Search Results (15)

Post-quantum cryptography (PQC) artifacts are one to three orders of magnitude larger than their classical counterparts and must be segmented via ISO-TP across a shared CAN-FD bus while coexisting with periodic safety-critical traffic. No prior work has quantitatively mapped the transport-level feasibility of these artifacts under realistic multi-electronic control unit (ECU) contention. This paper presents a validated discrete-event simulator and evaluates 29 parameter sets from nine algorithm families—spanning the KpqC final portfolio, NIST FIPS 203–205 standards, and the draft FIPS 206—across 534 scenarios classified as feasible, borderline, or infeasible. Results show that key encapsulation mechanism (KEM) feasibility is scenario-dependent: domain scale and startup coordination dominate over algorithm choice, with 4-ECU staggered deployments feasible for all Level-1 candidates, while 16-ECU simultaneous startup is universally infeasible. For digital signatures, FN-DSA achieves the best transport feasibility due to its compact signature, while HQC is uniformly infeasible and SLH-DSA is nearly uniformly infeasible, quantifying the CAN-FD bandwidth premium of algorithmic diversity. System-side traffic shaping—staggered startup and reserved bus windows—outperforms algorithm substitution as a mitigation strategy. To the best of our knowledge, these findings constitute the first design-space map of PQC artifact transport on CAN-FD and provide actionable deployment guidelines for post-quantum transition. Full article

As a next-generation serial communication protocol employed in automotive electronics and industrial control domains, Controller Area Network with Flexible Data-Rate (CAN-FD) enhances communication efficiency via the introduction of a dual-rate transmission mechanism, yet it still inherits the security vulnerabilities of traditional CAN networks. To enhance the security of node identity authentication in CAN-FD networks—a critical prerequisite for secure communication—we present an electronic control unit (ECU) authentication scheme that utilizes voltage hardware fingerprints (VHFs) as the core identity credential. Specifically, a single frame of data is utilized to integrate the control field’s voltage characteristics and data field’s edges, forming stable and distinguishable hardware fingerprints. We also analyze the VHF offset characteristics under typical spoofing attacks and wire-tapping attacks, and then propose a lightweight vehicle intrusion detection system (VIDS) scheme to identify attack scenarios and locate the compromised ECU in CAN-FD networks. Lastly, we conducted research on and discussed other VHF-influencing factors and put forward detailed specific solutions. Attack tests are conducted under four representative scenarios, namely substitution attack, masquerade attack, injection attack, and wire-tapping attack. The findings reveal that our scheme can not only accurately distinguish between various CAN-FD nodes but also identify specific attack types in real time. In detail, a single-frame node recognition rate exceeding 99% is achieved in approximately 2 ms, and in experiments covering multiple attack scenarios on this six-node prototype system, 100% recognition accuracy for attack types is realized in approximately 500 ms. Full article

The Controller Area Network (CAN) protocol lacks native authentication mechanisms, exposing modern vehicles to critical security threats. While deep learning-based intrusion detection systems show promise, existing solutions require computational resources far exceeding automotive-grade microcontroller constraints, hindering practical embedded deployment. This paper proposes LCSMC-Net, an ultra-lightweight neural architecture for resource-constrained CAN intrusion detection. The framework integrates three innovations: (1) Separable Multiscale Convolution Lite (SMC-Lite) blocks capturing multitemporal attack patterns with minimal parameters; (2) Lightweight Channel-Temporal Attention (LCTA) achieving linear $\mathcal{O}\left(N\right)$ complexity through adaptive pruning; and (3) 6-dimensional CAN-optimized features exploiting protocol-specific characteristics for aggressive compression. The framework employs Bayesian hyperparameter optimization and knowledge distillation for systematic model compression. Extensive experiments on CAN and CAN-FD datasets demonstrate that LCSMC-Net achieves 99.89% accuracy with only 9401 parameters and 2.84M FLOPs, outperforming existing solutions while meeting real-time constraints of automotive embedded systems, providing a viable edge AI deployment solution. Full article

In this work, we present the design and evaluation of the X2000, a new development kit created to simplify and accelerate research for advanced driver-assistance systems (ADAS). The X2000 is a complete ADAS development kit for the Ford Mach-E. It includes a forward-facing vehicle-mounted camera, vehicle-mounted AI computer, controller area network flexible data-rate (CAN-FD) and 12 V power connections, and a CAN-FD interface to the vehicle’s forward radar. Central to the kit is a novel ADAS software architecture designed for readability and extensibility. Included in the design are software modules for the following: (1) camera and radar interfacing; (2) image processing; (3) AI model inference; (4) data logging; (5) steering and velocity planning; (6) low-level vehicle controls for steering, acceleration, and braking; (7) lane centering visualization to the car’s 17-inch touchscreen. To build on a proven system, the X2000 integrates the AI model, planner, low-level controls, and radar interfacing software from Openpilot. We build on the excellent work of the Openpilot team while creating a highly simplified system. Openpilot features 17 software processes and 77 inter-process messages, while the X2000 uses 6 processes and 7 inter-process messages. Full article

