Lightweight Authenticated Encryption for Vehicle Controller Area Network

Abstract

Vehicle manufacturers are installing a large number of Electronic Control Units (ECU) inside vehicles. ECUs communicate among themselves via a Controller Area Network (CAN) to ensure better user experience and safety. CAN is considered as a de facto standard for efficient communication of an embedded control system network. However, it has no built-in security features. In this thesis, the existing security solutions for the CAN protocol found in the literature are classified in terms of security enforcement procedures. The classification can facilitate the researchers to select an appropriate security technique depending on security requirements. We also propose a security framework to secure CAN communication using the Authenticated Encryption with Associated Data (AEAD). The framework ensures confidentiality, integrity, and authenticity of CAN data transmission. The experimental results show that the delay of the proposed approach can be reduced to 0.07 ms depending on hardware configurations. We consider it lightweight since it adds a low overhead regardless of performing encryption and authentication. We evaluate the approach using four metrics: communication overhead, network traffic load, cost of deployment, and compatibility with CAN specification. We show that the framework keeps the network traffic unchanged, has low deployment cost, and is highly compatible with the specifications of the protocol.