Device Attestation for In-Vehicle Network

Abstract: Embedded devices are crucial components of all modern vehicles. Today, every invehicle architecture consists of multiple small devices, each of which is responsible for a limited number of tasks, and together the devices act as a whole, giving the vehicle a big range of functionalities. In recent years, embedded devices have shown to be highly vulnerable to cyberattacks which put the driver at risk, as the vehicle could be controlled by an unauthorized party. Therefore, securing the vehicle’s embedded devices from unauthorized use and modification is very important. One of the ways to protect the embedded devices is to perform a so-called device attestation, which is a technique used to certify that a specific firmware is unchanged and valid. This technique has been proven to work outside of the automotive industry, but the main challenge is to get it to work with the strict requirements that exist on vehicular hardware. There are many ways of performing device attestation and these approaches can have different impact on cost, efficiency, level of security, memory capacity used, amount of hardware needed, and possibly other factors. This paper classifies a number of device attestation techniques into different categories and discusses what effect these techniques have on the cost of installation, security level, and efficiency. It also describes how these methods can secure embedded devices inside the vehicle and how applicable the methods are for the modern in-vehicle architecture. Further, the report proposes device attestation methods that satisfy three main criteria: the solution should be applicable for modern vehicles, come with a low cost, and meet the automotive-specific security and safety requirements.