State-of-the-art survey of in-vehicle protocols and automotive Ethernet security and vulnerabilities

Aida Ben Chehida Douss; Ryma Abassi; Damien Sauveron; Aida Ben Chehida Douss; Ryma Abassi; Damien Sauveron

doi:10.3934/mbe.2023761

Mathematical Biosciences and Engineering

2023, Volume 20, Issue 9: 17057-17095. doi: 10.3934/mbe.2023761

Previous Article Next Article

Research article Special Issues

State-of-the-art survey of in-vehicle protocols and automotive Ethernet security and vulnerabilities

1.
Innov'COM, Sup'com, University of Carthage, Tunis, Tunisia
2.
MathIS, XLIM, UMR CNRS 7252, University of Limoges, Limoges, France

Academic Editor: Jong Hyuk Park

Received: 08 April 2023 Revised: 20 May 2023 Accepted: 24 June 2023 Published: 29 August 2023

With the help of advanced technology, the automotive industry is in continuous evolution. Modern vehicles are not only comprised of mechanical components but also contain highly complex electronic devices and connections to the outside world. Today's vehicle usually has between 30 and 70 ECUs (Electronic Control Units), which communicate with each other over standard communication protocols. There are different types of in-vehicle network protocols and bus systems, including the Controlled Area Network (CAN), Local Interconnected Network (LIN), FlexRay, Media Oriented System Transport (MOST), and Automotive Ethernet (AE). Modern cars are also able to communicate with other devices through wired or wireless interfaces such as USB, Bluetooth, Wi-Fi or even 5G. Such interfaces may expose the internal network to the outside world and can be seen as entry points for cyber-attacks. In this paper, the main interest is in the AE network protocol. AE is a special Ethernet design that provides the bandwidth needed for today's applications, and the potential for even greater performance in the future. However, AE is a "best effort" protocol, which cannot be considered reliable. This implies that it is not trustworthy in terms of reliability and timely deliveries. The focus of this paper is to present a state-of-the-art survey of security threats and protection mechanisms relating to AE. After introducing and comparing the different protocols being used in the embedded networks of current vehicles, we analyze the potential threats targeting the AE network and describe how attackers' opportunities can be enhanced by the new communication abilities of modern cars. Finally, we present and compare the AE security solutions currently being devised to address these problems and propose some recommendations and challenges to deal with security issue in AE protocol.
- modern vehicles,
- ECU,
- in-vehicle network communication,
- automotive Ethernet,
- AE security
Citation: Aida Ben Chehida Douss, Ryma Abassi, Damien Sauveron. State-of-the-art survey of in-vehicle protocols and automotive Ethernet security and vulnerabilities[J]. Mathematical Biosciences and Engineering, 2023, 20(9): 17057-17095. doi: 10.3934/mbe.2023761

Related Papers:

Abstract

With the help of advanced technology, the automotive industry is in continuous evolution. Modern vehicles are not only comprised of mechanical components but also contain highly complex electronic devices and connections to the outside world. Today's vehicle usually has between 30 and 70 ECUs (Electronic Control Units), which communicate with each other over standard communication protocols. There are different types of in-vehicle network protocols and bus systems, including the Controlled Area Network (CAN), Local Interconnected Network (LIN), FlexRay, Media Oriented System Transport (MOST), and Automotive Ethernet (AE). Modern cars are also able to communicate with other devices through wired or wireless interfaces such as USB, Bluetooth, Wi-Fi or even 5G. Such interfaces may expose the internal network to the outside world and can be seen as entry points for cyber-attacks. In this paper, the main interest is in the AE network protocol. AE is a special Ethernet design that provides the bandwidth needed for today's applications, and the potential for even greater performance in the future. However, AE is a "best effort" protocol, which cannot be considered reliable. This implies that it is not trustworthy in terms of reliability and timely deliveries. The focus of this paper is to present a state-of-the-art survey of security threats and protection mechanisms relating to AE. After introducing and comparing the different protocols being used in the embedded networks of current vehicles, we analyze the potential threats targeting the AE network and describe how attackers' opportunities can be enhanced by the new communication abilities of modern cars. Finally, we present and compare the AE security solutions currently being devised to address these problems and propose some recommendations and challenges to deal with security issue in AE protocol.