To address the limitations inherent in traditional simulation control schemes for dual-engine parallel operation systems in diesel engines—such as protracted development cycles, suboptimal interface compatibility, insufficient real-time performance, and inadequate support for dynamic condition simulation in applications like marine power systems—this paper proposes an embedded real-time controller based on model-based design. This methodology facilitates efficient development and high-precision real-time control of parallel operation systems. A multi-domain coupled simulation model integrating diesel power and parallel control algorithms is built in MATLAB/Simulink, with optimized C code auto-generated via Embedded Coder. Hardware centers on STM32F407VE, enabling 4–20 mA speed acquisition, CAN communication, and Ethernet transmission. Experimental results indicate that the architecture shortens development cycles from 8 to 3 weeks, with 895 microseconds of simulation steps meeting 1-millisecond real-time requirements. Vessel tests achieve ±1.8 r/min synchronization error and ±1.2% load distribution error at low cost. It adapts to varied diesel power via modular substitution and supports RS485/CAN-FD. In conclusion, the controller effectively handles real-time simulated diesel engine parallel systems and excels in efficiency, compatibility, and cost, offering a viable technical pathway for modernizing parallel power systems in applications such as marine vessels and power generation. Full article

The integration of external devices and network connectivity into autonomous vehicles has raised significant concerns about in-vehicle security vulnerabilities. Existing security mechanisms for in-vehicle bus systems, which mainly rely on appending authentication codes and data encryption, have been extensively studied in the context of CAN and CAN-FD buses. However, these approaches are not directly applicable to Ethernet buses due to the much higher data transmission rates of Ethernet buses compared to other buses. The real-time encryption and decryption required by Ethernet buses cannot be achieved with conventional methods, necessitating an acceleration in the speed of cryptographic operations to match the demands of Ethernet communication. In response to these challenges, our paper introduces a range of cryptographic solutions specifically designed for in-vehicle Ethernet networks. We employ an AES-ECC hybrid algorithm for critical vehicle control signals, combining the efficiency of AES with the security of ECC. For multimedia signals, we propose an improved AES-128 (IAES-128) and an improved MD5 (IMD), which improve encryption time by 15.77%. Our proposed security mechanisms have been rigorously tested through attack simulations on the CANoe (version 10) platform. These tests cover both in-vehicle control signals, such as braking and throttle control, and non-critical systems like multimedia entertainment. The experimental results convincingly demonstrate that our optimized algorithms and security mechanisms ensure the secure and reliable operation of real-time communication in autonomous vehicles. Full article

The rapid advancement of technology, alongside state-of-the-art techniques is at an all-time high. However, this unprecedented growth of technological prowess also brings forth potential threats, as oftentimes the security encompassing these technologies is imperfect. Particularly within the automobile industry, the recent strides in technology have brought about increased complexity. A notable flaw lies in the CAN-FD protocol, which lacks robust security measures, making it vulnerable to data theft, injection, replay, and flood data attacks. With the rising complexity of in-vehicular networks and the widespread adoption of CAN-FD, the imperative to safeguard the protocol has never been more crucial. This paper aims to provide a comprehensive review of the existing in-vehicle communication protocol, CAN-FD. It explores existing security approaches designed to fortify CAN-FD, demonstrating multiple multi-layer solutions that leverage modern techniques including Physical Unclonable Function (PUF), Elliptical Curve Cryptography (ECC), Ethereum Blockchain, and Smart contracts. The paper highlights existing multi-layer security measures that offer minimal overhead, optimal performance, and robust security. Moreover, it identifies areas where these security measures fall short and discusses ongoing research along with suggestions for implementing software and hardware-level modifications. These proposed changes aim to streamline complexity, reduce overhead while ensuring forward compatibility. In essence, the methods outlined in this study are poised to excel in real-world applications, offering robust protection for the evolving landscape of in-vehicular communication systems. Full article

