Enhancing Automotive Intrusion Detection Systems with Capability Hardware Enhanced RISC Instructions-Based Memory Protection

Round 1

Reviewer 1 Report

Comments and Suggestions for Authors

The topic of the paper is interesting but there are critical issues. The scientific merit is low but has potential to be improved. Results are very superficial and needs to be better explored and presented.

Improvement suggestions:

1. Authors state “Modern vehicles are no longer purely mechanical systems; they have evolved into complex mechatronic platforms, integrating numerous Electronic Control Units (ECUs) interconnected through sophisticated communication networks [1].” This observation is very important but it is supported by just one reference published in 2021. It is important to base this observation in more up-to-date references.

2. It is observed that “However, this increased interconnectivity introduces a broad attack surface for cyber threats,…” However, this observation is not supported in the literature.

3. Why IDS is a critical component? You need to support it in published studies.

4. Why denial-of-service (DoS) is an important attack and not DDoS?

5. It is also noted “As vehicles become increasingly connected and autonomous, the potential for cyberattacks targeting their ECUs grows exponentially.” Do you have statistics to confirm it?

6. Motivation for this study is justified but not the research gap. What is the novelty level of your study? Please address and justify it.

7. Principle of Least Privilege and Principle of Intentional Use should be better explored from a scientific perspective.

8. The description of ARM Morello lacks references.

9. Explore better the IP spoofing in automotive industry. Please also use refences for that.

10. The adopted methodology should be better explored from a scientific point of view.

11. Results should be better explored and authors should provide quantitative data to support it. Authors can use data and graphs to show their results.

15. It is crucial to provide a “Discussion” section.

16. Conclusions section should be better organize to identify the theoretical and practical contributions.

17. number of references is very low.

Author Response

Please see the attachment

Author Response File: Author Response.pdf

Reviewer 2 Report

Comments and Suggestions for Authors

The manuscript is interesting to read, with the integration of CHERI into automotive intrusion detection systems, a fresh topic, and the simulations add credibility to this study. The manuscript has a logical structure, with introduction, background, methodology, results and conclusions.

Thank you for the opportunity to read this manuscript, and please allow me to make a few suggestions for the authors to improve it.

The references list is rather brief. I suggest that the author enhance it with additional publications in the field.  Also, based on the references list I suggest that the authors enhance the literature review; perhaps they could also include other hardware-based security frameworks (for example, TEE -Trusted execution environments, HSM - Hardware security modules etc.)

Is it possible that the authors could provide some more details on performance metrics under various conditions (for example network load, packet sizes) in order to quantify the practicality of CHERI in real-time systems ?

I suggest that the authors present more details on implementation challenges of CHERI in existing automotive ecosystems (for example the practical hurdles, like hardware compatibility, cost of deploying CHERI-enhanced systems, implications for legacy systems etc.)

Is CHERI able to complement other security layers (for example, machine learning-based anomaly detection) for a better robust defense ?

I recommend that the authors enhance the visual quality/resolution of the figures (especially of figure 1) which seems pixelated in the pdf file received for review.

I suggest that the authors explain Figure 1 some more, especially for the those who are not familiar with CHERI’s memory protection model.

Are there limitations of this research ? I suggest that the conclusion could be expanded a little bit to include some specific next steps or even open research questions.

I also suggest that the authors (if not in this manuscript, perhaps in their future research) could expand the simulation environment with additional attack scenarios (for example like advanced evasion techniques, message replay, timing attacks, etc.)

I do not understand the presence in this manuscript of Appendix A and Appendix B which contain no information about the study.

Author Response

Please see the attachment

Author Response File: Author Response.pdf

Reviewer 3 Report

Comments and Suggestions for Authors

Interesting topic to integrate CHERI into IDS intrusion detection systems for modern vehicular networks. Later, interconnection through ECU, vulnerabilities, cyber-attacks, IP spoofing, and IDS manipulation are discussed.

 

Observations:

1. The abstract is too thick and does not highlight what was obtained and what the results are. So please review it.

2. The presentation of the use of C/C++ languages ​​is not new and does not make sense in the abstract.

3. There is an introduction to the hardware and memory level analysis, but there is no clear architecture, contribution, or clear exposition of what has been developed. The approach is urgently needed.

