网联自动驾驶汽车的零信任架构

IF 3.7 4区计算机科学 Q1 COMPUTER SCIENCE, SOFTWARE ENGINEERING

IEEE Internet Computing Pub Date : 2023-09-01 DOI:10.1109/MIC.2023.3304893

John Anderson, Qiqing Huang, Long Cheng, Hongxin Hu

{"title":"网联自动驾驶汽车的零信任架构","authors":"John Anderson, Qiqing Huang, Long Cheng, Hongxin Hu","doi":"10.1109/MIC.2023.3304893","DOIUrl":null,"url":null,"abstract":"Connected and autonomous vehicles (CAVs) are the future of personal and public transportation, but many security issues exist related to the communication and activity of such transportation means. Beyond the obvious, these security issues raise important safety concerns for a CAV’s human occupants. Our focus is on the ubiquitous use of controller area network (CAN) bus technology for internal vehicle networks (IVNs) and how we can secure them with the rigid implementation of zero trust. Through an analysis of current threat vectors, we propose a zero-trust architecture to fundamentally protect the individual components that make up a CAV’s sensor and control network through the use of the CAN bus. We use a simulated environment to show how our architectural approach provides net benefits and offer thoughts on the application of the architecture to IVN use cases but also how it might be expanded to inter-CAV communication in the future.","PeriodicalId":13121,"journal":{"name":"IEEE Internet Computing","volume":" ","pages":"7-14"},"PeriodicalIF":3.7000,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A Zero-Trust Architecture for Connected and Autonomous Vehicles\",\"authors\":\"John Anderson, Qiqing Huang, Long Cheng, Hongxin Hu\",\"doi\":\"10.1109/MIC.2023.3304893\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Connected and autonomous vehicles (CAVs) are the future of personal and public transportation, but many security issues exist related to the communication and activity of such transportation means. Beyond the obvious, these security issues raise important safety concerns for a CAV’s human occupants. Our focus is on the ubiquitous use of controller area network (CAN) bus technology for internal vehicle networks (IVNs) and how we can secure them with the rigid implementation of zero trust. Through an analysis of current threat vectors, we propose a zero-trust architecture to fundamentally protect the individual components that make up a CAV’s sensor and control network through the use of the CAN bus. We use a simulated environment to show how our architectural approach provides net benefits and offer thoughts on the application of the architecture to IVN use cases but also how it might be expanded to inter-CAV communication in the future.\",\"PeriodicalId\":13121,\"journal\":{\"name\":\"IEEE Internet Computing\",\"volume\":\" \",\"pages\":\"7-14\"},\"PeriodicalIF\":3.7000,\"publicationDate\":\"2023-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Internet Computing\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1109/MIC.2023.3304893\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, SOFTWARE ENGINEERING\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Internet Computing","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1109/MIC.2023.3304893","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}

引用次数: 0

摘要

联网和自动驾驶汽车（CAV）是个人和公共交通的未来，但存在许多与此类交通工具的通信和活动有关的安全问题。除了显而易见的之外，这些安全问题还为CAV的人类乘员提出了重要的安全问题。我们的重点是控制器局域网（CAN）总线技术在内部车辆网络（IVN）中的普遍使用，以及我们如何通过严格实现零信任来保护它们。通过对当前威胁向量的分析，我们提出了一种零信任架构，通过使用CAN总线从根本上保护组成CAV传感器和控制网络的各个组件。我们使用模拟环境来展示我们的体系结构方法如何提供净效益，并就体系结构在IVN用例中的应用以及未来如何扩展到CAV间通信提供想法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A Zero-Trust Architecture for Connected and Autonomous Vehicles

Connected and autonomous vehicles (CAVs) are the future of personal and public transportation, but many security issues exist related to the communication and activity of such transportation means. Beyond the obvious, these security issues raise important safety concerns for a CAV’s human occupants. Our focus is on the ubiquitous use of controller area network (CAN) bus technology for internal vehicle networks (IVNs) and how we can secure them with the rigid implementation of zero trust. Through an analysis of current threat vectors, we propose a zero-trust architecture to fundamentally protect the individual components that make up a CAV’s sensor and control network through the use of the CAN bus. We use a simulated environment to show how our architectural approach provides net benefits and offer thoughts on the application of the architecture to IVN use cases but also how it might be expanded to inter-CAV communication in the future.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

IEEE Internet Computing 工程技术-计算机：软件工程

CiteScore

7.60

自引率

0.00%

发文量

审稿时长

6-12 weeks

期刊介绍： This magazine provides a journal-quality evaluation and review of Internet-based computer applications and enabling technologies. It also provides a source of information as well as a forum for both users and developers. The focus of the magazine is on Internet services using WWW, agents, and similar technologies. This does not include traditional software concerns such as object-oriented or structured programming, or Common Object Request Broker Architecture (CORBA) or Object Linking and Embedding (OLE) standards. The magazine may, however, treat the intersection of these software technologies with the Web or agents. For instance, the linking of ORBs and Web servers or the conversion of KQML messages to object requests are relevant technologies for this magazine. An article strictly about CORBA would not be. This magazine is not focused on intelligent systems. Techniques for encoding knowledge or breakthroughs in neural net technologies are outside its scope, as would be an article on the efficacy of a particular expert system. Internet Computing focuses on technologies and applications that allow practitioners to leverage off services to be found on the Internet.