References

[1]	S. Tariq, S. Y. Lee, H. K. Kim, S. S. Woo, CAN-ADF: The controller area network attack detection framework, Comput. Secur., 94 (2020), 101857. https://doi.org/10.1016/j.cose.2020.101857 doi: 10.1016/j.cose.2020.101857
[2]	C. Corbett, E. Schoch, F. Kargl, P. Felix, Automotive Ethernet: Security opportunity or challenge?, 2016 (2016), 45–54.
[3]	S. Jadhav, D. Kshirsagar, A survey on security in automotive networks, in 2018 Fourth International Conference on Computing Communication Control and Automation (ICCUBEA), (2018), 1–6. https://doi.org/10.1109/ICCUBEA.2018.8697772
[4]	C. M. Kozierok, C. Correa, R. B. Boatright, J. Quesnelle, Automotive ethernet: The definitive guide, Intrepid Control Syst., 2014 (2014).
[5]	I. ISO, Road Vehicles—Low-Speed Serial Data Communication—Part 1: General and Definitions, International Organization for Standardization, 1994.
[6]	I. ISO, Road Vehicles–Controller Area Network (CAN), International Organization for Standardization, 2015.
[7]	H. Zhang, X. Meng, X. Zhang, Z. Liu, CANsec A practical in-vehicle controller area network security evaluation tool, Sensors, 20 (2020), 4900. https://doi.org/10.3390/s20174900 doi: 10.3390/s20174900
[8]	S. F. Lokman, A. T. Othman, M. H. Abu-Bakar, Intrusion detection system for automotive Controller Area Network (CAN) bus system: a review, J. Wireless Comput. Network, 184 (2019). https://doi.org/10.1186/s13638-019-1484-3
[9]	Total Phase, What is CAN bus protocol?, 2019. Available from: https://www.totalphase.com/blog/2019/08/5-advantages-of-can-bus-protocol/.
[10]	ISO, Road vehicles—Controller Area Network (CAN)—Part 1: Data link layer and physical signaling, International Organization for Standardization, 2015.
[11]	H. Qiang, L. Feng, Review of secure communication approaches for in-vehicle network, Int. J. Autom. Technol., 19 (2018), 879–894. https://doi.org/10.1007/s12239-018-0085-1 doi: 10.1007/s12239-018-0085-1
[12]	ISO, Road Vehicles Local Interconnect Network (LIN), International Organization for Standardization, 2019.
[13]	J. M. Ernst, A. J. Michaels, LIN bus security analysis, in IECON 2018-44th Annual Conference of the IEEE Industrial Electronics Society, (2018), 2085–2090. https://doi.org/10.1109/IECON.2018.8592744
[14]	J. Huang, M. Zhao, Y. Zhou, C. Xing, In-vehicle networking: Protocols, challenges, and solutions, IEEE Network, 33 (2018), 92–98. https://doi.org/10.1109/MNET.2018.1700448 doi: 10.1109/MNET.2018.1700448
[15]	E. Hacket, LIN protocol and physical layer requirements, 2018. Available from: https://www.ti.com/lit/an/slla383a/slla383a.pdf?ts = 1668071732342 & ref_url = https%253A%252F%252Fwww.bing.com%252F.
[16]	ISO, Road Vehicles—FlexRay Communications System, Part 1: General Information and Use Case Definition, International Organization for Standardization, 2013.
[17]	ISO, Road Vehicles—FlexRay Communications System—Part 5: Electrical Physical Layer Conformance Test Specification, International Organization for Standardization, 2013.
[18]	Y. Wang, H. Liu, B. Huang, N. Zhang, Y. Wu, Reliability-based parameter design for FlexRay network in vehicles, Adv. Mech. Eng., 2019 (2019). https://doi.org/10.1177/1687814019839905 doi: 10.1177/1687814019839905
