AutoSAR Typical Security Mechanism introduction
[Author]
Renhong WENG, Safety, and Security, and RAMS investigator.
This week we discuss some security mechanisms in AutoSAR.
First: Background
AutoSAR had devoted itself into security protection mechanism development since V4.2.
Present, following library or resources had been developed
crypto service management
crypto stack
key management
security onboard communication
crypto driver
crypto interface
Second: Security onboard communication
Security itself for ECU within cars, we called the onboard communication, but first of all we have to introduce potential architecture and cyber attack:
| Property | Attack Type | Security Mechanism in SecOC |
| Confidentiality | information disclosure | crypto service manager key management data encryption |
| Integrity | Tampering | encryption access control |
| Availability | Denial of service | N/A |
| Accountability | Non-repudiation | Freshness value |
| Authentication | spoof | Message authentication code |
| Authorization | Elevation of rights | Authorization |
Third: Crypto service manager
Traditional layered view as following:
For CSM, there are many queues are waiting, so there will rough routes as following:
| AES | RSA |
block cypher, symmetric cypher 256 bit or more applying into the fast encryption speed | asymmetric cypher, 2048 bit or more applying into high encryption algorithm required, speed not very fast. normally higher CAL will use this |
Forth: important key manager
derived from SWS_Csm_01022, following important key and itself information shall be followed:
Format of key as following:
Fifth: Secure Onboard Communication
First of all, we have to generate the dependencies between the three small chapter:
| Dependencies | CSM |
| SecOC |
|
| Key |
|
Accompanied by above dependencies, we can have following mechanisms:
MAC and freshness value
Detail MAC value verification as following:
Fresh value verification as following:
2. Authentic I-PDU and Secured i-PDU
For here, sometimes we have to truncated the freshness values and authenticator, due to bit field constraints:
Note: Fresh value managed by Fresh Value Manager, and which can start from within authentic I-PDU
3. relationship with PdUR
4. Security Profile
we just introduce one Security profile 1
*cmac introduction
CMAC is not good as HMAC but will be applied in the lightweight cryptography, present which had transform in SecOC.
5.SecOC not robut enough to withstand high level attack, which only support low level or lightweight security.
Note: coding for CMAC AES 128 bit
for (i = 0; i < 16; i++) { MACkey[i] = key[i]; // set MAC key } mbedtls_aes_setkey_enc(&aes, MACkey, 128); mbedtls_aes_crypt_ecb(&aes, AES_ENCRYPT, plain, c0); if (c0[0]<0x80) //generate k1 { leftshift(16, c0, k1); }
https://blog.csdn.net/easychang/article/details/52352138
Best REGARDS!
[REF]
AUTOSAR_SWS_SecureOnboardCommunication
https://blog.csdn.net/easychang/article/details/52352138
- 用户评论
