Specification of Secure Onboard Communication Protocol(SecOC) AUTOSAR R22-11, FO, No. 969
AUTOSARは、ISO、IEC、ITUと情報交換契約を結んでいません。
AUTOSAR文書には、ISO、IEC,ITU記述を全文引用することはできません。
WTO/TBT協定に基づき、国際的な調達は国際規格との差異を記述することにより文化依存しない仕様を目指します。
ISO、IEC、ITU文書を合わせて読むと技術内容は理解できます。
CAN、OSEK/VDX OS、DIAGは、ISO定義を先に確認しましょう。
OSEK COM、OSEK NMなどはISOの規定から基本的な部分で定義を変えています。
変更している部分を仕様等で明記するか、ISOを改定するとよいでしょう。
AUTOSARの参考文献欄の改定が進んでいません。
Glossary用語定義の網羅性が低いです。
本文を読む前に確認するとよいかもしれません。
本文を読んでから確認してもよいかもしれません。
AUTOSARが、2022年の版、R22-11公開しました。公開行事の模様は
AUTOSAR R22-11 Release Event 20221208
下記URL順次確認中です。
間違っていたら、いいね を押していただいて、コメント欄にご報告くださると幸いです。
編集リクエストが、構造的な変更をしている最中に、構造的な編集リクエストをしていただくと、
何をどう直したらいいかわからなくなってしまいます。自動修復ツールがつくれていません。ごめんなさい。
文書は検索してダウンロードすることができます。
クラウドサービスにありがちな、あるのにないかのような検索結果が出ることがあります。
要求/仕様(Requirement and Specification)
一覧
AUTOSAR R22-11 Adaptive Platform 一覧はこちら。
Adaptive Platform Release Overview, No.782, AP, AUTOSAR 22-11 新
Foundation Release Overview, No.781, FO, AUTOSAR 22-11 新
Classic Platform Release Overview, AUTOSAR R22-11, CP, No.0(2)
AUTOSAR R22-11 マラソン
AUTOSAR 文書番号と発行年
AUTOSAR R22-11で リンク切れ、表示しない文書
Qiitaの記事の一覧は作成中です。
AUTOSAR R22-11 Qiita記事一覧 新
Abstract Platformとの関係
セキュリティ統合
<この項は書きかけです。順次追記します。>
文書変更(Document Change)
• Removal of implementation specific contents
• Update of configuration parameters • Editorial changes
|Document Title | Specification of Secure Onboard Communication Protocol|
|:--|:--|
|Document Owner |AUTOSAR|
|Document Responsibility |AUTOSAR|
|Document Identification No |969|
|Document Status| published|
|Part of AUTOSAR Standard |Foundation|
|Part of Standard Release |R21-11|
Document Change R21 - 11
no content changes(20-11がinitial release)
そんな。initial releaseから見直しがないなんて。
NISTのURLはだいぶ前に変わっているのに変更がない。とっても残念な人たちなのだろうか。
あるいは、そんなことは自分で調べろっていう競争領域なのだろうか。
あるいは、そんなことができないやつは、仕事するなっている敷居だろうか。
1.2.1 Constraints and assumptions
This chapter has no content.
英語が間違いなのか、英語の表現が間違いなのか、内容が間違いなのか、内容のないChapter(章)の見出しがあるのはちょっと引いちゃう。
制約や仮定のないセキュリティは存在しないはずだし、、、。
Dependencies
[1] IEC 7498-1 The Basic Model, IEC Norm, 1994
[2] National Institute of Standards and Technology (NIST): FIPS-180-4, Secure Hash
Standard (SHS), March 2012, available electronically at http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf
https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf
[3] FIPS Pub 197: Advanced Encryption Standard (AES), U.S. Department of Commerce, Information Technology Laboratory (ITL), National Institute of Standards
and Technology (NIST), Gaithersburg, MD, USA, Federal Information Processing
Standards Publication, 2001, electronically available at http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf
英日単語帳
日本語は仮訳
| no. | count | word | 日本語 |
|---|---|---|---|
| 1 | 659 | the | その |
| 2 | 308 | of | の |
| 3 | 194 | to | に |
| 4 | 181 | i | 私 |
| 5 | 180 | pdu | Protocol Data Unit(短縮名) |
| 6 | 163 | and | と |
| 7 | 142 | secoc | Secure Onboard Communication(短縮名) |
| 8 | 138 | freshness | 鮮度 |
| 9 | 135 | a | 一つの |
| 10 | 122 | authentication | 認証 |
| 11 | 120 | is | です |
| 12 | 120 | prs_secoc_ | prs_secoc_ |
| 13 | 97 | value | 価値 |
| 14 | 95 | in | の中に |
| 15 | 93 | secured | 確保 |
| 16 | 93 | shall | しなければならない |
| 17 | 86 | be | です |
| 18 | 66 | authentic | 本物 |
| 19 | 66 | length | 長さ |
| 20 | 63 | for | にとって |
| 21 | 60 | authenticator | 検証器 |
| 22 | 58 | data | 与件 |
| 23 | 58 | this | これ |
| 24 | 56 | by | に |
| 25 | 54 | c | c |
| 26 | 54 | module | 部品 |
| 27 | 53 | communication | 通信 |
| 28 | 52 | protocol | 規約 |
| 29 | 50 | or | または |
| 30 | 49 | parameter | 引数 |
| 31 | 49 | rs_main_ | rs_main_ |
