Secure Automotive Ethernet : Balancing Security and Safety in Time Sensitive Systems

Abstract: Background.As a result of the digital era, vehicles are being digitalised in arapid pace. Autonomous vehicles and powerful infotainment systems are justparts of what is evolving within the vehicles. These systems require more in-formation to be transferred within the vehicle networks. As a solution for this,Ethernet was suggested. However, Ethernet is a ’best effort’ protocol which cannot be considered reliable. To solve that issue, specific implementations weredone to create Automotive Ethernet. However, the out-of-the-box vulnerabil-ities from Ethernet persist and need to be mitigated in a way that is suitableto the automotive domain. Objectives.This thesis investigates the vulnerabilities of Ethernet out-of-the-box and identify which vulnerabilities cause the largest threat in regard tothe safety of human lives and property. When such vulnerabilities are iden-tified, possible mitigation methods using security measures are investigated.Once two security measures are selected, an experiment is conducted to see ifthose can manage the latency requirements. Methods.To achieve the goals of this thesis, literature studies were conductedto learn of any vulnerabilities and possible mitigation. Then, those results areused in an OMNeT++experiment making it possible to record latency in a sim-ple automotive topology and then add the selected security measures to get atotal latency. This latency must be less than 10 ms to be considered safe in cars. Results. In the simulation, the baseline communication is found to take1.14957±0.02053 ms. When adding a security measure latency, the total dura-tion is found. For Hash-based Message Authentication Code (HMAC)-SecureHash Algorithm (SHA)-512 the total duration is 1.192274 ms using the up-per confidence interval. Elliptic Curve Digital Signature Algorithm (ECDSA)- ED25519 has the total latency of 3.108424 ms using the upper confidenceinterval. Conclusions. According to the results, both HMAC-SHA-512 and ECDSA- ED25519 are valid choices to implement as a integrity and authenticity secu-rity measure. However, these results are based on a simulation and should beverified using physical hardware to ensure that these measures are valid.