评估攻击对汽车以太网时间同步试验台的影响

2023 IEEE Vehicular Networking Conference (VNC) Pub Date : 2023-04-26 DOI:10.1109/VNC57357.2023.10136275

Mahdi Fotouhi, Alessio Buscemi, Abdelwahab Boualouache, Florian Jomrich, Christian Koebel, T. Engel

{"title":"评估攻击对汽车以太网时间同步试验台的影响","authors":"Mahdi Fotouhi, Alessio Buscemi, Abdelwahab Boualouache, Florian Jomrich, Christian Koebel, T. Engel","doi":"10.1109/VNC57357.2023.10136275","DOIUrl":null,"url":null,"abstract":"Time Sensitive Network (TSN) standards are gaining traction in the scientific community and automotive Original Equipment Manufacturers (OEMs) due their promise of deterministic Ethernet networking. Among these standards, Generalized Precision Time Protocol (gPTP) - IEEE 802.1AS - allows network devices to be synchronized with a precision far higher than other synchronization standards, such as Network Time Protocol (NTP). gPTP is a profile of Precision Time Protocol (PTP) which, due to its robustness to delay variations, has been designated for automotive applications. Nonetheless, gPTP was designed without security controls, which makes it vulnerable to a number of attacks. This work reveals a critical vulnerability caused by a common implementation practice that opens the door to spoofing attacks on gPTP. To assess the impact of this vulnerability, we built two real gPTP-capable testbeds. Our results show high risks of this vulnerability destabilizing the system functionality.","PeriodicalId":185840,"journal":{"name":"2023 IEEE Vehicular Networking Conference (VNC)","volume":"26 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-04-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Assessing the Impact of Attacks on an Automotive Ethernet Time Synchronization Testbed\",\"authors\":\"Mahdi Fotouhi, Alessio Buscemi, Abdelwahab Boualouache, Florian Jomrich, Christian Koebel, T. Engel\",\"doi\":\"10.1109/VNC57357.2023.10136275\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Time Sensitive Network (TSN) standards are gaining traction in the scientific community and automotive Original Equipment Manufacturers (OEMs) due their promise of deterministic Ethernet networking. Among these standards, Generalized Precision Time Protocol (gPTP) - IEEE 802.1AS - allows network devices to be synchronized with a precision far higher than other synchronization standards, such as Network Time Protocol (NTP). gPTP is a profile of Precision Time Protocol (PTP) which, due to its robustness to delay variations, has been designated for automotive applications. Nonetheless, gPTP was designed without security controls, which makes it vulnerable to a number of attacks. This work reveals a critical vulnerability caused by a common implementation practice that opens the door to spoofing attacks on gPTP. To assess the impact of this vulnerability, we built two real gPTP-capable testbeds. Our results show high risks of this vulnerability destabilizing the system functionality.\",\"PeriodicalId\":185840,\"journal\":{\"name\":\"2023 IEEE Vehicular Networking Conference (VNC)\",\"volume\":\"26 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-04-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2023 IEEE Vehicular Networking Conference (VNC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/VNC57357.2023.10136275\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 IEEE Vehicular Networking Conference (VNC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/VNC57357.2023.10136275","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

时间敏感网络(TSN)标准由于其对确定性以太网网络的承诺，在科学界和汽车原始设备制造商(oem)中获得了越来越多的关注。在这些标准中，gPTP (Generalized Precision Time Protocol)——IEEE 802.1AS——允许网络设备以远高于其他同步标准(如NTP)的精度进行同步。gPTP是精确时间协议(PTP)的一种配置文件，由于其对延迟变化的鲁棒性，已被指定用于汽车应用。尽管如此，gPTP在设计时没有安全控制，这使得它容易受到许多攻击。这项工作揭示了一个由常见实现实践引起的关键漏洞，该实践为针对gPTP的欺骗攻击打开了大门。为了评估这个漏洞的影响，我们构建了两个真正支持gptp的测试平台。我们的结果显示了这个漏洞破坏系统功能的高风险。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Assessing the Impact of Attacks on an Automotive Ethernet Time Synchronization Testbed

Time Sensitive Network (TSN) standards are gaining traction in the scientific community and automotive Original Equipment Manufacturers (OEMs) due their promise of deterministic Ethernet networking. Among these standards, Generalized Precision Time Protocol (gPTP) - IEEE 802.1AS - allows network devices to be synchronized with a precision far higher than other synchronization standards, such as Network Time Protocol (NTP). gPTP is a profile of Precision Time Protocol (PTP) which, due to its robustness to delay variations, has been designated for automotive applications. Nonetheless, gPTP was designed without security controls, which makes it vulnerable to a number of attacks. This work reveals a critical vulnerability caused by a common implementation practice that opens the door to spoofing attacks on gPTP. To assess the impact of this vulnerability, we built two real gPTP-capable testbeds. Our results show high risks of this vulnerability destabilizing the system functionality.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2023 IEEE Vehicular Networking Conference (VNC)

自引率

0.00%

发文量