Cyber Security for IEEE 802.1 Time Sensitive In-Vehicle Networking: Recent Advances and Impact Analysis of DoS Attacks

Year 2024, Volume: 26 Issue: 76, 105 - 118, 23.01.2024

Mustafa Topsakal , Selçuk Cevher

https://doi.org/10.21205/deufmd.2024267613

Abstract

Dedicated computers control the operation of Cyber Physical Systems such as in-vehicle architectures with the help of sensors and actuators. Securing the real-time communication technologies for in-vehicle platforms attracts the attention of the research community. IEEE 802.1 Time Sensitive Networking (TSN) task group targets the standardization of Ethernet-based deterministic communication technologies due to its high bandwidth and low cost. IEEE P802.1DG working group specifies the profile for secure and real-time automotive embedded systems relying on TSN, which is envisioned to be widely used in future in-vehicle platforms. In this paper, we present an elaborate review of the research work on the security of in-vehicle communication networks with TSN support, and define various Denial of Service (DoS) attack scenarios targeting the real-time traffic in in-vehicle networks. We evaluate the impact of our attack scenarios on the performance of two different realistic in-vehicle communication networks with varying sizes. Experimental results show that DoS attacks can lead to severe consequences disrupting the healthy operation of safety-critical functions in a TSN-compliant in-vehicle network.

Keywords

In-Vehicle Network, Deterministic Real-Time Communication, IEEE 802.1 TSN, DoS Attacks

IEEE 802.1 Zaman Hassas Araç-İçi Haberleşme Ağları için Siber Güvenlik: Güncel Gelişmeler ve Hizmet Reddi Saldırılarının Etki Analizi

Abstract

Adanmış bilgisayarlar, araç-içi mimariler gibi Siber Fiziksel Sistemlerin operasyonunu sensörler ve aktüatörler yardımıyla kontrol ederler. Araç-içi platformlar için gerçek-zamanlı haberleşme teknolojilerinin güvenli hale getirilmesi araştırma topluluklarının dikkatini çekmektedir. IEEE 802.1 Zaman Hassas Haberleşme (ZHH) görev grubu, yüksek bant genişliği ve düşük maliyeti nedeniyle, Ethernet tabanlı deterministik iletişim teknolojilerinin standardizasyonunu hedeflemektedir. IEEE P802.1DG çalışma grubu, gelecek nesil araç-içi platformlarda yaygın olarak kullanılması öngörülen ZHH teknolojisine dayalı, güvenli ve gerçek-zamanlı otomotiv gömülü sistem profili tanımlamaktadır. Bu makalede, ZHH’yı destekleyen araç-içi haberleşme ağlarının güvenliği ile ilişkili araştırma çalışmalarının kapsamlı bir incelemesi sunulmakta ve araç-içi haberleşme ağlarındaki gerçek zamanlı trafiği hedef alan Hizmet Reddi (HR) saldırı senaryoları tanımlanmaktadır. Saldırı senaryolarımızın, değişken boyutlara sahip iki farklı, gerçekçi araç-içi haberleşme ağlarının performansı üzerindeki etkisi analiz edilmektedir. Deney sonuçlarımız, HR saldırılarının ZHH uyumlu bir araç-içi haberleşme ağındaki güvenlik-kritik fonksiyonların sağlıklı işlevini kesintiye uğratacak ciddi sonuçlara yol açabileceğini göstermektedir.

Keywords

Araç-İçi Ağlar, Deterministik Gerçek-Zamanlı Haberleşme, IEEE 802.1 TSN, Hizmet Reddi Saldırıları

