基于CAN-FD总线的车载网络安全通信

doi:10.11908/j.issn.0253-374x.2019.03.012

首页 > 过刊浏览>2019年第47卷第03期 >0386-0391. DOI:10.11908/j.issn.0253-374x.2019.03.012

基于CAN-FD总线的车载网络安全通信
DOI:
                        10.11908/j.issn.0253-374x.2019.03.012
                    
CSTR:
                        [cstr]
                    
作者:
                        罗峰罗峰
同济大学 汽车学院， 上海 201804
在期刊界中查找
在百度中查找
在本站中查找
胡强胡强
同济大学 汽车学院， 上海 201804
在期刊界中查找
在百度中查找
在本站中查找
刘宇刘宇
同济大学 汽车学院， 上海 201804
在期刊界中查找
在百度中查找
在本站中查找

                    
作者单位:同济大学汽车学院
作者简介:
通讯作者:
中图分类号:U463.67
基金项目:中央高校基本科研业务费专项资金（22120170265）

Secure Communication Method for In-Vehicle Network Based on CAN-FD Bus

Author:

LUO Feng
LUO Feng
School of Automotive Studies, Tongji University, Shanghai 201804, China
在期刊界中查找
在百度中查找
在本站中查找
HU Qiang
HU Qiang
School of Automotive Studies, Tongji University, Shanghai 201804, China
在期刊界中查找
在百度中查找
在本站中查找
LIU Yu
LIU Yu
School of Automotive Studies, Tongji University, Shanghai 201804, China
在期刊界中查找
在百度中查找
在本站中查找

Affiliation:

Fund Project:

摘要

图/表

访问统计

参考文献 [13]

相似文献 [20]

引证文献

资源附件

文章评论

摘要:

以数据加密和入侵检测为基础，建立了一种基于灵活数据速率控制器局域网络的汽车通信网络信息安全方法.提出了包括安全传输、安全启动、时间同步与密钥分配的汽车网络安全通信协议，并通过建立网络仿真模型验证安全协议的有效性.搭建了基于硬件实例的安全通信节点，测试硬件节点的实际通信性能和加密性能.最后针对汽车通信网络潜在的攻击方式，以Dolev-Yao入侵模型攻击和拒绝服务攻击为测试方法，对安全通信模型进行了安全性攻击测试和入侵检测功能验证，确定了网络入侵检测的判定指标.测试结果验证了该方法的安全性和可用性.

关键词:安全通信; 车载网络; 信息安全

Abstract:

A security method for vehicle communication network based on controller area network with flexible data-rate (CAN-FD) was established with data encryption and intrusion detection. Secure communication protocols for vehicle network including secure transmission, secure boot, time synchronization, and key distribution were proposed, and a network simulation model was established to verify the validity of the secure protocols. Secure communication nodes based on hardware instance were established to test the actual communication performance and encryption performance of the hardware nodes. Aiming at the potential attack modes of the vehicle communication network, the Dolev-Yao intruder model attack and the denial of service attack were used as the test methods to test the security of communication model and verify the intrusion detection function. And the judgment index of the network intrusion detection was determined. The experimental results had confirmed the security and usability of the method.

Key words:secure communication; vehicle network;cybersecurity

参考文献

[1] Koscher K, Czeskis A, Roesner F, et al. Experimental Security Analysis of a Modern Automobile[C]//IEEE Symposium on Security and Privacy. Oakland CA: IEEE, 2010: 447-462.

[2] Van Herrewege A, Singelee D, Verbauwhede I. CANAuth - A Simple, Backward Compatible Broadcast Authentication Protocol for CAN Bus[C]//ECRYPT Workshop on Lightweight Cryptography. Louvain-la-Neuve: ECRYPT, 2011.

[3] Hartkopp O, Reuber C, Schilling R. Message Authenticated CAN[C]//Embedded Security in Cars Conference. Berlin: ESCAR, 2012.

[4] Woo S, Jo H J, Kim I S, et al. A Practical Security Architecture for In-Vehicle CAN-FD[J]. IEEE Transactions on Intelligent Transportation Systems, 2016, 17(8): 2248~2261.

[5] Ruddle A, Ward D, Weyl B, et al. Deliverable D2. 3: Security requirements for automotive on-board networks based on dark-side scenarios[R]. EVITA, 2009.

[6] Hartwich F. CAN with flexible data-rate[C]//iCC 2012. CAN in Automation, 2012.

[7] NIST. Advanced Encryption Standard (AES): FIPS PUB 197[S]. NIST, 2001.

[8] IEEE SA. IEEE Standard for a Precision Clock Synchronization Protocol for Networked Measurement and Control Systems: 1588-2008[S]. IEEE SA, 2008.

[9] HIS AK Security. SHE – Secure Hardware Extension Functional Specification[S]. HIS AK Security, 2009.

[10] Dolev D, Yao A. On the Security of Public Key Protocols[J]. IEEE Transactions on Information Theory, 1983, 29(2) : 198-208.

Woo S, Jo H J, Lee D H. A Practical Wireless Attack on the Connected Car and Security Protocol for In-Vehicle CAN [J]. IEEE Transactions on Intelligent Transportation Systems, 2015, 16(2): 993–1006.

吴尚泽，秦贵和，刘毅等. 车载控制器局域网络总线的动态口令身份认证方法[J]. 西安交通大学学报, 2017, 51(6). DOI: 10.7652/xjtuxb201706016. WU Shangze, QIN Guihe, LIU Yi et al. A Method for Identifying Authentication of Dynamic Passwords for In-vehicle Controller Area Networks Buses[J]. Journal of Xi’an Jiaotong University, 2017, 51(6). DOI: 10.7652/xjtuxb201706016.

于赫. 网联汽车信息安全问题及CAN总线异常检测技术研究[D]. 长春: 吉林大学, 2016. YU He. Research on Connected Vehicle Cyber Security and Anomaly Detection Technology for In-vehicle CAN bus[D]. Changchun: Jilin University. 2016.

引用本文

罗峰,胡强,刘宇.基于CAN-FD总线的车载网络安全通信[J].同济大学学报(自然科学版),2019,47(03):0386~0391

复制

文章指标

点击次数:1876
下载次数: 1130
HTML阅读次数: 2287
引用次数: 0

历史

收稿日期:2017-10-27
最后修改日期:2019-01-02
录用日期:2018-12-13
在线发布日期: 2019-04-03
出版日期:

引用本文

分享

文章指标

历史

文章二维码

引用本文

分享

微信扫一扫：分享

文章指标

历史

文章二维码