Cargando…
Design of a CANFD to SOME/IP Gateway Considering Security for In-Vehicle Networks
In recent years, Ethernet has been introduced into vehicular networks to cope with the increasing demand for bandwidth and complexity in communication networks. To exchange data between controller area network (CAN) and Ethernet, a gateway system is required to provide a communication interface. Add...
Autores principales: | , , , , , , , |
---|---|
Formato: | Online Artículo Texto |
Lenguaje: | English |
Publicado: |
MDPI
2021
|
Materias: | |
Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8659815/ https://www.ncbi.nlm.nih.gov/pubmed/34883923 http://dx.doi.org/10.3390/s21237917 |
_version_ | 1784613054252580864 |
---|---|
author | Zuo, Zheng Yang, Shichun Ma, Bin Zou, Bosong Cao, Yaoguang Li, Qiangwei Zhou, Sida Li, Jichong |
author_facet | Zuo, Zheng Yang, Shichun Ma, Bin Zou, Bosong Cao, Yaoguang Li, Qiangwei Zhou, Sida Li, Jichong |
author_sort | Zuo, Zheng |
collection | PubMed |
description | In recent years, Ethernet has been introduced into vehicular networks to cope with the increasing demand for bandwidth and complexity in communication networks. To exchange data between controller area network (CAN) and Ethernet, a gateway system is required to provide a communication interface. Additionally, the existence of networked devices exposes automobiles to cyber security threats. Against this background, a gateway for CAN/CAN with flexible data-rate (CANFD) to scalable service-oriented middleware over IP (SOME/IP) protocol conversion is designed, and security schemes are implemented in the routing process to provide integrity and confidentiality protections. Based on NXP-S32G, the designed gateway is implemented and evaluated. Under most operating conditions, the CPU and the RAM usage are less than 5% and 20 MB, respectively. Devices running a Linux operating system can easily bear such a system resource overhead. The latency caused by the security scheme accounts for about 25% of the entire protocol conversion latency. Considering the security protection provided by the security scheme, this overhead is worthwhile. The results show that the designed gateway can ensure a CAN/CANFD to SOME/IP protocol conversion with a low system resource overhead and a low latency while effectively resisting hacker attacks such as frame forgery, tampering, and sniffing. |
format | Online Article Text |
id | pubmed-8659815 |
institution | National Center for Biotechnology Information |
language | English |
publishDate | 2021 |
publisher | MDPI |
record_format | MEDLINE/PubMed |
spelling | pubmed-86598152021-12-10 Design of a CANFD to SOME/IP Gateway Considering Security for In-Vehicle Networks Zuo, Zheng Yang, Shichun Ma, Bin Zou, Bosong Cao, Yaoguang Li, Qiangwei Zhou, Sida Li, Jichong Sensors (Basel) Article In recent years, Ethernet has been introduced into vehicular networks to cope with the increasing demand for bandwidth and complexity in communication networks. To exchange data between controller area network (CAN) and Ethernet, a gateway system is required to provide a communication interface. Additionally, the existence of networked devices exposes automobiles to cyber security threats. Against this background, a gateway for CAN/CAN with flexible data-rate (CANFD) to scalable service-oriented middleware over IP (SOME/IP) protocol conversion is designed, and security schemes are implemented in the routing process to provide integrity and confidentiality protections. Based on NXP-S32G, the designed gateway is implemented and evaluated. Under most operating conditions, the CPU and the RAM usage are less than 5% and 20 MB, respectively. Devices running a Linux operating system can easily bear such a system resource overhead. The latency caused by the security scheme accounts for about 25% of the entire protocol conversion latency. Considering the security protection provided by the security scheme, this overhead is worthwhile. The results show that the designed gateway can ensure a CAN/CANFD to SOME/IP protocol conversion with a low system resource overhead and a low latency while effectively resisting hacker attacks such as frame forgery, tampering, and sniffing. MDPI 2021-11-27 /pmc/articles/PMC8659815/ /pubmed/34883923 http://dx.doi.org/10.3390/s21237917 Text en © 2021 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). |
spellingShingle | Article Zuo, Zheng Yang, Shichun Ma, Bin Zou, Bosong Cao, Yaoguang Li, Qiangwei Zhou, Sida Li, Jichong Design of a CANFD to SOME/IP Gateway Considering Security for In-Vehicle Networks |
title | Design of a CANFD to SOME/IP Gateway Considering Security for In-Vehicle Networks |
title_full | Design of a CANFD to SOME/IP Gateway Considering Security for In-Vehicle Networks |
title_fullStr | Design of a CANFD to SOME/IP Gateway Considering Security for In-Vehicle Networks |
title_full_unstemmed | Design of a CANFD to SOME/IP Gateway Considering Security for In-Vehicle Networks |
title_short | Design of a CANFD to SOME/IP Gateway Considering Security for In-Vehicle Networks |
title_sort | design of a canfd to some/ip gateway considering security for in-vehicle networks |
topic | Article |
url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8659815/ https://www.ncbi.nlm.nih.gov/pubmed/34883923 http://dx.doi.org/10.3390/s21237917 |
work_keys_str_mv | AT zuozheng designofacanfdtosomeipgatewayconsideringsecurityforinvehiclenetworks AT yangshichun designofacanfdtosomeipgatewayconsideringsecurityforinvehiclenetworks AT mabin designofacanfdtosomeipgatewayconsideringsecurityforinvehiclenetworks AT zoubosong designofacanfdtosomeipgatewayconsideringsecurityforinvehiclenetworks AT caoyaoguang designofacanfdtosomeipgatewayconsideringsecurityforinvehiclenetworks AT liqiangwei designofacanfdtosomeipgatewayconsideringsecurityforinvehiclenetworks AT zhousida designofacanfdtosomeipgatewayconsideringsecurityforinvehiclenetworks AT lijichong designofacanfdtosomeipgatewayconsideringsecurityforinvehiclenetworks |