References

• Duo, W., Zhou, M., Abusorrah, A. 2022. A Survey of Cyber Attacks on Cyber Physical Systems: Recent Advances and Challenges. IEEE/CAA Journal of Automatica Sinica, 9(5):784-800.
• Zhou, Z., Lee, J., Berger, M. S., Park, S. and Yan, Y. 2021. Simulating TSN traffic scheduling and shaping for future automotive Ethernet," in Journal of Communications and Networks, vol. 23, no. 1, pp. 53-62, 2021, doi: 10.23919/JCN.2021.000001.
• Neumann, P. 2007. Communication in industrial automation—what is going on? Control Engineering Practice, 15(11):1332–1347. Special Issue on Manufacturing Plant Control: Challenges and Issues.
• Aliwa, E., Rana, O., Perera, C. and Burnap, P., 2021. Cyberattacks and countermeasures for in-vehicle networks. ACM Comput. Surv., 54(1).
• Thing, V. L. L. and Wu, J. 2016. "Autonomous Vehicle Security: A Taxonomy of Attacks and Defences," 2016 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), Chengdu, China, pp. 164-170, doi: 10.1109/iThings-GreenCom-CPSCom-SmartData.2016.52.
• Ashjaei, M., Bello L. L., Daneshtalab, M., Patti, G., Saponara, S., and Mubeen, S. 2021. Time-sensitive networking in automotive embedded systems: State of the art and research opportunities. Journal of Systems Architecture, 117:102137.
• IEEE P802.1DG, TSN Profile for Automotive In-Vehicle Ethernet Communications, 2021.
• Pop, P., Raagaard, M. L. 2017. Optimization algorithms for the scheduling of ieee 802.1 time-sensitive networking (tsn). Technical report, Tech. Univ. Denmark.
• Pop, P., Raagaard, M. L., Craciunas, S. and Steiner, W. 2016. Design optimization of cyber-physical distributed systems using ieee time-sensitive networks (tsn). IET Cyber-Physical Systems: Theory & Applications.
• Petit, J. and Shladover, S.E. 2015. Potential cyberattacks on automated vehicles. IEEE Transactions on Intelligent Transportation Systems, 16(2):546–556.
• Waraich, P. S. and Batra, N. 2017. Prevention of denial of service attack over vehicle ad hoc networks using quick response table. In 2017 4th International Conference on Signal Processing, Computing and Control (ISPCC), pages 586–591.
• Patti, G. and Bello, L.L. 2019. Performance Assessment of the IEEE 802.1Q in Automotive Applications. In 2019 AEIT International Conference of Electrical and Electronic Technologies for Automotive (AEIT AUTOMOTIVE), pp. 1-6.
• Leonardi, L., Bello, L. L. and Patti, G. 2020. Performance assessment of the IEEE 802.1Qch in an automotive scenario. In 2020 AEIT International Conference of Electrical and Electronic Technologies for Automotive (AEIT AUTOMOTIVE), pp. 1-6.
• L., Bello, Ashjaei, M., Patti, G. and Behnam, M. 2020. Schedulability analysis of time-sensitive networks with scheduled traffic and preemption support. Journal of Parallel and Distributed Computing, 144:153– 171.
• Luo, F., Wang, B., Yang, Z., Zhang, P., Ma, Y., Fang, Z., Wu, M. and Sun, Z. 2022. Design methodology of automotive time-sensitive network system based on omnet++ simulation system. Sensors, 22(12).
• Zhao, L., Pop, P. and Craciunas, S.S. 2018. Worst-Case Latency Analysis for IEEE 802.1Qbv Time Sensitive Networks Using Network Calculus. IEEE Access, 6:41803-41815.
• Laursen, S.M., Pop, P. and Steiner, W. 2016. Routing optimization of avb streams in tsn networks. SIGBED Rev., 13(4):43–48.
• Topsakal, M. and Cevher, S. 2022. Impact Analysis of Denial of Service Attacks in IEEE 802.1 Time Sensitive Networking. In 30th IEEE Signal Processing and Communications Applications Conference (SIU), pp. 1-4.
• Navet N. and Simonot-Lion, F. 2013. In-vehicle communication networks - a historical perspective and review. Industrial Communication Technology Handbook, Second Edition, CRC Press Taylor&Francis.
• Alves, R. 2008. A glimpse into the future of travel and its impact on marketing, in: IEEE-SA Ethernet and IP at Automotive Technology day (EIPATD). https://standards.ieee.org/wp-content/uploads/import/documents/other/eipatd-presentations/2019/D2-01_ALVES-Design_and_Implementation_of_IDS_for_AVB-TSN_Networks.pdf. [Online; accessed January-2023].
