Contributions to in-vehicle networks: error injection and intrusion detection system for CAN, and audio video bridging synchronization

Vehicles are equipped with Electronic Control Units (ECUs) responsible for performing tasks as simple as lighting up brake lights or as complex as controlling the wheels of an electric car. The exchange of information between ECUs uses the Controller Area Network (CAN) and the Controller Area Networ...

Full description

Main Author: ARAUJO FILHO, Paulo Freitas de
Other Authors: CAMPELO, Divanilson Rodrigo de Sousa
Format: masterThesis
Language: eng
Published: Universidade Federal de Pernambuco 2019
Subjects:
Online Access: https://repositorio.ufpe.br/handle/123456789/31916
Tags: Add Tag
No Tags, Be the first to tag this record!
id ir-123456789-31916
recordtype dspace
spelling ir-123456789-319162019-10-26T06:21:43Z Contributions to in-vehicle networks: error injection and intrusion detection system for CAN, and audio video bridging synchronization ARAUJO FILHO, Paulo Freitas de CAMPELO, Divanilson Rodrigo de Sousa http://lattes.cnpq.br/8618484705816309 http://lattes.cnpq.br/9838400375894439 Redes de computadores Técnicas de injeção de erros Vehicles are equipped with Electronic Control Units (ECUs) responsible for performing tasks as simple as lighting up brake lights or as complex as controlling the wheels of an electric car. The exchange of information between ECUs uses the Controller Area Network (CAN) and the Controller Area Network with Flexible Data Rate (CAN FD), which provides higher data rates and payloads, as the main and most used intra-vehicular networks, at least until today. Interconnected ECUs must work perfectly and interact with each other as well as with other car components in a reliable way, thus it is indispensable to test and predict the behavior of these units in error situations. For this, an error injection mechanism can be very advantageous for checking various error conditions in real-world scenarios that affect the safety of vehicles. Furthermore, nowadays, cars are also equipped with network technologies that provide connectivity to the external world. This offers numerous possibilities in terms of new applications and services to be provided, however makes the car a network node subject to cyber-attacks. It is then necessary to provide security mechanisms to prevent, or at least detect, attacks. Besides CAN and CAN FD networks, the advent of 100BASE-T1 Ethernet has feasible the outcome of many new automotive applications with higher bandwidth demands. In order to be use Ethernet in applications that require determinism, a series of IEEE standards, which together constitute the Audio Video Bridging (AVB), were developed and proposed. The IEEE 802.1AS, for instance, is the AVB standard that defines the generalized Precision Time Protocol (gPTP), responsible for node synchronization within AVB networks. In this context, this dissertation intends to make contributions for CAN/CAN FD networks as well as for the automotive Ethernet. For CAN networks, it proposes a novel Error Injection Technique to assist with system level validation tests and also an Intrusion Detection System based on machine learning algorithms. For automotive Ethernet, it designs and proposes a hardware implementation of the gPTP protocol that achieves the required nanoseconds precision, while also providing implementation details for future researches on that protocol. CNPq Veículos são equipados com unidades de controle eletrônico (ECUs) responsáveis por executar tarefas tão simples quanto acender as luzes de freio, ou tão complexas quanto controlar as rodas de um carro elétrico. A troca de informações entre ECUs utiliza a Controller Area Network (CAN) e a Controller Area Network with Flexible Data Rate (CAN FD), com maior taxa de transmissão e carga útil, como principais e mais utilizadas redes intra-veiculares, pelo menos por enquanto. ECUs interconectadas devem trabalhar perfeitamente e interagir umas com as outras, bem como com outros componentes veiculares, de forma confiável, sendo então imprescindível testar e prever o comportamento dessas unidades em situações de erro. Para isso, um mecanismo de injeção de erro pode ser muito vantajoso para verificar várias situações de erro em cenários reais, que possam afetar a segurança do veículo. Além disso, atualmente, os carros também são equipados com tecnologias de redes que proveem conectitividade com o meio exterior. Essa conectividade oferece inúmeras possibilidades em termos de novas aplicações e serviços a serem oferecidos, contudo, torna os carros sujeitos a ataques cibernéticos. É necessário então prover mecanismos de segurança para prevenir, ou ao menos detectar, ataques. Além das redes CAN e CAN FD, o advento da Ethernet 100BASE-T1 tem viabilizado uma grande gama de aplicações automotivas com maiores demandas de banda. A fim de usar a Ethernet para aplicações com requisitos temporais e determinísticos, uma série de padrões do IEEE, os quais juntos compõem o Audio Video Bridging (AVB), foi desenvolvida e proposta. O IEEE 802.1AS, por exemplo, é o padrão do AVB que define o generalized Precision Time Protocol (gPTP), responsável pela sincronização de nós em redes AVB. Esta dissertação propõe contribuições tanto para as redes CAN/CAN FD, como também para a Ethernet automotiva. Para redes CAN, são propostos uma nova técnica de injeção de erros, para auxiliar em testes de validação em nível de sistema, e um sistema de detecção de intrusão baseado em algoritmos de aprendizagem de máquina. Para a Ethernet automotiva, é proposta uma implementação em hardware do protocolo gPTP que atinge os requisitos de precisão de nano-segundos, enquanto que também oferecendo detalhes de implementação necessários para futuras pesquisas sobre o protocolo em questão. 2019-08-19T18:34:27Z 2019-08-19T18:34:27Z 2018-07-04 masterThesis https://repositorio.ufpe.br/handle/123456789/31916 eng embargoedAccess Attribution-NonCommercial-NoDerivs 3.0 Brazil http://creativecommons.org/licenses/by-nc-nd/3.0/br/ application/pdf Universidade Federal de Pernambuco UFPE Brasil Programa de Pos Graduacao em Ciencia da Computacao
institution REPOSITORIO UFPE
collection REPOSITORIO UFPE
language eng
topic Redes de computadores
Técnicas de injeção de erros
spellingShingle Redes de computadores
Técnicas de injeção de erros
ARAUJO FILHO, Paulo Freitas de
Contributions to in-vehicle networks: error injection and intrusion detection system for CAN, and audio video bridging synchronization
description Vehicles are equipped with Electronic Control Units (ECUs) responsible for performing tasks as simple as lighting up brake lights or as complex as controlling the wheels of an electric car. The exchange of information between ECUs uses the Controller Area Network (CAN) and the Controller Area Network with Flexible Data Rate (CAN FD), which provides higher data rates and payloads, as the main and most used intra-vehicular networks, at least until today. Interconnected ECUs must work perfectly and interact with each other as well as with other car components in a reliable way, thus it is indispensable to test and predict the behavior of these units in error situations. For this, an error injection mechanism can be very advantageous for checking various error conditions in real-world scenarios that affect the safety of vehicles. Furthermore, nowadays, cars are also equipped with network technologies that provide connectivity to the external world. This offers numerous possibilities in terms of new applications and services to be provided, however makes the car a network node subject to cyber-attacks. It is then necessary to provide security mechanisms to prevent, or at least detect, attacks. Besides CAN and CAN FD networks, the advent of 100BASE-T1 Ethernet has feasible the outcome of many new automotive applications with higher bandwidth demands. In order to be use Ethernet in applications that require determinism, a series of IEEE standards, which together constitute the Audio Video Bridging (AVB), were developed and proposed. The IEEE 802.1AS, for instance, is the AVB standard that defines the generalized Precision Time Protocol (gPTP), responsible for node synchronization within AVB networks. In this context, this dissertation intends to make contributions for CAN/CAN FD networks as well as for the automotive Ethernet. For CAN networks, it proposes a novel Error Injection Technique to assist with system level validation tests and also an Intrusion Detection System based on machine learning algorithms. For automotive Ethernet, it designs and proposes a hardware implementation of the gPTP protocol that achieves the required nanoseconds precision, while also providing implementation details for future researches on that protocol.
author2 CAMPELO, Divanilson Rodrigo de Sousa
format masterThesis
author ARAUJO FILHO, Paulo Freitas de
author_sort ARAUJO FILHO, Paulo Freitas de
title Contributions to in-vehicle networks: error injection and intrusion detection system for CAN, and audio video bridging synchronization
title_short Contributions to in-vehicle networks: error injection and intrusion detection system for CAN, and audio video bridging synchronization
title_full Contributions to in-vehicle networks: error injection and intrusion detection system for CAN, and audio video bridging synchronization
title_fullStr Contributions to in-vehicle networks: error injection and intrusion detection system for CAN, and audio video bridging synchronization
title_full_unstemmed Contributions to in-vehicle networks: error injection and intrusion detection system for CAN, and audio video bridging synchronization
title_sort contributions to in-vehicle networks: error injection and intrusion detection system for can, and audio video bridging synchronization
publisher Universidade Federal de Pernambuco
publishDate 2019
url https://repositorio.ufpe.br/handle/123456789/31916
_version_ 1648655297951039488
score 13.657419