Politecnico di Torino (logo)

Protecting In-Vehicle Services with a Secure SOME/IP Protocol

Marco Iorio

Protecting In-Vehicle Services with a Secure SOME/IP Protocol.

Rel. Fulvio Giovanni Ottavio Risso, