CINNAMON: A Module for AUTOSAR Secure Onboard Communication 英語（８２）

arXivに投稿するか、自動車技術会に投稿するか
https://qiita.com/kaizen_nagoya/items/e6ac8489a7a05de9a791

で参照した論文を、arXiveか自動車技術会に投稿できるような準備のために解読していく。

SimSched: A tool for Simulating Autosar Implementaion in Simulink
https://arxiv.org/abs/2308.14974

<この項は書きかけです。順次追記します。>
This article is not completed. I will add some words in order.

ABSTRACT

This paper introduces CINNAMON, a software module that extends and seamlessly integrates with the AU- TOSAR “Secure Onboard Communication” (SecOC) module [3], [5] to also account for confidentiality of data in transit.
It stands for Confidential, INtegral aNd Authentic on board coMunicatiON (CINNAMON). It takes a resource-efficient and practical approach to ensure, at the same time, confidentiality, integrity and authenticity of frames. The main new requirement that CINNAMON puts forward is the use of encryption and thus, as a result, CINNAMON exceeds SecOC against information gathering attacks.
This paper sets forth the essential requirements and specification of the new module by detailing where and how to position it within AUTOSAR and by emphasizing the relevant upgrades with respect to SecOC. The presentation continues with the definition of a Security Profile and a summary of a prototype implementation of ours [8], [9]. While CINNAMON is easily ex- tensible, for example through the definition of additional profiles, the current performances obtained on inexpensive boards support the claim that the approach is feasible.

仮訳

この論文は、AUTOSAR の「Secure Onboard Communication」(SecOC) [3]、[5] を拡張し継ぎ目なくに統合し、転送中の与件の機密性を考慮するソフトウェア部品CINNAMON を紹介します。Confidential、INTegral and Authentic onboard communication (CINNAMON) の略です。 フレームの機密性、完全性、信頼性を同時に確保するには、資源効率が高く実用的な方法が必要です。 CINNAMON が提唱する主な新しい要件は暗号化の使用であり、その結果、CINNAMON は情報収集攻撃に対して SecOC を上回ります。
この文書では、新しい部品を AUTOSAR 内でどこにどのように位置付けるかを詳細に説明し、SecOC に関する格上げを強調し、新しい部品の必須要件と仕様を説明します。次に、セキュリティ プロファイルの定義と、私たちのプロトタイプ実装の概要を述べます [8]、[9]。 CINNAMON は、追加の横顔を定義して簡単に拡張できます。安価なボードでの効率は、この方法が実現可能であるという主張を裏付けています。

Index Terms

Automotive, Vehicle, CAN Bus, Cybersecurity, Data Protection.

