, ”Implementation of a bluetooth attack on

controller area network (CAN)”, Indonesian Journal of Electrical Engineering and Computer Science. 21. 321. 10.11591/ijeecs.v21.i1.pp321-327, 2020. https://doi.org/10.11591/ijeecs.v21.i1.pp321-327

S. Woo, H. J. Jo, and D. H. Lee, “A Practical Wireless Attack

on the Connected Car and Security Protocol for In-Vehicle CAN”,

IEEE Trans. Intell. Transp. Syst, vol. 16, no. 2, pp. 993–1006, 2015.

https://doi.org/10.1109/TITS.2014.2351612

C. Miller, and C. Valasek, ”Remote exploitation of an unaltered passenger vehicle”, Black Hat USA 2015.

S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S.

Savage, K. Koscher, A. Czeskis, F. Roesner, and T. Kohno, ”Comprehensive Experimental Analyses of Automotive Attack Surfaces”, Proc. USENIX Security Symposium, 2011.

J. E. Siegel, D. C. Erb, and S. E. Sarma, “A survey of the

connected vehicle landscape-architectures, enabling technologies, applications, and development areas,” IEEE Transactions on Intelligent Transportation Systems, vol. 19, no. 8, pp. 2391–2406, 2018.

https://doi.org/10.1109/TITS.2017.2749459

J. Liu, S. Zhang, W. Sun, and Y. Shi, “In-vehicle network attacks and

countermeasures: challenges and future directions”, IEEE Network, vol. 31, no. 5, pp. 50–58, 2017. https://doi.org/10.1109/MNET.2017.1600257

Z. El-Rewini, K. Sadatsharan, D. F. Selvaraj, S. J. Plathottam, and P.

Ranganathan, ”Cybersecurity challenges in vehicular communications”,

Veh. Commun. 2020. https://doi.org/10.1016/j.vehcom.2019.100214

K.S. Mohamed, ”Cryptography Concepts: Integrity, Authentication,

Availability, Access Control, and Non-repudiation”. In New Frontiers in

Cryptography: Quantum, Blockchain, Lightweight, Chaotic and DNA,

Springer International Publishing: Cham, Switzerland, 2020, pp. 41–63. https://doi.org/10.1007/978-3-030-58996-73

R. Bosch GmbH, “CAN Specification, version 2.0”, 1991.

Y. Lv, W. Tian and S. Yin, ”Design and Confirmation of a CAN

bus Controller Model with Simple User Interface”, Fifth International

Conference on Instrumentation and Measurement, Computer, Communication and Control (IMCCC), Qinhuangdao, 2015, pp. 640-644, https://doi.org/10.1109/IMCCC.2015.140

M. Di Natale, H. Zeng, P. Giusto, and A. Ghosal, ”Understanding and using the controller area network communication protocol:

theory and practice”, Springer Science Business Media, NY, 2012.

https://doi.org/10.1007/978-1-4614-0314-2

A. Zniti and N. El Ouazzani, ”Improvement of the Authentication on InVehicle Controller Area Networks”, Embedded Systems and Artificial

Intelligence, vol. 1076, pp. 23-32, 2020. https://doi.org/10.1007/978-981-15-0947-63

S. Neves, J. O’Connor, J.P. Aumasson, and Z. Wilcox-O’Hearn,

”BLAKE3: One function, fast everywhere”, GitHub, 2020.

https://blake3.io.

J. P. Aumasson, S. Neves, Z. W. O’Hearn, and C. Winnerlein, “BLAKE2:

Simpler, smaller, fast as MD5”, In Applied Cryptography and Network

Security, 2013, pp.119–135. https://doi.org/10.1007/978-3-642-38980-18

D.Rachmawati, J. Tarigan, and A. Ginting, ”A comparative study

of message digest 5 (md5) and sha256 algorithm Journal of

Physics”, Conference Series, Vol. 978, IOP Publishing (2018).

https://doi.org/10.1088/1742-6596/978/1/012116

Downloads

Published

2024-04-19

Issue

Vol. 69 No. 1 (2023)

Section

Security, Safety, Military

License

Copyright (c) 2023 International Journal of Electronics and Telecommunications

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

1. License

The non-commercial use of the article will be governed by the Creative Commons Attribution license as currently displayed on https://creativecommons.org/licenses/by/4.0/.

2. Author’s Warranties

The author warrants that the article is original, written by stated author/s, has not been published before, contains no unlawful statements, does not infringe the rights of others, is subject to copyright that is vested exclusively in the author and free of any third party rights, and that any necessary written permissions to quote from other sources have been obtained by the author/s. The undersigned also warrants that the manuscript (or its essential substance) has not been published other than as an abstract or doctorate thesis and has not been submitted for consideration elsewhere, for print, electronic or digital publication.

3. User Rights

Under the Creative Commons Attribution license, the author(s) and users are free to share (copy, distribute and transmit the contribution) under the following conditions: 1. they must attribute the contribution in the manner specified by the author or licensor, 2. they may alter, transform, or build upon this work, 3. they may use this contribution for commercial purposes.

4. Rights of Authors

Authors retain the following rights:

- copyright, and other proprietary rights relating to the article, such as patent rights,

- the right to use the substance of the article in own future works, including lectures and books,

- the right to reproduce the article for own purposes, provided the copies are not offered for sale,

- the right to self-archive the article

- the right to supervision over the integrity of the content of the work and its fair use.

5. Co-Authorship

If the article was prepared jointly with other authors, the signatory of this form warrants that he/she has been authorized by all co-authors to sign this agreement on their behalf, and agrees to inform his/her co-authors of the terms of this agreement.

6. Termination

This agreement can be terminated by the author or the Journal Owner upon two months’ notice where the other party has materially breached this agreement and failed to remedy such breach within a month of being given the terminating party’s notice requesting such breach to be remedied. No breach or violation of this agreement will cause this agreement or any license granted in it to terminate automatically or affect the definition of the Journal Owner. The author and the Journal Owner may agree to terminate this agreement at any time. This agreement or any license granted in it cannot be terminated otherwise than in accordance with this section 6. This License shall remain in effect throughout the term of copyright in the Work and may not be revoked without the express written consent of both parties.

7. Royalties

This agreement entitles the author to no royalties or other fees. To such extent as legally permissible, the author waives his or her right to collect royalties relative to the article in respect of any use of the article by the Journal Owner or its sublicensee.

8. Miscellaneous

The Journal Owner will publish the article (or have it published) in the Journal if the article’s editorial process is successfully completed and the Journal Owner or its sublicensee has become obligated to have the article published. Where such obligation depends on the payment of a fee, it shall not be deemed to exist until such time as that fee is paid. The Journal Owner may conform the article to a style of punctuation, spelling, capitalization and usage that it deems appropriate. The Journal Owner will be allowed to sublicense the rights that are licensed to it under this agreement. This agreement will be governed by the laws of Poland.

By signing this License, Author(s) warrant(s) that they have the full power to enter into this agreement. This License shall remain in effect throughout the term of copyright in the Work and may not be revoked without the express written consent of both parties.