Abhimanyu Rawat, Mohammad Khodari, Mikael Asplund, A. Gurtov
{"title":"车载网络的去中心化固件认证","authors":"Abhimanyu Rawat, Mohammad Khodari, Mikael Asplund, A. Gurtov","doi":"10.1145/3418685","DOIUrl":null,"url":null,"abstract":"Today’s vehicles are examples of Cyber-Physical Systems (CPS) controlled by a large number of electronic control units (ECUs), which manage everything from heating to steering and braking. Due to the increasing complexity and inter-dependency of these units, it has become essential for an ECU to be able to ensure the integrity of the firmware running on other ECU’s to guarantee its own correct operation. Existing solutions for firmware attestation use a centralized approach, which means a single point of failure. In this article, we propose and investigate a decentralized firmware attestation scheme for the automotive domain. The basic idea of this scheme is that each ECU can attest to the state of those ECU’s on which it depends. Two flavors of ECU attestation, i.e., parallel and serial solution, were designed, implemented, and evaluated. The two variants were compared in terms of both detection performance (i.e., the ability to identify unauthorized firmware modifications) and timing performance. Our results show that the proposed scheme is feasible to implement and that the parallel solution showed a significant improvement in timing performance over the serial solution.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":"5 1","pages":"1 - 23"},"PeriodicalIF":2.0000,"publicationDate":"2020-12-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1145/3418685","citationCount":"0","resultStr":"{\"title\":\"Decentralized Firmware Attestation for In-Vehicle Networks\",\"authors\":\"Abhimanyu Rawat, Mohammad Khodari, Mikael Asplund, A. Gurtov\",\"doi\":\"10.1145/3418685\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Today’s vehicles are examples of Cyber-Physical Systems (CPS) controlled by a large number of electronic control units (ECUs), which manage everything from heating to steering and braking. Due to the increasing complexity and inter-dependency of these units, it has become essential for an ECU to be able to ensure the integrity of the firmware running on other ECU’s to guarantee its own correct operation. Existing solutions for firmware attestation use a centralized approach, which means a single point of failure. In this article, we propose and investigate a decentralized firmware attestation scheme for the automotive domain. The basic idea of this scheme is that each ECU can attest to the state of those ECU’s on which it depends. Two flavors of ECU attestation, i.e., parallel and serial solution, were designed, implemented, and evaluated. The two variants were compared in terms of both detection performance (i.e., the ability to identify unauthorized firmware modifications) and timing performance. Our results show that the proposed scheme is feasible to implement and that the parallel solution showed a significant improvement in timing performance over the serial solution.\",\"PeriodicalId\":7055,\"journal\":{\"name\":\"ACM Transactions on Cyber-Physical Systems\",\"volume\":\"5 1\",\"pages\":\"1 - 23\"},\"PeriodicalIF\":2.0000,\"publicationDate\":\"2020-12-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://sci-hub-pdf.com/10.1145/3418685\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ACM Transactions on Cyber-Physical Systems\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3418685\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Transactions on Cyber-Physical Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3418685","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS","Score":null,"Total":0}
Decentralized Firmware Attestation for In-Vehicle Networks
Today’s vehicles are examples of Cyber-Physical Systems (CPS) controlled by a large number of electronic control units (ECUs), which manage everything from heating to steering and braking. Due to the increasing complexity and inter-dependency of these units, it has become essential for an ECU to be able to ensure the integrity of the firmware running on other ECU’s to guarantee its own correct operation. Existing solutions for firmware attestation use a centralized approach, which means a single point of failure. In this article, we propose and investigate a decentralized firmware attestation scheme for the automotive domain. The basic idea of this scheme is that each ECU can attest to the state of those ECU’s on which it depends. Two flavors of ECU attestation, i.e., parallel and serial solution, were designed, implemented, and evaluated. The two variants were compared in terms of both detection performance (i.e., the ability to identify unauthorized firmware modifications) and timing performance. Our results show that the proposed scheme is feasible to implement and that the parallel solution showed a significant improvement in timing performance over the serial solution.