Cargando…

Design of a CANFD to SOME/IP Gateway Considering Security for In-Vehicle Networks

In recent years, Ethernet has been introduced into vehicular networks to cope with the increasing demand for bandwidth and complexity in communication networks. To exchange data between controller area network (CAN) and Ethernet, a gateway system is required to provide a communication interface. Add...

Descripción completa

Detalles Bibliográficos
Autores principales: Zuo, Zheng, Yang, Shichun, Ma, Bin, Zou, Bosong, Cao, Yaoguang, Li, Qiangwei, Zhou, Sida, Li, Jichong
Formato: Online Artículo Texto
Lenguaje:English
Publicado: MDPI 2021
Materias:
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8659815/
https://www.ncbi.nlm.nih.gov/pubmed/34883923
http://dx.doi.org/10.3390/s21237917
_version_ 1784613054252580864
author Zuo, Zheng
Yang, Shichun
Ma, Bin
Zou, Bosong
Cao, Yaoguang
Li, Qiangwei
Zhou, Sida
Li, Jichong
author_facet Zuo, Zheng
Yang, Shichun
Ma, Bin
Zou, Bosong
Cao, Yaoguang
Li, Qiangwei
Zhou, Sida
Li, Jichong
author_sort Zuo, Zheng
collection PubMed
description In recent years, Ethernet has been introduced into vehicular networks to cope with the increasing demand for bandwidth and complexity in communication networks. To exchange data between controller area network (CAN) and Ethernet, a gateway system is required to provide a communication interface. Additionally, the existence of networked devices exposes automobiles to cyber security threats. Against this background, a gateway for CAN/CAN with flexible data-rate (CANFD) to scalable service-oriented middleware over IP (SOME/IP) protocol conversion is designed, and security schemes are implemented in the routing process to provide integrity and confidentiality protections. Based on NXP-S32G, the designed gateway is implemented and evaluated. Under most operating conditions, the CPU and the RAM usage are less than 5% and 20 MB, respectively. Devices running a Linux operating system can easily bear such a system resource overhead. The latency caused by the security scheme accounts for about 25% of the entire protocol conversion latency. Considering the security protection provided by the security scheme, this overhead is worthwhile. The results show that the designed gateway can ensure a CAN/CANFD to SOME/IP protocol conversion with a low system resource overhead and a low latency while effectively resisting hacker attacks such as frame forgery, tampering, and sniffing.
format Online
Article
Text
id pubmed-8659815
institution National Center for Biotechnology Information
language English
publishDate 2021
publisher MDPI
record_format MEDLINE/PubMed
spelling pubmed-86598152021-12-10 Design of a CANFD to SOME/IP Gateway Considering Security for In-Vehicle Networks Zuo, Zheng Yang, Shichun Ma, Bin Zou, Bosong Cao, Yaoguang Li, Qiangwei Zhou, Sida Li, Jichong Sensors (Basel) Article In recent years, Ethernet has been introduced into vehicular networks to cope with the increasing demand for bandwidth and complexity in communication networks. To exchange data between controller area network (CAN) and Ethernet, a gateway system is required to provide a communication interface. Additionally, the existence of networked devices exposes automobiles to cyber security threats. Against this background, a gateway for CAN/CAN with flexible data-rate (CANFD) to scalable service-oriented middleware over IP (SOME/IP) protocol conversion is designed, and security schemes are implemented in the routing process to provide integrity and confidentiality protections. Based on NXP-S32G, the designed gateway is implemented and evaluated. Under most operating conditions, the CPU and the RAM usage are less than 5% and 20 MB, respectively. Devices running a Linux operating system can easily bear such a system resource overhead. The latency caused by the security scheme accounts for about 25% of the entire protocol conversion latency. Considering the security protection provided by the security scheme, this overhead is worthwhile. The results show that the designed gateway can ensure a CAN/CANFD to SOME/IP protocol conversion with a low system resource overhead and a low latency while effectively resisting hacker attacks such as frame forgery, tampering, and sniffing. MDPI 2021-11-27 /pmc/articles/PMC8659815/ /pubmed/34883923 http://dx.doi.org/10.3390/s21237917 Text en © 2021 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
spellingShingle Article
Zuo, Zheng
Yang, Shichun
Ma, Bin
Zou, Bosong
Cao, Yaoguang
Li, Qiangwei
Zhou, Sida
Li, Jichong
Design of a CANFD to SOME/IP Gateway Considering Security for In-Vehicle Networks
title Design of a CANFD to SOME/IP Gateway Considering Security for In-Vehicle Networks
title_full Design of a CANFD to SOME/IP Gateway Considering Security for In-Vehicle Networks
title_fullStr Design of a CANFD to SOME/IP Gateway Considering Security for In-Vehicle Networks
title_full_unstemmed Design of a CANFD to SOME/IP Gateway Considering Security for In-Vehicle Networks
title_short Design of a CANFD to SOME/IP Gateway Considering Security for In-Vehicle Networks
title_sort design of a canfd to some/ip gateway considering security for in-vehicle networks
topic Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8659815/
https://www.ncbi.nlm.nih.gov/pubmed/34883923
http://dx.doi.org/10.3390/s21237917
work_keys_str_mv AT zuozheng designofacanfdtosomeipgatewayconsideringsecurityforinvehiclenetworks
AT yangshichun designofacanfdtosomeipgatewayconsideringsecurityforinvehiclenetworks
AT mabin designofacanfdtosomeipgatewayconsideringsecurityforinvehiclenetworks
AT zoubosong designofacanfdtosomeipgatewayconsideringsecurityforinvehiclenetworks
AT caoyaoguang designofacanfdtosomeipgatewayconsideringsecurityforinvehiclenetworks
AT liqiangwei designofacanfdtosomeipgatewayconsideringsecurityforinvehiclenetworks
AT zhousida designofacanfdtosomeipgatewayconsideringsecurityforinvehiclenetworks
AT lijichong designofacanfdtosomeipgatewayconsideringsecurityforinvehiclenetworks