Abstract
Todays in-vehicle IT architectures are dominated by a large network of interactive, software driven digital microprocessors called electronic control units (ECU). However, ECUs relying on information received from open communication channels created by other ECUs or even other vehicles that are not under its control leaves the doors wide open for manipulations or misuse. Thus, especially safety-relevant ECUs need effective, automotive-capable security measures that protect the ECU and its communications efficiently and dependably. Based on a requirements engineering approach that incorporates all security-relevant automotive use cases and all distinctive automotive needs and constraints, we present an vehicular hardware security module (HSM) that enables a holistic protection of in-vehicle ECUs and their communications. We describe the hardware design, give technical details on the prototypical implementation, and provide a first evaluation on the performance and security while comparing our approach with HSMs already existing.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
Abdalla, M., Bellare, M., Rogaway, P.: DHAES: An encryption scheme based on the Diffie-Hellman problem. Submission to P1363a: Standard Specifications for Public-Key Cryptography, Additional Techniques 5 (2000)
Checkoway, S., et al.: Comprehensive Experimental Analyses of Automotive Attack Surfaces. National Academy of Sciences Committee on Electronic Vehicle Controls and Unintended Acceleration (2011)
Diffie, W., Hellman, M.: New Directions in Cryptography. IEEE Transactions on Information Theory 22(6) (1976)
Dyer, J., Lindemann, M., Perez, R., Sailer, R., Van Doorn, L., Smith, S., Weingart, S.: Building the IBM 4758 Secure Coprocessor. IEEE Computer 34(10) (2001)
escrypt GmbH – Embedded Security: CycurLIB - Cryptographic Software Library (2011), http://www.escrypt.com/products/cycurlib/overview/
EVITA: Deliverable 2.1: Specification and Evaluation of E-Security Relevant Use Cases (2008)
EVITA: Deliverable 2.3: Security Requirements for Automotive On-Board Networks Based on Dark-Side Scenarios (2009)
EVITA: Deliverable 3.1.2: Security and Trust Model (2009)
EVITA: Deliverable 3.2: Secure On-board Architecture Specification (2010)
EVITA: Deliverable 3.3: Secure On-Board Protocols Specification (2010)
EVITA: Deliverable 4.1.3: Security Hardware FPGA Prototype (2011)
EVITA: Deliverable 4.2.2: Basic Software (2011)
EVITA: Deliverable 4.3.2: Implementation of Software Framework (2011)
EVITA: Deliverable 5.1.2: On-board Communication Demonstrator (2011)
EVITA Project: E-safety Vehicle Intrusion proTected Applications, European Commission research grant FP7-ICT-224275 (2008), http://www.evita-project.org
FIPS-186-3: Digital Signature Standard (DSS). NIST (1994, 2006)
FIPS-197: Advanced Encryption Standard (AES). NIST (2001)
Frischkorn, H.G.: Automotive Software – The Silent Revolution. In: Workshop on Future Generation Software Architectures in the Automotive Domain, San Diego, CA, USA, January 10- 12 (2004)
Furgel, I., Lemke, K.: A Review of the Digital Tachograph System. In: Embedded Security in Cars: Securing Current and Future Automotive IT Applications. Springer (2006)
Güneysu, T., Paar, C.: Ultra High Performance ECC over NIST Primes on Commercial FPGAs. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 62–78. Springer, Heidelberg (2008)
Herstellerinitiative Software (HIS): SHE Secure Hardware Extension Version 1.1 (2009), http://portal.automotive-his.de
International Telecommunication Union – ITU-T Study Group 7: Abstract Syntax Notation number One – ASN.1 (1995), http://www.itu.int/ITU-T/asn1/
ISO/IEC 10118-3:2004: Information technology – Security techniques – Hash-functions – Part 3: Dedicated hash-functions. ISO/IEC (2004)
ISO/IEC 11898:2003-2007: Information technology – Road vehicles Controller area network. ISO/IEC (2007)
ISO/IEC 18033-2:2006: Information technology - Security techniques - Encryption algorithms - Part 2: Asymmetric ciphers. ISO/IEC (2006)
Koscher, K., et al.: Experimental Security Analysis of a Modern Automobile. In: IEEE Symposium on Security and Privacy (2010)
Lemke, K.: Physical Protection against Tampering Attacks. In: Embedded Security in Cars: Securing Current and Future Automotive IT Applications. Springer (2006)
Luo, J., Hubaux, J.: A Survey of Inter-Vehicle Communication. EPFL, Lausanne, Switzerland, Tech. Rep (2004)
PRECIOSA Project: Privacy Enabled Capability in Co-operative Systems and Safety Applications (2008), http://www.preciosa-project.org
PRESERVE Project: Preparing Secure Vehicle-to-X Communication Systems (2011), http://www.preserve-project.eu
Schindler, W.: AIS 20 – Functionality classes and evaluation methodology for deterministic random number generators. German Federal Office for Information Security (BSI) (1999)
SeVeCom Project: Secure Vehicular Communication (2006), http://www.sevecom.org
Song, J., Poovendran, R., Lee, J., Iwata, T.: The AES-CMAC Algorithm. RFC4493, IETF (June 2006)
Toll Collect GmbH (2011), http://www.toll-collect.com
Trusted Computing Group (TCG): TPM Specification 1.2 Revision 116 (2011), http://www.trustedcomputinggroup.org
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wolf, M., Gendrullis, T. (2012). Design, Implementation, and Evaluation of a Vehicular Hardware Security Module. In: Kim, H. (eds) Information Security and Cryptology - ICISC 2011. ICISC 2011. Lecture Notes in Computer Science, vol 7259. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-31912-9_20
Download citation
DOI: https://doi.org/10.1007/978-3-642-31912-9_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-31911-2
Online ISBN: 978-3-642-31912-9
eBook Packages: Computer ScienceComputer Science (R0)