4. Compatibilities with ARM, RISC-V, and MPIS architectures are presented, as well as a table with the differences, advantages, parameters, and differences between them in the given approach.

5. It is stated that by using CHERI, manipulation of IDS rules is prevented, it is not clear, and information is missing in the article.

6. There is a specification that performance is not affected and that it is viable for real-time applications. How? Any specification needs evidence.

7. Realization of the detection process on complex attacks ()IP spoofing or manipulation of rules). - It is necessary to present studies or comparisons through which the reader understands this information.

8. Demonstrate that it is the first study that addresses IP spoofing attacks and manipulation of IDS rules from the perspective of HW protection.

9. How do you highlight that ARM Morello is ideal and what is your prototype, architecture, etc.?

10. How does this test architecture look, are the hardware contributions not clear in the case of SOME/IP communications????

11. The article attempts to demonstrate high-level protection without compromising legacy automotive systems, how?

12. What are the clear, conclusive aspects of the research compared to other studies?

13. Detailed architectures, practical implementation, lack of comparisons, and practical simulations are missing.

14. The article has 3 images/code sections, which are not clearly explained (where they are placed, what is the architecture, what is the utility, that it initializes the memory, that it validates the packages, but many of these exist in CHERI).

15. The article needs a solid revision to demonstrate the novelty element and what has been practically achieved.

16. How can CHERI be implemented on a large scale in the automotive industry?

17. What is the complete architecture of the system, what does an IDS with CHERI look like, integrated into a SOME/IP or CAN network???

18. What happens when we talk about complex sequences? We want to see simulations at least, before and after, parameters, performance, and optimization.

19. The article does not mention how to deal with cases such as massive DoS attacks and if ECU units are compromised.

20. At the moment the article has a letter structure, a kind of exploratory material, there are basic concepts that are needed in the automotive field, but to be accepted it needs the corrections previously exposed, otherwise, it does not rise to the level of a research article.

We need a complete and extremely well-explained architecture (containing the contributions, advantages, and properties). Tests performed or simulations, several versions or prototypes, direct comparison of the results with other approaches, only later can we have an article that approaches an agreeable form.

At the moment the article has extremely many shortcomings in terms of research.

The presence of AI formatting is felt in the submitted manuscript!

Comments on the Quality of English Language

No obs!

Author Response

Please see the attachment

Author Response File: Author Response.pdf

Round 2

Reviewer 1 Report

Comments and Suggestions for Authors

The authors should address better the practical contributions of this study in the Conclusions section.

Author Response

Please see the attachment

Author Response File: Author Response.pdf

Reviewer 3 Report

Comments and Suggestions for Authors

The article has been adjusted but there are still aspects that we need to consider, and among them we find the following:

How do we define the CHERI architecture and what advantages does it have compared to other solutions, or how does what has been developed now benefit compared to what already exists?

How does the proposed algorithm handle situations in which attackers use sophisticated manipulation methods, such as real-time modifications of network traffic?

What performance trade-offs are observable in implementing CHERI protection in IDS systems, especially in the context of real-time requirements in vehicles?

To what extent is the proposed solution scalable to manage more complex networks and vehicles with over 100 ECUs?

Some passages, such as the explanation about the implementation of CHERI protection in the "Implementation CHERI usage on IDS" section, contain well-structured technical details, but could benefit from a more accessible description for readers without advanced programming expertise. For example, the phrase "CHERI C Pointer ptr : signed int* with metadata as a CHERI capability" could be explained more clearly, with a simpler example to demonstrate the difference between ISO C and CHERI C.

In the experimental results section, the authors mention that latencies have increased marginally (12 ms vs. 10 ms in traditional implementations), but do not provide further data on the impact of these values ​​on critical applications. Discussing how these increases might affect scenarios where response time is crucial (e.g. automatic braking) would be useful.

A new review and necessary corrections are awaited.

Comments on the Quality of English Language

No obs.

Author Response

Please see the attachment

Author Response File: Author Response.pdf

Round 3

Reviewer 3 Report

Comments and Suggestions for Authors

The article has improved, but you need to look a little closer at Figures 3 and 4, the respective captures didn't seem to show well, try to make them clearer.

You need to revise the abstract a bit more to condense information and even highlight some numbers.

 

Comments on the Quality of English Language

There are no comments regarding the writing.

Author Response

Please see the attachment

Author Response File: Author Response.pdf