| 32 | 47 | not | いいえ |
| 33 | 45 | autosar | AUTomotive Open System Architecture(短縮名) |
| 34 | 44 | as | なので |
| 35 | 42 | secure | 安心 |
| 36 | 41 | mac | Message Authentication Code(短縮名) |
| 37 | 41 | that | それ |
| 38 | 41 | verification | 検証 |
| 39 | 39 | counter | 計数器 |
| 40 | 39 | document | 文書 |
| 41 | 39 | specification | 仕様 |
| 42 | 38 | used | 使った |
| 43 | 37 | an | 一つの |
| 44 | 37 | information | 情報 |
| 45 | 35 | configuration | 構成 |
| 46 | 34 | if | もし |
| 47 | 33 | message | 伝言 |
| 48 | 33 | onboard | 板上で |
| 49 | 32 | has | もつ |
| 50 | 32 | on | の上 |
| 51 | 31 | id | identifier, 識別子(短縮名) |
| 52 | 31 | r | r |
| 53 | 30 | algorithm | 算法 |
| 54 | 30 | are | それは |
| 55 | 30 | bits | binary digits(短縮名) |
| 56 | 28 | autosar_prs_secocprotocol | autosar_prs_secocprotocol |
| 57 | 28 | fo | foundation(短縮名) |
| 58 | 28 | it | それ |
| 59 | 27 | no | いいえ |
| 60 | 24 | from | から |
| 61 | 24 | truncated | 切り捨てた |
| 62 | 24 | with | と |
| 63 | 23 | build | 作る |
| 64 | 23 | cryptographic | 暗号 |
| 65 | 23 | dif | difference(短縮名) |
| 66 | 23 | function | 関数 |
| 67 | 23 | side | 側 |
| 68 | 21 | d | d |
| 69 | 21 | e | e |
| 70 | 21 | trunc | 切り捨て |
| 71 | 21 | use | 使用する |
| 72 | 19 | key | 鍵 |
| 73 | 19 | set | 設定する |
| 74 | 18 | case | 場合 |
| 75 | 18 | pdus | Protocol Data Units(短縮名) |
| 76 | 17 | error | 誤り |
| 77 | 17 | srs_bsw_ | srs_bsw_ |
| 78 | 16 | bit | 少し |
| 79 | 16 | example | 例 |
| 80 | 16 | verify | 確認 |
| 81 | 15 | all | すべて |
| 82 | 15 | note | 覚書 |
| 83 | 15 | part | 部 |
| 84 | 14 | at | で |
| 85 | 14 | fips | Federal Information Processing Standards(短縮名) |
| 86 | 14 | nist | National Institute of Standards and Technology(短縮名) |
| 87 | 14 | profile | 横顔 |
| 88 | 14 | received | 受け取った |
| 89 | 14 | receiver | 受信器 |
| 90 | 13 | layer | 層 |
| 91 | 13 | security | 安全 |
| 92 | 13 | specific | 明確 |
| 93 | 13 | transmission | 転送 |
| 94 | 12 | any | どれか |
| 95 | 12 | each | 各 |
| 96 | 12 | g | g |
| 97 | 12 | info | 情報 |
| 98 | 12 | its | これは |
| 99 | 12 | only | それだけ |
| 100 | 12 | payload | 負荷 |
| 101 | 12 | sending | 送信 |
| 102 | 12 | should | したほうがいい |
| 103 | 12 | signature | 署名 |
Reference
Glossary も 参考に入れましょう。
https://www.autosar.org/fileadmin/standards/foundation/22-11/AUTOSAR_TR_Glossary.pdf
1.3.2 Dependencies to other standards and norms に1−3を再掲している。2箇所に表記するのは無駄。
Referenceに4がある。URLの文書は廃止(withdraw)していて新しい文書がある。大きな違いは、最後の3ページのExamplesを削除している。
[1] IEC 7498-1 The Basic Model, IEC Norm, 1994
AUTOSARでよくある間違い。コピペして、確認していないことが分かる。
ISO/IEC 7498-1:1994
Information technology — Open Systems Interconnection — Basic Reference Model: The Basic Model
[2] FIPS-180-4, Secure Hash Standard (SHS),
March 2012, National Institute of Standards and Technology (NIST):
available electronically at
[3] FIPS Pub 197: Advanced Encryption Standard (AES),
U.S. Department of Com- merce, Information Technology Laboratory (ITL), National Institute of Standards and Technology (NIST), Gaithersburg, MD, USA, Federal Information Processing Standards Publication, 2001,
electronically available at
[4] NIST Special Publication 800-38B: Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication
Withdrawn on October 06, 2016. Superseded by SP 800-38B
SP 800-38B Recommendation for Block Cipher Modes of Operation: the CMAC Mode for Authentication
May 2005 (Updated 10/6/2016)
Appendix E: Bibliography on SP 800-38B
[1] J. Black, P. Rogaway, A Suggestion for Handling Arbitrary-Length Messages with the CBC MAC, Natl. Inst. Stand. Technol. [Web page], http://csrc.nist.gov/groups/ST/toolkit/BCM/workshops.html#01.
