TY - JOUR
T1 - Automotive Electrical and Electronic Architecture Security via Distributed In-Vehicle Traffic Monitoring
AU - Waszecki, Peter
AU - Mundhenk, Philipp
AU - Steinhorst, Sebastian
AU - Lukasiewycz, Martin
AU - Karri, Ramesh
AU - Chakraborty, Samarjit
N1 - Funding Information:
Manuscript received April 4, 2016; revised August 6, 2016 and November 28, 2016; accepted January 15, 2017. Date of publication February 9, 2017; date of current version October 18, 2017. This work was supported in part by the Singapore National Research Foundation under its Campus for Research Excellence and Technological Enterprise programme, and in part by the Technische Universität München—Institute for Advanced Study, through the German Excellence Initiative and the European Union Seventh Framework Programme under Grant 291763. This paper was recommended by Associate Editor C. H. Chang.
Publisher Copyright:
© 1982-2012 IEEE.
PY - 2017/11
Y1 - 2017/11
N2 - Due to the growing interconnectedness and complexity of in-vehicle networks, in addition to safety, security is becoming an increasingly important topic in the automotive domain. In this paper, we study techniques for detecting security infringements in automotive electrical and electronic (E/E) architectures. Toward this we propose in-vehicle network traffic monitoring to detect increased transmission rates of manipulated message streams. Attacks causing timing violations can disrupt safety-critical functions and have severe consequences. To reduce costs and prevent single points of failure, our approach enables an automatic distribution of detection tasks among selected E/E architecture components, such as a subset of electronic control units. First, we analyze a concrete E/E system architecture to determine the communication parameters and properties necessary for detecting security attacks. These are then used for a parametrization of the corresponding detection algorithms and the distribution of attack detection tasks. We use a lightweight message monitoring method and optimize the placement of detection tasks to ensure a full-coverage of the E/E system architecture and a timely detection of an attack.
AB - Due to the growing interconnectedness and complexity of in-vehicle networks, in addition to safety, security is becoming an increasingly important topic in the automotive domain. In this paper, we study techniques for detecting security infringements in automotive electrical and electronic (E/E) architectures. Toward this we propose in-vehicle network traffic monitoring to detect increased transmission rates of manipulated message streams. Attacks causing timing violations can disrupt safety-critical functions and have severe consequences. To reduce costs and prevent single points of failure, our approach enables an automatic distribution of detection tasks among selected E/E architecture components, such as a subset of electronic control units. First, we analyze a concrete E/E system architecture to determine the communication parameters and properties necessary for detecting security attacks. These are then used for a parametrization of the corresponding detection algorithms and the distribution of attack detection tasks. We use a lightweight message monitoring method and optimize the placement of detection tasks to ensure a full-coverage of the E/E system architecture and a timely detection of an attack.
KW - Attack detection
KW - automotive security
KW - distributed systems
KW - embedded systems
UR - http://www.scopus.com/inward/record.url?scp=85035802059&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85035802059&partnerID=8YFLogxK
U2 - 10.1109/TCAD.2017.2666605
DO - 10.1109/TCAD.2017.2666605
M3 - Article
AN - SCOPUS:85035802059
SN - 0278-0070
VL - 36
SP - 1790
EP - 1803
JO - IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems
JF - IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems
IS - 11
M1 - 7849145
ER -