REFERENCES

[1] Embedded Systems Academy. CANcrypt. https://www.cancrypt.eu/, 2018.
[2] ARM. Arm TrustZone Technology, 2020.
[3] AUTOSAR. Requirements on Secure Onboard Communication, 2019. [4] AUTOSAR. Specification of Key Manager, 2019.
[5] AUTOSAR. Specification of Secure Onboard Communication AU-
TOSAR CP R19-11, 2019.
[6] BBC. Hack attacks mounted on car control systems. https://www.bbc.
com/news/10119492, 2010.
[7] Ray Beaulieu, Douglas Shors, Jason Smith, Stefan Treatman-Clark,
Bryan Weeks, and Louis Wingers. The simon and speck families of lightweight block ciphers. Cryptology ePrint Archive, Report 2013/404, 2013. https://eprint.iacr.org/2013/404.
[8] Giampaolo Bella, Pietro Biondi, Gianpiero Costantino, and Ilaria Mat- teucci. Are you secure in your car?: poster. In Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2019, Miami, Florida, USA, May 15-17, 2019, pages 308–309. ACM, 2019.
[9] Giampaolo Bella, Pietro Biondi, Gianpiero Costantino, and Ilaria Mat- teucci. TOUCAN: A protocol to secure controller area network. In Proceedings of the ACM Workshop on Automotive Cybersecurity, AutoSec@CODASPY 2019, Richardson, TX, USA, March 27, 2019, pages 3–8, 2019.
[10] CinziaBernardeschi,MarcoDiNatale,GianlucaDini,andDarioVarano. Modeling and generation of secure component communications in AUTOSAR. In Proceedings of the Symposium on Applied Computing, SAC ’17, page 1473–1480, New York, NY, USA, 2017. Association for Computing Machinery.
[11] Mario Luca Bernardi, Marta Cimitile, Fabio Martinelli, and Francesco Mercaldo. Driver and Path Detection through Time-Series Classification. Journal of Advanced Transportation, 2018:1–20, 2018.
[12] Charlie Miller Chris Valasek. Adventures in Automotive Networks and Control Units, 2020.
[13] Lucian Constantin. Researchers hack Tesla Model S with remote attack. https://www.pcworld.com/article/3121999/ researchers- demonstrate- remote- attack- against- tesla- model- s.html, 2016.
[14] National Instruments Corporation. FlexRay Automotive Communication Bus Overview, 2020.
[15] Gianpiero Costantino and Ilaria Matteucci. CANDY CREAM - hacking infotainment android systems to command instrument cluster via can data frame. In Meikang Qiu, editor, 2019 IEEE International Conference on Computational Science and Engineering, CSE 2019, and IEEE International Conference on Embedded and Ubiquitous Computing, EUC 2019, New York, NY, USA, August 1-3, 2019, pages 476–481. IEEE, 2019.
[16] Luca Dariz, Michele Selvatici, Massimiliano Ruggeri, Gianpiero Costantino, and Fabio Martinelli. Trade-off analysis of safety and security in CAN bus communication. In 5th IEEE International Conference on Models and Technologies for Intelligent Transportation Systems, MT-ITS 2017, Naples, Italy, June 26-28, 2017, pages 226–231. IEEE, 2017.
[17] European Data Protection Board. Guidelines 1/2020 on processing personal data in the context of connected vehicles and mobility related applications. https://edpb.europa.eu/sites/edpb/files/consultation/edpb guidelines 202001 connectedvehicles.pdf, 2020.
[18] Bogdan Groza, Stefan Murvay, Anthony Van Herrewege, and Ingrid Verbauwhede. Libra-can: a lightweight broadcast authentication protocol for controller area networks. In International Conference on Cryptology and Network Security, pages 185–200, Cham, 2012. Springer.
[19] Ahmed Hazem and HA Fahmy. Lcap-a lightweight can authentication protocol for securing in-vehicle networks. In 10th escar Embedded Security in Cars Conference, Berlin, Germany, volume 6, 2012.
[20] International Organization for Standardization. ISO/IEC 11889-1:2015 - Trusted Platform Module library. https://www.iso.org/standard/66510. html, 2015.
[21] International Organization for Standardization. Road vehicles — Con- troller area network (CAN) — Part 1: Data link layer and physical signalling. https://www.iso.org/standard/63648.html, 2015.
[22] Jeff Crume. OwnStar: Yet another car hack.
https://insideinternetsecurity.wordpress.com/2015/08/05/ ownstar-yet-another-car-hack/, 2015.
[23] Ryo Kurachi, Yutaka Matsubara, Hiroaki Takada, Naoki Adachi, Yuki- hiro Miyashita, and Satoshi Horihata. Cacan-centralized authentication system in can (controller area network). In 14th Int. Conf. on Embedded Security in Cars (ESCAR 2014), 2014.
[24] Miro Enev, Alex Takakuwa, Karl Koscher, and Tadayoshi Kohno. Automobile Driver Fingerprinting. https://petsymposium.org/2016/files/ papers/Automobile Driver Fingerprinting.pdf, 2016.
[25] Nicky Mouha, Bart Mennink, Anthony Van Herrewege, Dai Watanabe, Bart Preneel, and Ingrid Verbauwhede. Chaskey: An efficient mac algorithm for 32-bit microcontrollers. In Antoine Joux and Amr Youssef, editors, Selected Areas in Cryptography – SAC 2014, pages 306–323, Cham, 2014. Springer International Publishing.
[26] O.Hartkopp, C. Reuber, and R.Schilling. Macan message authenticated can. 2012.
[27] Andreea-Ina Radu and Flavio D. Garcia. Leia: A lightweight authen- tication protocol for can. In Ioannis Askoxylakis, Sotiris Ioannidis, Sokratis Katsikas, and Catherine Meadows, editors, Computer Security – ESORICS 2016, pages 283–300, Cham, 2016. Springer International Publishing.
[28] European Union. General Data Protection Regulation(EU Regulation 2016/679). https://eur- lex.europa.eu/legal- content/EN/TXT/PDF/?uri= OJ:L:2016:119:FULL, 2016.
[29] Chris Valasek and Charlie Miller. Remote Exploitation of an Unaltered Passenger Vehicle. http://illmatics.com/Remote%20Car%20Hacking. pdf, 2015.
[30] Anthony Van Herrewege, Dave Singelee, and Ingrid Verbauwhede. Canauth-a simple, backward compatible broadcast authentication pro- tocol for can bus. In ECRYPT Workshop on Lightweight Cryptography. Vol. 2011., 2011.
[31] Serge Vaudenay. Security flaws induced by cbc padding — applications to ssl, ipsec, wtls... In Lars R. Knudsen, editor, Advances in Cryptol- ogy — EUROCRYPT 2002, pages 534–545, Berlin, Heidelberg, 2002. Springer Berlin Heidelberg.
[32] Vector. Solutions for Automotive Ethernet. https://www.vector.com/int/ en/know- how/technologies/networks/automotive- ethernet/, 2020.
[33] Xuhang Ying, Giuseppe Bernieri, Mauro Conti, and Radha Poovendran. TACAN: transmitter authentication through covert channels in controller area networks. CoRR, abs/1903.05231, 2019.
[34] Artem Yushev, Mohammed Barghash, Minh Phuong Nguyen, Andreas Walz, and Axel Sikora. Tls-over-can: An experimental study of internet- grade end-to-end communication security for can networks. IFAC- PapersOnLine, 51(6):96 – 101, 2018. 15th IFAC Conference on Programmable Devices and Embedded Systems PDeS 2018.
[35] Tobias Ziermann, Stefan Wildermann, and Ju ̈rgen Teich. Can+: A new backward-compatible controller area network (can) protocol with up to 16x higher data rates. In Proceedings of the Conference on Design, Automation and Test in Europe, pages 1088–1093. European Design and Automation Association, 2009.

