Abstract
The development of automotive-information & communication technology (ICT) convergence has resulted in various vehicle-based electrical/electronic (E/E) systems. An automotive E/E system consists of one or more electronic control units (ECUs), sensors and actuators. With the commercialization of connected/autonomous cars, vehicle-based wireless communication systems have appeared, and are expected to grow in popularity. This increases the number of attack surfaces that can potentially threaten in-vehicle controller area network (CAN). To combat the vulnerabilities of the CAN protocol, the CAN data field should be encrypted and transmitted with authentication codes. Recently, a method of transmitting authentication codes by modifying the CAN protocol was proposed. However, changing the original CAN protocol can cause serious problems in CAN systems. In this paper, to enhance CAN security, a data compression algorithm is used to reduce the data frame length so that there is space for a message authentication code (MAC) to be contained inside the data field. The proposed algorithm guarantees that all CAN frames are authenticated by a MAC of at least four bytes without any change of the original CAN protocol. Simulations using CAN data from Kia Sorento, Kia Soul, and LS Mtron vehicles show that the proposed algorithm works successfully with only a slight increase in the peak load.
Highlights
The controller area network (CAN) system was introduced by Robert Bosch GmbH in 1986 [1]
As the most representative in-vehicle network, the CAN system has become the de facto standard because it dramatically decreases the number of communication lines required and ensures higher data transmission reliability [2], [3]
Since the CAN bus load is increased by the large number of electronic control units (ECUs), it is necessary to reduce the CAN frame length
Summary
The CAN system was introduced by Robert Bosch GmbH in 1986 [1]. As the most representative in-vehicle network, the CAN system has become the de facto standard because it dramatically decreases the number of communication lines required and ensures higher data transmission reliability [2], [3]. All CAN frames are authenticated by a MAC of at least four bytes, without making any changes to the original CAN protocol. A multi-level data arrangement (MLDA) algorithm was proposed based on the CAS map [24]. In the MLDA algorithm, the sender ECU does not transmit CAN frames when the difference between the current and the previous CAN data is zero, which reduces the CAN bus load. In PMDV-based CAN data compression algorithms, the difference value is only transmitted if the difference between the current and preceding CAN messages does not exceed the PMDV. The MLDA algorithm provides a systematic way to place the CAN data bits using multi-level arrangement maps to obtain the best compression efficiency. The security protocol in [14] uses a truncated 32-bit MAC due to the limited data frame payload. - The original CAN protocol is not changed. - The length of a MAC is always at least four bytes long. - The increase in the peak load caused by adding MACs is very small or negligible
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
