Presentation | 2014/9/12 Protection for Automotive Control System Using Secure Boot and Authentication Keisuke TAKEMORI, Seiichiro Mizoguchi, Hideaki KAWABATA, Ayumu KUBOTA, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | Attacks on an automotive control system, ex. illegal replacement of Electronic Control Unit (ECU), tampering of ECU firmware, and packet spoofing in a Controller Area Network (CAN), threaten the safety of driving. In this research, we make a secure automotive control system, which is composed of four techniques; (i) secure boot of ECU, (ii) authentication of ECU, (iii) Authentication of CAN packet, and (iv) authentication of ECU firmware. First, we select an ECU that has both the write protection area called "root of trust" and the secure processing/storage called "secure RAM/ROM" using H/W supports. Next, we propose the secure boot mechanism that measures firmware integrity of the ECU from the root of trust when an engine is started. After the engine starting, a master ECU authenticates end ECUs using the challenge response to verify the configuration of the control system. When the authentication to the end ECUs is succeeded, the master ECU issues a secret value to the end ECUs. To check the integrity of the CAN data, to authenticate the sender ECU, and to avoid the replay attack, a media authentication code (MAC) is inserted in the CAN packet. Here, the MAC is calculated as hash(data, secret value, packets counter). The new ECU firmware is issued and signed by a remote authority. The signature is verified when the new firmware is applied to the ECU. Our proposal guarantees the automotive safety of the driving and the maintenance. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | |
Paper # | Vol.2014-ITS-58 No.8 |
Date of Issue |
Conference Information | |
Committee | ITS |
---|---|
Conference Date | 2014/9/12(1days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | |
Chair | |
Vice Chair | |
Secretary | |
Assistant |
Paper Information | |
Registration To | Intelligent Transport Systems Technology (ITS) |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | Protection for Automotive Control System Using Secure Boot and Authentication |
Sub Title (in English) | |
Keyword(1) | |
1st Author's Name | Keisuke TAKEMORI |
1st Author's Affiliation | KDDI R&D Laboratories Inc.() |
2nd Author's Name | Seiichiro Mizoguchi |
2nd Author's Affiliation | KDDI R&D Laboratories Inc. |
3rd Author's Name | Hideaki KAWABATA |
3rd Author's Affiliation | KDDI R&D Laboratories Inc. |
4th Author's Name | Ayumu KUBOTA |
4th Author's Affiliation | KDDI R&D Laboratories Inc. |
Date | 2014/9/12 |
Paper # | Vol.2014-ITS-58 No.8 |
Volume (vol) | vol.114 |
Number (no) | 225 |
Page | pp.pp.- |
#Pages | 8 |
Date of Issue |