As an enhanced version of standard CAN, the Controller Area Network with Flexible Data (CAN-FD) rate is vulnerable to attacks due to its lack of information security measures. However, although anomaly detection is an effective method to prevent attacks, the accuracy of detection needs further improvement. In this paper, we propose a novel intrusion detection model for the CAN-FD bus, comprising two sub-models: Anomaly Data Detection Model (ADDM) for spotting anomalies and Anomaly Classification Detection Model (ACDM) for identifying and classifying anomaly types. ADDM employs Long Short-Term Memory (LSTM) layers to capture the long-range dependencies and temporal patterns within CAN-FD frame data, thus identifying frames that deviate from established norms. ACDM is enhanced with the attention mechanism that weights LSTM outputs, further improving the identification of sequence-based relationships and facilitating multi-attack classification. The method is evaluated on two datasets: a real-vehicle dataset including frames designed by us based on known attack patterns, and the CAN-FD Intrusion Dataset, developed by the Hacking and Countermeasure Research Lab. Our method offers broader applicability and more refined classification in anomaly detection. Compared with existing advanced LSTM-based and CNN-LSTM-based methods, our method exhibits superior performance in detection, achieving an improvement in accuracy of 1.44% and 1.01%, respectively. Full article

The Controller Area Network with Flexible Data-Rate (CAN-FD) bus is the predominant in-vehicle network protocol, responsible for transmitting crucial application semantic signals. Due to the absence of security measures, CAN-FD is vulnerable to numerous cyber threats, particularly those altering its authentic physical values. This paper introduces Physical Semantics-Enhanced Anomaly Detection (PSEAD) for CAN-FD networks. Our framework effectively extracts and standardizes the genuine physical meaning features present in the message data fields. The implementation involves a Long Short-Term Memory (LSTM) network augmented with a self-attention mechanism, thereby enabling the unsupervised capture of temporal information within high-dimensional data. Consequently, this approach fully exploits contextual information within the physical meaning features. In contrast to the non-physical semantics-aware whole frame combination detection method, our approach is more adept at harnessing the physical significance inherent in each segment of the message. This enhancement results in improved accuracy and interpretability of anomaly detection. Experimental results demonstrate that our method achieves a mere 0.64% misclassification rate for challenging-to-detect replay attacks and zero misclassifications for DoS, fuzzing, and spoofing attacks. The accuracy has been enhanced by over 4% in comparison to existing methods that rely on byte-level data field characterization at the data link layer. Full article

Network Diagnosis Tools with industrial-grade quality are not widely available for common users such as researchers and students. This kind of tool enables users to develop Distributed Embedded Systems using low-cost and reliable setups. In the context of RISC-V Extensions and Domain-Specific Architecture, this paper proposes a Real-Time RISC-V-based CAN-FD Bus Diagnosis Tool, named RiscDiag CanFd, as an open-source alternative. The RISC-V Core extension is a CAN-FD Communication Unit controlled by a dedicated ISA Extension. Besides the extended RISC-V core, the proposed SoC provides UDP Communication via Ethernet for connecting the proposed solution to a PC. Additionally, a GUI application was developed for accessing and using the hardware solution deployed in an FPGA. The proposed solution is evaluated by measuring the lost frame rate, the precision of captured frames timestamps and the latency of preparing data for Ethernet communication. Measurements revealed a 0% frame loss rate, a timestamp error under 0.001% and an acquisition cycle jitter under 10 ns. Full article

The Controller Area Network (CAN) is a bus protocol widely used in Electronic control Units (ECUs) to communicate between various subsystems in vehicles. Insecure CAN networks can allow attackers to control information between vital vehicular subsystems. As vehicles can have lifespans of multiple decades, post-quantum cryptosystems are essential for protecting the vehicle communication systems from quantum attacks. However, standard CAN’s efficiency and payload sizes are too small for post-quantum cryptography. The Controller Area Network Flexible Data-Rate (CAN-FD) is an updated protocol for CAN that increases transmission speeds and maximum payload size. With CAN-FD, higher security standards, such as post-quantum, can be utilized without severely impacting performance. In this paper, we propose PUF-Based Post-Quantum Cryptographic CAN-FD Framework, or PUF-PQC-CANFD. Our framework provides post-quantum security to the CAN network while transmitting and storing less information than other existing pre-quantum and post-quantum CAN frameworks. Our proposal protects against most cryptographic-based attacks while transmitting (at up to 100 ECUs) 25–94% less messages than existing pre-quantum frameworks and 99% less messages than existing post-quantum frameworks. PUF-PQC-CANFD is optimized for smaller post-quantum key sizes, storage requirements, and transmitted information to minimize the impact on resource-restricted ECUs. Full article