[2] J. Black, P. Rogaway, “CBC MACs for arbitrary-length messages: The three-key constructions,” in Advances in Cryptology—Crypto 2000, Lecture Notes in Computer Science, Vol. 1880, Mihir Bellare, ed., Springer-Verlag (2000), pp. 197–215. https://doi.org/10.1007/3-540-44598-6_12.
[3] FIPS Publication 197, The Advanced Encryption Standard (AES), U.S. DoC/NIST, November 26, 2001. http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf.
[4] FIPS Publication 198-1, The Keyed-Hash Message Authentication Code (HMAC), U.S. DoC/NIST, July 2008. http://csrc.nist.gov/publications/fips/fips198-1/FIPS-198- 1_final.pdf.
[5] T. Iwata, K. Kurosawa, OMAC: One-Key CBC MAC, Natl. Inst. Stand. Technol. [Web page], http://csrc.nist.gov/groups/ST/toolkit/BCM/modes_development.html.
[6] T. Iwata, K. Kurosawa, “OMAC: One-Key CBC MAC,” in Fast Software Encryption, 10th International Workshop, FSE 2003, Lecture Notes in Computer Science, Vol. 2887, Thomas Johansson, ed., Springer-Verlag (2003), pp. 129–153.
https://doi.org/10.1007/978-3-540-39887-5_11.
[7] T. Iwata, K. Kurosawa, OMAC: One-Key CBC MAC—Addendum, Natl. Inst. Stand. Technol. [Web page],
http://csrc.nist.gov/groups/ST/toolkit/BCM/modes_development.html.
[8] T. Iwata, K. Kurosawa, Stronger Security Bounds for OMAC, TMAC, and XCBC, Natl. Inst. Stand. Technol. [Web page], http://csrc.nist.gov/groups/ST/toolkit/BCM/comments.html.
[9] A. Menezes, P. van Oorschot, S. Vanstone, Handbook of Applied Cryptography, CRC Press, Inc., Boca Raton (1996).
[10] NIST Special Publication 800-67 Revision 1, Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher, January 2012, Natl. Inst. Stand. Technol. [Web page],
https://doi.org/10.6028/NIST.SP.800-67r1.
short name, term
aka(also known as) Acronyms and abbreviations
| Term | Description |
|---|---|
| SecOC | Secure Onboard Communication |
| MAC | Message Authentication Code |
| FV | Freshness Value |
| FM | Freshness Manager |
| Authentic I-PDU | An Authentic I-PDU is an arbitrary AUTOSAR I-PDU the content of which is secured during network transmission by means of the Secured I-PDU. The secured content comprises the complete IPDU or a part of the I-PDU. |
| Authentication | Authentication is a service related to identification. This function applies to both entities and information itself. Two parties entering into a communication should identify each other. Information delivered over a channel should be authenticated as to origin, date of origin, data content, time sent, etc. For these reasons, this aspect of cryptography is usually subdivided into two major classes: entity authentication and data origin authentication. Data origin authentication implicitly provides data integrity (for if a message is modified, the source has changed). |
| Authentication Information | The Authentication Information consists of a Freshness Value (or a part thereof) and an Authenticator (or a part thereof). Authentication Information are the additional pieces of information that are added by SecOC to realize the Secured I-PDU. |
| Authenticator | Authenticator is data that is used to provide message authentication. In general, the term Message Authentication Code (MAC) is used for symmetric approaches while the term Signature or Digital Signature refers to asymmetric approaches having different properties and constraints. |
| Data integrity | Data integrity is the property whereby data has not been altered in an unauthorized manner since the time it was created, transmitted, or stored by an authorized source. To assure data integrity, one should have the ability to detect data manipulation by unauthorized parties. Data manipulation includes such things as insertion, deletion, and substitution. |
| Data origin authentication | Data origin authentication is a type of authentication whereby a party is corroborated as the (original) source of specified data created at some (typically unspecified) time in the past. By definition, data origin authentication includes data integrity. |