• Ergenc, D., Brulhart, C., Neumann, J., Kruger, L., Fischer, M.. 2021. On the Security of IEEE 802.1 Time-Sensitive Networking," 2021 IEEE International Conference on Communications Workshops, Montreal, QC, Canada, pp. 1-6, doi: 10.1109/ICCWorkshops50388.2021.9473542.
• Bello L.L. and Steiner W. 2019. A Perspective on IEEE Time-Sensitive Networking for Industrial Communication and Automation Systems, in Proceedings of the IEEE, vol. 107, no. 6, pp. 1094-1120, doi: 10.1109/JPROC.2019.2905334.
• Mahfouzi, R., Aminifar, A., Samii, S., Eles, P. and Peng, Z. 2019. Security-aware Routing and Scheduling for Control Applications on Ethernet TSN Networks. ACM Trans. Des. Autom. Electron. Syst. https://doi.org/10.1145/3358604.
• Reusch, N., Craciunas, S.S. and Pop, P. 2022. Dependability-aware routing and scheduling for time-sensitive networking. IET Cyber-Physical Systems: Theory & Applications, 7(3):124–146.
• Wüsteney, L., Menth, M., Hummen, R. and Heer, T. 2021. Impact of packet filtering on time-sensitive networking traffic. In 2021 17th IEEE International Conference on Factory Communication Systems (WFCS), pages 59–66.
• Pena, R.A., Pascual, M., Astarloa, A., Uribe, D. and Inchausti, J. 2022. Impact of macsec security on tsn traffic. In 2022 37th Conference on Design of Circuits and Integrated Circuits (DCIS), pages 01–06.
• Tang, S., Hu, X. and Zhao, L. 2020. Modeling and security analysis of ieee 802.1as using hierarchical colored petri nets. In GLOBECOM 2020 - 2020 IEEE Global Communications Conference, pages 1–6, doi: 10.1109/GLOBECOM42002.2020.9347988.
• Kobzan, T., Schriegel, S., Althoff, S., Boschmann, A., Otto, J. and Jasperneite, J. 2018. Secure and time-sensitive communication for remote process control and monitoring. In 2018 IEEE 23rd International Conference on Emerging Technologies and Factory Automation (ETFA), volume 1, pages 1105– 1108.
• Li, H., Li, D., Zhang, X., Shou, G., Hu, Y. and Liu, Y. 2021. A security management architecture for time synchronization towards high precision networks. IEEE Access, 9:117542–117553.
• Böhm, M., Ohms, J., Gebauer, O. and Wermser, D. 2018. Architectural design of a tsn to sdn gateway in the context of industry 4.0.
• Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S., Koscher, K., Czeskis, A., Roesner, F. and Kohno, T. 2011. Comprehensive experimental analyses of automotive attack surfaces. In Proceedings of the 20th USENIX Conference on Security, SEC’11, page 6, USA, USENIX Association.
• Koscher, K. et al. Experimental Security Analysis of a Modern Automobile. 2010. 2010 IEEE Symposium on Security and Privacy, Oakland, CA, USA, pp. 447-462, doi: 10.1109/SP.2010.34.
• Miller, C., Valasek, C. 2013. Adventures in Automotive Networks and Control Units.
• Woo, S., Jo H. J. and Lee, D. H. 2015. A Practical Wireless Attack on the Connected Car and Security Protocol for In-Vehicle CAN. in IEEE Transactions on Intelligent Transportation Systems, vol. 16, no. 2, pp. 993-1006, doi: 10.1109/TITS.2014.2351612.
• Miller, C., Valasek, C. 2014. A survey of remote automotive attack surfaces.
• Miller, C., Valasek, C. 2015. Remote Exploitation of an Unaltered Passenger Vehicle. Black Hat USA 2015.
• Chen, Y. et al. Can You Trust Autonomous Vehicles: Contactless Attacks against Sensors of Self-driving Vehicle. 2016.
• Zeng, K., Liu, S., Shu, Y., Wang, D., Li, H., Dou, Y., Wang, G. and Yang, Y. 2018. All your GPS are belong to us: towards stealthy manipulation of road navigation systems. In Proceedings of the 27th USENIX Conference on Security Symposium (SEC'18). USENIX Association, USA, 1527–1544.
• Nie S. and Liu, L. 2017. Free-fall: Hacking tesla from wireless to can bus. Technical report, Keen Security Lab of Tencent.
• Nie S., Liu, L., Du, Y., Zhang, W. 2018. Over-the-air: how we remotely compromised the gateway and autopilot ECUs of Tesla cars, Keen Security Lab of Tencent, Black Hat USA.
• Cai, W.Z.Z. and Wang, A. 2019. 0-days & mitigations: Roadways to exploit and secure connected bmw cars. Technical report, Keen Security Lab of Tencent.
• Mercedes benz mbux security research report. 2021. Technical report, Keen Security Lab of Tencent.