Automotive cyber-physical systems are in transition from the closed-systems to open-networking systems. As a result, in-vehicle networks such as the controller area network (CAN) have become essential to connect to inter-vehicle networks through the various rich interfaces. Newly exposed security concerns derived from this requirement may cause in-vehicle networks to pose threats to automotive security and driver’s safety. In this paper, to ensure a high level of security of the in-vehicle network for automotive CPS, we propose a novel lightweight and practical cyber defense platform, referred to as CANon (CAN with origin authentication and non-repudiation), to be enabled to detect cyber-attacks in real-time. CANon is designed based on the hierarchical approach of centralized-session management and distributed-origin authentication. In the former, a gateway node manages each initialization vector and session of origin-centric groups consisting of two more sending and receiving nodes. In the latter, the receiving nodes belonging to the given origin-centric group individually perform the symmetric key-based detection against cyber-attacks by verifying each message received from the sending node, namely origin authentication, in real-time. To improve the control security, CANon employs a one-time local key selected from a sequential hash chain (SHC) for authentication of an origin node in a distributed mode and exploits the iterative hash operations with randomness. Since the SHC can constantly generate and consume hash values regardless of their memory capacities, it is very effective for resource-limited nodes for in-vehicle networks. In addition, through implicit key synchronization within a given group, CANon addresses the challenges of a key exposure problem and a complex key distribution mechanism when performing symmetric key-based authentication. To achieve lightweight cyber-attack detection without imposing an additive load on CAN, CANon uses a keyed-message authentication code (KMAC) activated within a given group. The detection performance of CANon is evaluated under an actual node of Freescale S12XF and virtual nodes operating on the well-known CANoe tool. It is seen that the detection rate of CANon against brute-force and replay attacks reaches 100% when the length of KMAC is over 16 bits. It demonstrates that CANon ensures high security and is sufficient to operate in real-time even on low-performance ECUs. Moreover, CANon based on several software modules operates without an additive hardware security module at an upper layer of the CAN protocol and can be directly ported to CAN-FD (CAN with Flexible Data rate) so that it achieves the practical cyber defense platform. Full article

In recent years, Ethernet has been introduced into vehicular networks to cope with the increasing demand for bandwidth and complexity in communication networks. To exchange data between controller area network (CAN) and Ethernet, a gateway system is required to provide a communication interface. Additionally, the existence of networked devices exposes automobiles to cyber security threats. Against this background, a gateway for CAN/CAN with flexible data-rate (CANFD) to scalable service-oriented middleware over IP (SOME/IP) protocol conversion is designed, and security schemes are implemented in the routing process to provide integrity and confidentiality protections. Based on NXP-S32G, the designed gateway is implemented and evaluated. Under most operating conditions, the CPU and the RAM usage are less than 5% and 20 MB, respectively. Devices running a Linux operating system can easily bear such a system resource overhead. The latency caused by the security scheme accounts for about 25% of the entire protocol conversion latency. Considering the security protection provided by the security scheme, this overhead is worthwhile. The results show that the designed gateway can ensure a CAN/CANFD to SOME/IP protocol conversion with a low system resource overhead and a low latency while effectively resisting hacker attacks such as frame forgery, tampering, and sniffing. Full article

The design of the Controller Area Network (CAN bus) did not account for security issues and, consequently, attacks often use external mobile communication interfaces to conduct eavesdropping, replay, spoofing, and denial-of-service attacks on a CAN bus, posing a risk to driving safety. Numerous studies have proposed CAN bus safety improvement techniques that emphasize modifying the original CAN bus method of transmitting frames. These changes place additional computational burdens on electronic control units cause the CAN bus to lose the delay guarantee feature. Consequently, we proposed a method that solves these compatibility and security issues. Simple and efficient frame authentication algorithms were used to prevent spoofing and replay attacks. This method is compatible with both CAN bus and CAN-FD protocols and has a lower operand when compared with other methods. Full article

Security has become critical for in-vehicle networks as they carry safety-critical data from various components, e.g., sensors or actuators, and current research proposals were quick to react with cryptographic protocols designed for in-vehicle buses, e.g., CAN (Controller Area Network). Obviously, the majority of existing proposals are built on cryptographic primitives that rely on a secret shared key. However, how to share such a secret key is less obvious due to numerous practical constraints. In this work, we explore in a comparative manner several approaches based on a group extension of the Diffie–Hellman key-exchange protocol and identity-based authenticated key agreements. We discuss approaches based on conventional signatures and identity-based signatures, garnering advantages from bilinear pairings that open road to several well-known cryptographic constructions: short signatures, the tripartite Diffie–Hellman key exchange and identity-based signatures or key exchanges. Pairing-based cryptographic primitives do not come computationally cheap, but they offer more flexibility that leads to constructive advantages. To further improve on performance, we also account for pairing-free identity-based key exchange protocols that do not require expensive pairing operations nor explicit signing of the key material. We present both computational results on automotive-grade controllers as well as bandwidth simulations with industry-standard tools, i.e., CANoe, on modern in-vehicle buses CAN-FD and FlexRay. Full article