Development of a Hybrid Research Testbed for In-vehicle Security Research

Abstract

A modern automotive system consists of up to 100 Electronic Control Units (ECUs) and thousands of communication signals via the Controller Area Network (CAN) protocol, over a bus-based network topology. While the CAN protocol benefits from its low-cost, reliable, and real-time properties, it lacks information security mechanisms such as authentication and encryption, making it susceptible to fabrication, suspension, and masquerade attacks. In a real-world setting, some of these attacks could even cause the endangerment or loss of life. In-vehicle security researchers today use software-based solutions, actual vehicles, or simulated hardware testing to find solutions to these problems. While software-based solutions are often cost-effective and flexible, they do not typically provide realistic results. On the other hand, actual vehicles provide a realistic scenario, however, they can be cost-prohibitive and lack flexibility when modifications need to be made. Simulated hardware is created by simulating ECUs using low-cost equipment, such as Raspberry Pis, however, like the software-based solutions, these simulated ECUs are not accurate representations of realistic ECUs. We have developed a hybrid testbed that incorporate real ECUs as well as simulators. Our testbed provides the real time behavior of actual ECUs as well as the flexibility of simulators. We have also developed an easy-to-use software interface to develop and test in-vehicle communication algorithms on the testbed. The testbed has been validated by testing and experimental secured CAN protocol called SecCAN. The validation indicates that our testbed provides a low cost, very flexible, but realistic environment for in-vehicle network security research.