[19]	J. Pradeep, S. R. Sebasteen, R. Dineshkrishn, Comparison of CAN and flexray protocol for automotive application, Int. J. Pure Appl. Math., 119 (2018), 1739–1745.
[20]	Q. Hu, F. Luo, Review of secure communication approaches for in-vehicle network, Int. J. Autom. Technol., 19 (2018), 879–894. https://doi.org/10.1007/s12239-018-0085-1 doi: 10.1007/s12239-018-0085-1
[21]	L. Pike, J. Sharp, M. Tullsen, P. Hickey, J. Bielman, Secure automotive software: The next steps, IEEE Software, 34 (2017), 49–55. https://doi.org/10.1109/MS.2017.78 doi: 10.1109/MS.2017.78
[22]	M. Meier, D. Reinhardt, S. Wendzel, Sicherheit 2016, Lecture Notes in Informatics (LNI), Gesellschaft fur Informatik, Bonn, 2016.
[23]	ISO, Road vehicles—Media Oriented Systems Transport (MOST)—Part 1: General information and definitions, International Organization for Standardization, 2020.
[24]	H. Rajeshwari, K. Siddarth, K. S. Gurumurthy, The impact of network topologies on the performance of the in-vehicle network, Int. J. Comput. Theory Eng., 5 (2013). https://doi.org/10.7763/IJCTE.2013.V5.719
[25]	K. van Cleave, A survey of automotive ethernet technologies and protocols, in CSE570S: A Survey of Automotive Ethernet Technologies and Protocols, (2019).
[26]	V. Eramo, F. G. Lavacca, M. Listanti, S. Caporossi, Definition and performance evaluation of an Advanced Avionic TTEthernet Architecture for the support of Launcher Networks, IEEE Aerosp. Electron. Syst. Magaz., 33 (2018). https://doi.org/10.1109/MAES.2018.170161
[27]	V. Eramo, F. G. Lavacca, F. Valente, A. Pisculli, S. Caporossi, Simulation and experimental evaluation of a flexible time triggered ethernet architecture applied in satellite Nano/Micro Launchers, Aerospace, 5 (2018). https://doi.org/10.3390/aerospace5030084
[28]	V. Eramo, T. Fiori, F. G. Lavacca, F. Valente, A. Baiocchi, S. Ciabuschi, et al., A max plus algebra based scheduling algorithm for supporting time triggered services in ethernet networks, Comput. Commun., 198 (2023). https://doi.org/10.1016/j.comcom.2022.11.014
[29]	L. Lo Bello, W. Steiner, A perspective on IEEE time-sensitive networking for industrial communication and automation systems, Proceed. IEEE, 107 (2019), 1094–1120. https://doi.org/10.1109/JPROC.2019.2905334 doi: 10.1109/JPROC.2019.2905334
[30]	J. Sanchez-Garrido, B. Aparicio, J. G. Ramírez, R. Rodriguez, M. Melara, L. Cercós, et al., Implementation of a time-sensitive networking (TSN) Ethernet bus for microlaunchers, IEEE Trans. Aerosp. Electron. Syst., 57 (2021), 2743–2758. https://doi.org/10.1109/TAES.2021.3061806 doi: 10.1109/TAES.2021.3061806
[31]	K. A. Mahin, M. Raheeb, O. Seijo, I. Val, H. P. Bernhard, When IEEE 802.11 and 5G meet time-sensitive networking, IEEE Open J. Ind. Electron. Soc., 3 (2022), 14–36. https://doi.org/10.1109/OJIES.2021.3135524 doi: 10.1109/OJIES.2021.3135524
[32]	M. Scalas, G. Giacinto, Automotive cybersecurity: Foundations for next-generation vehicles, in 2nd International Conference on new Trends in Computing Sciences (ICTCS), (2019), 1–6. https://doi.org/10.1109/ICTCS.2019.8923077
