Security and Safety Co-Engineering of the FlexRay Bus in Vehicular Networks

Abstract

Recently, researchers have demonstrated how the lack of security features in road vehicles may allow adversaries to take over partial or even full control. Specifically, in-vehicle communication protocols are prone to attacks, because no security mechanisms have been developed for them. For a long time, they have been optimized only towards safety, in order to guarantee a high degree of reliability, robustness and real-time behavior. In this work, we focus on FlexRay, an automotive communication protocol whose core properties are strong determinism and high fault-tolerance for safety-critical applications. We propose to leverage the distinct safety-tailored features of FlexRay for security purposes, such as authentication. In particular, we demonstrate that the optional dualchannel mode can be used to provide authentication for FlexRay in a backward compatible manner. Additionally, we suggest different ways of transmitting the relevant message authentication codes over FlexRay. Finally, we propose a number of techniques for managing cryptographic keys, i.e. we associate these keys with FlexRay time slots and we use hash chains to derive new keys at low cost at runtime. In this way, we offer multiple security solutions for the FlexRay protocol, while trying to keep the overhead low.