Promoting excellence in mobility engineering

  1. FISITA Store
  2. Technical Papers

Secure Automotive On-board Electronics Network Architecture
FISITA2010/F2010E035

Authors

Apvrille, Ludovic - Telecom ParisTech, France,
El Khayari, Rachid - Fraunhofer Institute for Secure Information Technology, Germany,
Henniger, Olaf* - Fraunhofer Institute for Secure Information Technology, Germany,
Roudier, Yves - EURECOM, France,
Schweppe, Hendrik - EURECOM, France,
Seudié, Hervé - Robert Bosch GmbH, Germany,
Weyl, Benjamin - BMW Group Research and Technology, Germany,
Wolf, Marko - escrypt GmbH, Germany

Abstract

This paper introduces hardware and software components for secure automotive on-board networks providing the basis for the protection of external vehicle communication. It is based on work done within the European research project EVITA (http://evitaproject. org). It provides a framework that covers cross-layer security, targeting platform integrity, communication channels, access control and intrusion detection and management. We present a modular hardware/software co-design: Hardware security modules (HSM) provide means to protect the platform integrity, to ensure the integrity and confidentiality of key material and to enhance cryptographic operations, thereby protecting critical assets of the architecture. In order to provide cost-effective hardware solutions, three different variants of HSMs have been specified: The full HSM for protecting external communication interfaces, the medium HSM for protecting the on-board communication between electronic control units (ECUs), and the light HSM for protecting the on-board communication with sensors and actuators. Application specific interfaces are provided by the software framework that interacts with the HSMs. High-level design considerations, such as least privilege design and separation principles have been followed throughout the work. We provide an outlook on deployment scenarios.

KEYWORDS – automotive on-board network; security architecture; hardware security module, embedded systems, vehicle communication systems

Add to basket