[33]	L. Pike, J. Sharp, M. Tullsen, P. Hickey, J. Bielman, Secure automotive software: The next steps, IEEE Software, 34 (2017), 49–55. https://doi.org/10.1109/MS.2017.78 doi: 10.1109/MS.2017.78
[34]	M. Meier, D. Reinhardt, S. Wendzel, 45, in Sicherheit 2016, Lecture Notes in Informatics (LNI), Gesellschaft fur Informatik, Bonn, 2016.
[35]	M. Lang, Secure Automotive Ethernet Balancing Security and Safety in Time-Sensitive Systems, Master thesis, Blekinge Institute of Technology, 2019.
[36]	T. Kiravuo, M. Sarela, J. Manner, A survey of Ethernet LAN security, IEEE Commun. Surv. Tutorials, 15 (2013), 1477–1491. https://doi.org/10.1109/SURV.2012.121112.00190 doi: 10.1109/SURV.2012.121112.00190
[37]	I. Studnia, V. Nicomette, E. Alata, Y. Deswarte, M. Kaâ niche, Y. Laarouchi, A survey of security threats and protection mechanisms in embedded automotive networks, in 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop, (2013).
[38]	P. Kleberger, T. Olovsson, E. Jonsson, Security aspects of the in-vehicle network in the connected car, in 2011 IEEE Intelligent Vehicles Symposium (IV), (2011), 528–533.
[39]	N. Khatri, R. Shrestha, S. Y. Nam, Security issues with in-vehicle networks, and enhanced countermeasures based on blockchain, Electronics, 10 (2021), 893. https://doi.org/10.3390/electronics10080893
[40]	H. Yang, M. Liu, Y. Xu, Y. Wu, Y. Xu, Research of automotive ethernet security based on encryption and authentication method, Int. J. Comput. Theory Eng., 11 (2019), 1–5. https://doi.org/10.7763/IJCTE.2019.V11.1230 doi: 10.7763/IJCTE.2019.V11.1230
[41]	J. M. Li, F. Shuo, Y. Wu, Y. Xu, High-efficiency encryption and authentication network security for automotive Ethernet, Int. J. Model. Optim., 12 (2022), 36–42. https://doi.org/10.7763/IJMO.2022.V12.797 doi: 10.7763/IJMO.2022.V12.797
[42]	Y. Zhu, Y. Liu, M. Wu, J. Li, S. Liu, J. Zhao, Research on secure communication on in-vehicle Ethernet based on post-quantum algorithm NTRUEncrypt, Electronics, 11 (2022), 856. https://doi.org/10.3390/electronics11060856 doi: 10.3390/electronics11060856
[43]	B. Ma, S. Yang, Z. Zuo, B. Zou, Y. Cao, X. Yan, et al., An authentication and secure communication scheme for in-vehicle networks based on SOME/IP, Sensors, 22 (2022), 647. https://doi.org/10.3390/s22020647 doi: 10.3390/s22020647
[44]	E. Silva, P. F. Araujo-Filho, D. R. Campelo, Experimental evaluation of cryptography overhead in automotive safety-critical communication, in IEEE 87th Vehicular Technology Conference (VTC Spring), (2018), 1–5. https://doi.org/10.1109/VTCSpring.2018.8417610
[45]	W. Wu, R. Li, G. Xie, J. An, Y. Bai, J. Zhou, et al., A survey of intrusion detection for in-vehicle networks, IEEE Trans. Intell. Trans. Syst., 21 (2020), 919–933. https://doi.org/10.1109/TITS.2019.2908074 doi: 10.1109/TITS.2019.2908074
[46]	M. Markovitz, A. Wool, Field classification, modeling and anomaly detection in unknown CAN bus networks, Veh. Commun., 9 (2017), 43–52. https://doi.org/10.1016/j.vehcom.2017.02.005 doi: 10.1016/j.vehcom.2017.02.005
[47]	M. Bresch, N. Salman, Design and Implementation of an Intrusion Detection System (IDS) for in-Vehicle Networks, Master Thesis, Chalmers University of Technology and University of Gothenburg, 2017.