自己参照

AUTOSAR 文書番号
https://qiita.com/kaizen_nagoya/items/8b894228a0b76c2265c7

AUTOSAR R23-11 記憶の記録
https://qiita.com/kaizen_nagoya/items/701bc800b5f137e51a36

AUTOSAR Countdown Calendar 2023
https://qiita.com/advent-calendar/2023/autosar

AUTOSAR Abstract Platformへの道 R22-11
https://qiita.com/kaizen_nagoya/items/8ac2826635a8c536c7ec

自動車　記事　１００
https://qiita.com/kaizen_nagoya/items/f7f0b9ab36569ad409c5

Basic principles, ボッシュ自動車handbook(英語)11版まとめ<2>
https://qiita.com/kaizen_nagoya/items/24a1ba5da3d09b2a95d1

JAXA/IPA クリティカルソフトウェアワークショップ WOCS言語関連発表(改定版)
https://qiita.com/kaizen_nagoya/items/4789832baf494cb74626

英語(0) 一覧
https://qiita.com/kaizen_nagoya/items/680e3f5cbf9430486c7d

Error一覧 error(0)
https://qiita.com/kaizen_nagoya/items/48b6cbc8d68eae2c42b8

プログラマが知っていると良い「公序良俗」
https://qiita.com/kaizen_nagoya/items/9fe7c0dfac2fbd77a945

Ethernet 記事一覧　Ethernet(0)
https://qiita.com/kaizen_nagoya/items/88d35e99f74aefc98794

Wireshark 一覧 wireshark(0)、Ethernet(48)
https://qiita.com/kaizen_nagoya/items/fbed841f61875c4731d0

線網（Wi-Fi）空中線(antenna)(0) 記事一覧(118/300目標)
https://qiita.com/kaizen_nagoya/items/5e5464ac2b24bd4cd001

通信記事１００
https://qiita.com/kaizen_nagoya/items/1d67de5e1cd207b05ef7

一覧の一覧( The directory of directories of mine.) Qiita(100)
https://qiita.com/kaizen_nagoya/items/7eb0e006543886138f39

＜この記事は個人の過去の経験に基づく個人の感想です。現在所属する組織、業務とは関係がありません。＞
This article is an individual impression based on the individual's experience. It has nothing to do with the organization or business to which I currently belong.

文書履歴(document history)

ver. 0.01 初稿 　20240308

最後までおよみいただきありがとうございました。

いいね　💚、フォローをお願いします。

Thank you very much for reading to the last sentence.

Please press the like icon 💚　and follow me for your happy life.