Triple ID Flexible MAC for Can Security Improvement

Abstract

Read online

The development of automotive-information & communication technology (ICT) convergence has resulted in various vehicle-based electrical/electronic (E/E) systems. An automotive E/E system consists of one or more electronic control units (ECUs), sensors and actuators. With the commercialization of connected/autonomous cars, vehicle-based wireless communication systems have appeared, and are expected to grow in popularity. This increases the number of attack surfaces that can potentially threaten in-vehicle controller area network (CAN). To combat the vulnerabilities of the CAN protocol, the CAN data field should be encrypted and transmitted with authentication codes. Recently, a method of transmitting authentication codes by modifying the CAN protocol was proposed. However, changing the original CAN protocol can cause serious problems in CAN systems. In this paper, to enhance CAN security, a data compression algorithm is used to reduce the data frame length so that there is space for a message authentication code (MAC) to be contained inside the data field. The proposed algorithm guarantees that all CAN frames are authenticated by a MAC of at least four bytes without any change of the original CAN protocol. Simulations using CAN data from Kia Sorento, Kia Soul, and LS Mtron vehicles show that the proposed algorithm works successfully with only a slight increase in the peak load.

Keywords

• CAN
• data reduction
• authentication code
• vehicle communication
• data rearrangement