• Bello, L. L., Mariani, R., Mubeen, S. and Saponara, S. 2019. Recent advances and trends in on-board embedded and networked automotive systems. IEEE Transactions on Industrial Informatics, 15(2):1038–1051.
• Lin, C.W. and Yu, H. 2016. Invited: Cooperation or competition? coexistence of safety and security in next-generation ethernet-based automotive networks. In 2016 53nd ACM/EDAC/IEEE Design Automation Conference (DAC), pages 1–6.
• Häckel, T., Meyer, P., Korf F. and Schmidt, T. C. 2023. Secure Time-Sensitive Software-Defined Networking in Vehicles. IEEE Transactions on Vehicular Technology, vol. 72, no. 1, pp. 35-51, doi: 10.1109/TVT.2022.3202368.
• Meyer, P., Häckel, T., Korf F. and Schmidt, T. C. 2020. Network Anomaly Detection in Cars based on Time-Sensitive Ingress Control," 2020 IEEE 92nd Vehicular Technology Conference (VTC2020-Fall), Victoria, BC, Canada, pp. 1-5, doi: 10.1109/VTC2020-Fall49728.2020.9348746.
• Luo, F., Wang, B., Fang, Z., Yang, Z., Jiang, Y. and Demertzis, K. 2021. Security Analysis of the TSN Backbone Architecture and Anomaly Detection System Design Based on IEEE 802.1Qci. Sec. and Commun.Netw.2021. https://doi.org/10.1155/2021/6902138
• Meyer, P. 2016. Preventing dos attacks in time sensitive networking in-car networks through credit based ingress metering.
• Aoudi, W., Nowdehi, N., Almgren, M. and Olovsson, T. 2021. Spectra: detecting attacks on in-vehicle networks through spectral analysis of CAN-message payloads. In Proceedings of the 36th Annual ACM Symposium on Applied Computing (SAC '21). Association for Computing Machinery, New York, NY, USA,1588–1597. https://doi.org/10.1145/3412841.3442032.
• Bozdal, M., Samie, M. and Jennions, I. K. 2021. WINDS: A Wavelet-Based Intrusion Detection System for Controller Area Network (CAN). IEEE Access, 9, 58621-58633.
• Nowdehi, N., Aoudi, W., Almgren, M., Olovsson, T. 2019. CASAD: CAN-Aware Stealthy-Attack Detection for In-Vehicle Networks.
• Han, M. L., Kwak B. I. and Kim H. K. 2021. Event-Triggered Interval-Based Anomaly Detection and Attack Identification Methods for an In-Vehicle Network. IEEE Transactions on Information Forensics and Security, vol. 16, pp. 2941-2956, doi: 10.1109/TIFS.2021.3069171.
• Cho K. T. and Shin, K.G. 2016. Fingerprinting electronic control units for vehicle intrusion detection. In Proceedings of the 25th USENIX Conference on Security Symposium, SEC’16, page 911–927, USA. USENIX Association.
• Waszecki, P., Mundhenk, P., Steinhorst, S., Lukasiewycz, M., Karri, R. and Chakraborty, S. 2017. Automotive electrical and electronic architecture security via distributed in-vehicle traffic monitoring. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 36(11):1790–1803.
• Specht, J. and Samii, S. 2017. Synthesis of queue and priority assignment for asynchronous traffic shaping in switched ethernet. In 2017 IEEE Real-Time Systems Symposium (RTSS), pages 178–187.
• Demir, Ö.K. and Cevher, S. 2023. Multi-Topology Routing based traffic optimization for IEEE 802.1 Time Sensitive Networking. Real-Time Syst, 59:123–159.
• Alshammari, A., Zohdy, M., Debnath, D. and Corser, G. 2018. Classification approach for intrusion detection in vehicle systems. Wireless Engineering and Technology, 09:79–94.
• Ji, H., Wang, Y., Qin, H., Wu, X. and Yu, G. 2018. Investigating the effects of attack detection for in-vehicle networks based on clock drift of ecus. IEEE Access, 6:49375–49384.
• IEEE Standard for Local and Metropolitan Area Networks--Audio Video Bridging (AVB) Systems. 2021. IEEE Std 802.1BA-2021 (Revision of IEEE Std 802.1BA-2011).
• Bhuyan, M., Bhattacharyya, D. K. and Kalita, J. 2017. Network Traffic Anomaly Detection and Prevention: Concepts, Techniques, and Tools.
• Markou, M. and Singh, S. 2003. Novelty detection: a review - part 1: statistical approaches. Signal Process., 83:2481–2497.
• Falk, J., Hellmanns, D., Carabelli, B., Nayak, N., Dürr, F., Kehrer S. and Rothermel, K. 2019. NeSTiNg: Simulating IEEE Time-sensitive Networking (TSN) in OMNeT++. In International Conference on Networked Systems (NetSys). 1-8.