| Distinction unilateral / bilateral authentication | In unilateral authentication, one side proves identity. The requesting side is not even authenticated to the extent of proving that it is allowed to request authentication. In bilateral authentication, the requester is also authenticated at least (see below) to prove the privilege of requesting. There is an efficient and more secure way to authenticate both endpoints, based on the bilateral authentication described above. Along with the authentication (in the second message) requested initially by the receiver (in the first message), the sender also requests an authentication. The receiver sends a third message providing the authentication requested by the sender. This is only three messages (in contrast to four with two unilateral messages). |
| Entity authentication | Entity authentication is the process whereby one party is assured (through acquisition of corroborative evidence) of the identity of a second party involved in a protocol, and that the second has actually participated (i.e., is active at, or immediately prior to, the time the evidence is acquired). Note: Entity authentication means to prove presence and operational readiness of a communication endpoint. This is for example often done by proving access to a cryptographic key and knowledge of a secret. It is necessary to do this without disclosing either key or secret. Entity authentication can be used to prevent record-and-replay attacks. Freshness of messages only complicates them by the need to record a lifetime and corrupt either senders or receivers (real-time) clock. Entity authentication is triggered by the receiver, i.e. the one to be convinced, while the sender has to react by convincing. Record and replay attacks on entity authentication are usually prevented by allowing the receiver some control over the authentication process. In order to prevent the receiver from using this control for steering the sender to malicious purposes or from determining a key or a secret ("oracle attack"), the sender can add more randomness. If not only access to a key (implying membership to a privileged group) but also individuality is to be proven, the sender additionally adds and authenticates its unique identification. |
| Message authentication | Message authentication is a term used analogously with data origin authentication. It provides data origin authentication with respect to the original message source (and data integrity, but no uniqueness and timeliness guarantees). |
| Secured I-PDU | A Secured I-PDU is an AUTOSAR I-PDU that contains Payloadof an Authentic I-PDU supplemented by additional Authentication Information. |
| Transaction authentication | Transaction authentication denotes message authentication augmented to additionally provide uniqueness and timeliness guarantees on data (thus preventing undetectable message replay). |
SecOC Profile
5.4.2 SecOC Profile 1 (or 24Bit-CMAC-8Bit-FV)
5.4.3 SecOC Profile 2 (or 24Bit-CMAC-No-FV)
5.4.4 SecOC Profile 3 (or JASPAR)
誤
[1] IEC 7498-1 The Basic Model, IEC Norm, 1994
正
[1] ISO 7498-1 The Basic Model, IEC Norm, 1994
関連文書(Related document)
AUTOSAR Abstract Platformへの道(詳細編)
2023年1月 記事数一覧
年末100記事を30点に仕上げる。
2023 書き初め
「はじめてのCAN/CANFD 」 ベクタージャパン <エンジニア夏休み企画>【読書感想文】
三方良し Udemy 車載LAN入門講座 CAN通信編
詳解 車載ネットワーク CAN, CAN FD, LIN, CXPI, Ethernetの仕組みと設計のために(1) 著者 <エンジニア夏休み企画 読書感想文>
詳解 車載ネットワーク CAN, CAN FD, LIN, CXPI, Ethernetの仕組みと設計のために(2)参考文献 <エンジニア夏休み企画>【読書感想文】
詳解 車載ネットワーク CAN、CAN FD、LIN、CXPI、Ethernetの仕組みと設計のために
AUTOSAR Abstract Platform User Group Weekly Report(1) 2022.1.8
AUTOSAR Abstract Platform User Group Weekly Report(2) 2022.1.15
overlapped definition in AUTOSAR short name. over 50.:英語(49)
短縮名。用語の衝突(用語・用例募集中)。英語(3) 仮説(88)
更新資料 Abstract Platform, Vehicle Modelへの対応版
Specification of Secure Onboard Communication Protocol(SecOC) , AUTOSAR 969, R22-11, FO, 20230421
https://qiita.com/kaizen_nagoya/items/9d92eeda5b64b6a5a5f2
<この記事は個人の過去の経験に基づく個人の感想です。現在所属する組織、業務とは関係がありません。>
文書履歴(document history)
ver. 0.01 初稿 20221209
ver. 0.02 URL追記 20230210
最後までおよみいただきありがとうございました。
いいね 💚、フォローをお願いします。
Thank you very much for reading to the last sentence.
Please press the like icon 💚 and follow me for your happy life.