Strategies for Integrating Control Flows in Software-Defined In-Vehicle Networks and Their Impact on Network Security
作者: Franz Korf , Thomas C. Schmidt , Philipp Meyer , Timo Hackel , Anja Schmidt
DOI: 10.1109/VNC51378.2020.9318372
关键词:
摘要: Current In-Vehicle Networks (IVNs) connect Electronic Control Units (ECUs) via domain buses. A gateway forwards messages between these domains. Automotive Ethernet emerges as a flat, high-speed backbone technology for IVNs that carries the various control flows within frames. Recently, Software-Defined Networking (SDN) has been identified useful building block of vehicular domain, it allows differentiation packets based on all header fields and thus can isolate unrelated flows. In this work, we systematically explore different strategies integrating automotive in switched Ether-networks analyze their security impact software-defined IVN. We discuss how flow identifiers be embedded layers resulting range solutions from fully exposed embedding to deep encapsulation. evaluate realistic IVN communication matrix production grade vehicle, which map into modern topology. find visibility packet headers is essential network infrastructure enable isolation access control. With an embedding, SDN establish survey trust zones largely reduce attack surface connected cars. An strategy also minimizes expenses.
arxiv.org
sci-hub.st 参考文章(14)
Hovav Shacham, Karl Koscher, Alexei Czeskis, Franziska Roesner, Brian Kantor, Damon McCoy, Tadayoshi Kohno, Stefan Savage, Danny Anderson, Stephen Checkoway, Comprehensive experimental analyses of automotive attack surfaces usenix security symposium. pp. 6- 6 ,(2011)
Andreas Kern, Dominik Reinhard, Thilo Streichert, Jürgen Teich, Gateway strategies for embedding of automotive CAN-frames into ethernet-packets and vice versa automation, robotics and control systems. pp. 259- 270 ,(2011) , 10.1007/978-3-642-19137-4_22
Lingyu Wang, Sushil Jajodia, Anoop Singhal, Pengsu Cheng, Steven Noel, k-Zero Day Safety: A Network Security Metric for Measuring the Risk of Unknown Vulnerabilities IEEE Transactions on Dependable and Secure Computing. ,vol. 11, pp. 30- 44 ,(2014) , 10.1109/TDSC.2013.24
Diego Kreutz, Fernando M. V. Ramos, Paulo Esteves Verissimo, Christian Esteve Rothenberg, Siamak Azodolmolky, Steve Uhlig, Software-Defined Networking: A Comprehensive Survey Proceedings of the IEEE. ,vol. 103, pp. 14- 76 ,(2015) , 10.1109/JPROC.2014.2371999
Andreas Herkersdorf, Christian Herber, Thomas Wild, Andre Richter, Real-time capable CAN to AVB ethernet gateway using frame aggregation and scheduling design, automation, and test in europe. pp. 61- 66 ,(2015) , 10.5555/2755753.2755767
Nick McKeown, Tom Anderson, Hari Balakrishnan, Guru Parulkar, Larry Peterson, Jennifer Rexford, Scott Shenker, Jonathan Turner, OpenFlow: enabling innovation in campus networks acm special interest group on data communication. ,vol. 38, pp. 69- 74 ,(2008) , 10.1145/1355734.1355746
Seungwon Shin, Lei Xu, Sungmin Hong, Guofei Gu, Enhancing Network Security through Software Defined Networking (SDN) 2016 25th International Conference on Computer Communication and Networks (ICCCN). pp. 1- 9 ,(2016) , 10.1109/ICCCN.2016.7568520
Stefan Brunner, Jurgen Roder, Markus Kucera, Thomas Waas, Automotive E/E-architecture enhancements by usage of ethernet TSN workshop on intelligent solutions in embedded systems. pp. 9- 13 ,(2017) , 10.1109/WISES.2017.7986925
Qiang Hu, Feng Luo, Review of Secure Communication Approaches for In-Vehicle Network International Journal of Automotive Technology. ,vol. 19, pp. 879- 894 ,(2018) , 10.1007/S12239-018-0085-1
Jiadai Wang, Jiajia Liu, Nei Kato, Networking and Communications in Autonomous Driving: A Survey IEEE Communications Surveys and Tutorials. ,vol. 21, pp. 1243- 1274 ,(2019) , 10.1109/COMST.2018.2888904