Although high-speed in-vehicle networks are being increasingly adopted by the industry to support emerging use cases, previous research already demonstrated that car hacking is a real threat. This paper formalizes a novel framework proposed to provide improved security to the emerging SOME/IP middleware, without introducing at the same time limitations in the communication patterns available. Most notably, the entire traffic matrix is designed to be configured using simple high-level rules, clearly stating who can talk to whom according to the service abstraction adopted by SOME/IP. Three incremental security levels are made available, accounting for different services being associated with different requirements. The core security protocol, encompassing a session establishment phase followed by the transmission of secured SOME/IP messages, has been formally verified, to prove its correctness in terms of authentication and secrecy properties. Performance-wise, in-depth experimental evaluations conducted with an extended version of vsomeip confirmed the introduction of quite limited penalties compared to the bare unsecured implementation.
Securing SOME/IP for In-Vehicle Service Protection / Iorio, Marco; Reineri, Massimo; Risso, Fulvio; Sisto, Riccardo; Valenza, Fulvio. - In: IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY. - ISSN 0018-9545. - ELETTRONICO. - (In corso di stampa).
Titolo: | Securing SOME/IP for In-Vehicle Service Protection |
Autori: | |
Data di pubblicazione: | Being printed |
Rivista: | |
Digital Object Identifier (DOI): | http://dx.doi.org/10.1109/TVT.2020.3028880 |
Appare nelle tipologie: | 1.1 Articolo in rivista |
File in questo prodotto:
File | Descrizione | Tipologia | Licenza | |
---|---|---|---|---|
09215036.pdf | 2. Post-print / Author's Accepted Manuscript | PUBBLICO - Tutti i diritti riservati | Visibile a tuttiVisualizza/Apri |
http://hdl.handle.net/11583/2847755