[48]	M. J. Kang, J. W. Kang, A novel intrusion detection method using deep neural network for in-vehicle network security, PloS One, 11 (2016), e0155781. https://doi.org/10.1371/journal.pone.0155781 doi: 10.1371/journal.pone.0155781
[49]	B. Jeon, H. Ju, B. Jung, K. Kim, D. Lee, A study on traffic characteristics for anomaly detection of Ethernet-based IVN, in 2019 International Conference on Information and Communication Technology Convergence (ICTC), (2019), 951–953. https://doi.org/10.1109/ICTC46691.2019.8940022
[50]	D. Grimm, M. Weber, E. Sax, An extended hybrid anomaly detection system for automotive electronic control units communicating via Ethernet-efficient and effective analysis using a specification- and machine learning-based approach, in Proceedings of the 4th International Conference on Vehicle Technology and Intelligent Transport (VEHITS), (2018), 462–473. https://doi.org/10.5220/0006779204620473
[51]	M. Weber, S. Klug, E. Sax, B. Zimmer, Embedded hybrid anomaly detection for automotive CAN communication, in 9th European congress on embedded real time software and systems (ERTS 2018), (2018).
[52]	S. Jeong, B. Jeonb, B. Chungb, H. Kang Kim, Convolutional neural network-based intrusion detection system for AVTP streams in automotive Ethernet-based Networks, Veh. Commun., 29 (2021), 100338. https://doi.org/10.1016/j.vehcom.2021.100338 doi: 10.1016/j.vehcom.2021.100338
[53]	N. Alkhatib, M. Mushtaq, H. Ghauch, J. L. Danger, AVTPnet: Convolutional autoencoder for AVTP anomaly detection in automotive ethernet networks, preprint, arXiv: 2202.00045.
[54]	Z. Zihan, C. Lirong, Z. Haitao, Z. Fan, Research on intrusion detection technology based on embedded Ethernet, in 2021 18th International Computer Conference on Wavelet Active Media Technology and Information Processing (ICCWAMTIP), 587–600. https://doi.org/10.1109/ICCWAMTIP53232.2021.9674069
[55]	Autosar, Standards. Available from: https://www.autosar.org/standards/.
[56]	B. Qiu, K. Chen, K. He, X. Fang, Research on vehicle network intrusion detection technology based on dynamic data set, in IEEE 3rd International Conference on Frontiers Technology of Information and Computer (ICFTIC), 2021 (2021), 386–390. https://doi.org/10.1109/ICFTIC54370.2021.9647072
[57]	H. Lindwall, P. Ovhagen, A Concept for an Intrusion Detection System over Automotive Ethernet, Master thesis, Lund University, 2020.
[58]	J. Holle, S. Shukla, Gatekeeper for in-vehicle network communication, ATZelektronik Worldwide, 13 (2018), 40–43.
[59]	M. Pesé, K. Schmidt, H. Zweck, Hardware/software co-design of an automotive embedded firewall, 2017-01-1659, SAE Technical Paper.
[60]	E. Yilmaz, Firewall and IDPS Concept for Automotive Ethernet, Master thesis, Uppsala Universitet, 2019.
[61]	Y. Genç, M. Habek, N. Aytaş, A. Akkoç, E. Afacan, E. Yazgan, Elliptic curve cryptography for security in connected vehicles, in 2022 30th Signal Processing and Communications Applications Conference (SIU), (2022), 1–4. https://doi.org/10.1109/SIU55565.2022.9864762

Reader Comments

Your name:*

Email:*
© 2023 the Author(s), licensee AIMS Press. This is an open access article distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/4.0)