一种用于汽车固件升级的分层安全方法

IF 5.2 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of King Saud University-Computer and Information Sciences Pub Date : 2024-12-01 DOI:10.1016/j.jksuci.2024.102258

Feng Luo , Zhihao Li , Jiajia Wang , Cheng Luo , Hongqian Liu , Dengcheng Liu

{"title":"一种用于汽车固件升级的分层安全方法","authors":"Feng Luo , Zhihao Li , Jiajia Wang , Cheng Luo , Hongqian Liu , Dengcheng Liu","doi":"10.1016/j.jksuci.2024.102258","DOIUrl":null,"url":null,"abstract":"<div><div>With the development of intelligent and connected vehicles, the expansion of software necessitates an increased significance and frequency of automotive firmware upgrades. The abundance of potential attack vectors and valuable data renders these upgrades enticing targets for attackers. However, the prevailing security services used for automotive firmware upgrades are no longer sufficient to meet security requirements. Hence, this paper proposes a Secure Automotive Firmware Upgrade Approach (SAFUA), aimed at enhancing authentication and communication security during automotive firmware upgrades. To address the heterogeneous performance of in-vehicle nodes and diverse application contexts, this approach introduces multiple authentication modes tailored to various upgrade scenarios. Moreover, hierarchical authentication and secure communication strategies are designed to achieve a balance between security and efficiency requirements. Consolidating these methodologies, a standardized automotive firmware upgrade process is delineated. Formal and informal verification of the proposed approach is conducted to attest its security efficacy. Furthermore, a simulated vehicular environment is constructed to evaluate the temporal and spatial efficiency of the approach across diverse bus and device configurations. The results confirm the adaptability of the secure upgrade approach outlined herein to the automotive firmware upgrade landscape, offering robust security alongside enhanced upgrade efficiency.</div></div>","PeriodicalId":48547,"journal":{"name":"Journal of King Saud University-Computer and Information Sciences","volume":"36 10","pages":"Article 102258"},"PeriodicalIF":5.2000,"publicationDate":"2024-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A hierarchical and secure approach for automotive firmware upgrades\",\"authors\":\"Feng Luo , Zhihao Li , Jiajia Wang , Cheng Luo , Hongqian Liu , Dengcheng Liu\",\"doi\":\"10.1016/j.jksuci.2024.102258\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>With the development of intelligent and connected vehicles, the expansion of software necessitates an increased significance and frequency of automotive firmware upgrades. The abundance of potential attack vectors and valuable data renders these upgrades enticing targets for attackers. However, the prevailing security services used for automotive firmware upgrades are no longer sufficient to meet security requirements. Hence, this paper proposes a Secure Automotive Firmware Upgrade Approach (SAFUA), aimed at enhancing authentication and communication security during automotive firmware upgrades. To address the heterogeneous performance of in-vehicle nodes and diverse application contexts, this approach introduces multiple authentication modes tailored to various upgrade scenarios. Moreover, hierarchical authentication and secure communication strategies are designed to achieve a balance between security and efficiency requirements. Consolidating these methodologies, a standardized automotive firmware upgrade process is delineated. Formal and informal verification of the proposed approach is conducted to attest its security efficacy. Furthermore, a simulated vehicular environment is constructed to evaluate the temporal and spatial efficiency of the approach across diverse bus and device configurations. The results confirm the adaptability of the secure upgrade approach outlined herein to the automotive firmware upgrade landscape, offering robust security alongside enhanced upgrade efficiency.</div></div>\",\"PeriodicalId\":48547,\"journal\":{\"name\":\"Journal of King Saud University-Computer and Information Sciences\",\"volume\":\"36 10\",\"pages\":\"Article 102258\"},\"PeriodicalIF\":5.2000,\"publicationDate\":\"2024-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of King Saud University-Computer and Information Sciences\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S1319157824003471\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of King Saud University-Computer and Information Sciences","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1319157824003471","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

随着智能网联汽车的发展，软件的扩展要求汽车固件升级的重要性和频率增加。丰富的潜在攻击向量和有价值的数据使这些升级成为攻击者的诱人目标。然而，目前用于汽车固件升级的安全服务已不足以满足安全需求。为此，本文提出了一种安全的汽车固件升级方法（SAFUA），旨在提高汽车固件升级过程中的身份验证和通信安全性。为了解决车载节点的异构性能和各种应用程序上下文的问题，该方法引入了针对各种升级场景量身定制的多种身份验证模式。此外，还设计了分层身份验证和安全通信策略，以实现安全性和效率需求之间的平衡。整合这些方法，描述了标准化的汽车固件升级过程。对所提出的方法进行了正式和非正式的验证，以证明其安全有效性。此外，还构建了一个模拟车辆环境来评估该方法在不同总线和设备配置下的时空效率。结果证实了本文概述的安全升级方法对汽车固件升级领域的适应性，在提高升级效率的同时提供强大的安全性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A hierarchical and secure approach for automotive firmware upgrades

With the development of intelligent and connected vehicles, the expansion of software necessitates an increased significance and frequency of automotive firmware upgrades. The abundance of potential attack vectors and valuable data renders these upgrades enticing targets for attackers. However, the prevailing security services used for automotive firmware upgrades are no longer sufficient to meet security requirements. Hence, this paper proposes a Secure Automotive Firmware Upgrade Approach (SAFUA), aimed at enhancing authentication and communication security during automotive firmware upgrades. To address the heterogeneous performance of in-vehicle nodes and diverse application contexts, this approach introduces multiple authentication modes tailored to various upgrade scenarios. Moreover, hierarchical authentication and secure communication strategies are designed to achieve a balance between security and efficiency requirements. Consolidating these methodologies, a standardized automotive firmware upgrade process is delineated. Formal and informal verification of the proposed approach is conducted to attest its security efficacy. Furthermore, a simulated vehicular environment is constructed to evaluate the temporal and spatial efficiency of the approach across diverse bus and device configurations. The results confirm the adaptability of the secure upgrade approach outlined herein to the automotive firmware upgrade landscape, offering robust security alongside enhanced upgrade efficiency.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Journal of King Saud University-Computer and Information Sciences COMPUTER SCIENCE, INFORMATION SYSTEMS-

CiteScore

10.50

自引率

8.70%

发文量

656

审稿时长

29 days

期刊介绍： In 2022 the Journal of King Saud University - Computer and Information Sciences will become an author paid open access journal. Authors who submit their manuscript after October 31st 2021 will be asked to pay an Article Processing Charge (APC) after acceptance of their paper to make their work immediately, permanently, and freely accessible to all. The Journal of King Saud University Computer and Information Sciences is a refereed, international journal that covers all aspects of both foundations of computer and its practical applications.