An Attribute-Isolated Secure Communication Architecture for Intelligent Connected Vehicles

Abstract

The rapidly increasing connectedness of modern vehicles leads to new security challenges for intelligent connected vehicles (ICVs), where some potential attackers can achieve unauthorized access to gain control of the vehicle by injecting malicious information into in-vehicle electronic control units (ECUs). Therefore, in this paper, a secure attribute-isolated communication architecture for an ICV, which introduces attributes into the ECUs to achieve authorized access among the ECU nodes is proposed. First, an analysis of the functional attributes of all of the in-vehicle ECUs in an intelligent connected environment and a division of the functional attributes of the ECUs into five classifications are performed. Second, based on the above-classified attributes, a secure attribute-isolated communication architecture is demonstrated. The ECUs have different access rights, allowing only the ECUs with the same functional attributes in the internal network of the vehicle to communicate. Then, it is proven that the proposed architecture can resist forgery and eavesdropping attacks under the random oracle model. Finally, the secure attribute-isolated communication architecture is constructed in a hardware environment and evaluated with an in-vehicle network simulator (IVNS). The evaluation results show that the average memory usage with 120 ECUs and 100 messages is below 40 MB and the bus load can be reduced to 18.96% using the proposed security architecture compared to the bus load of existing architectures. Therefore, the proposed secure attribute-isolated communication architecture solves the problem of the tradeoff between the security threat of unauthorized access and the high bus load of existing in-vehicle architectures.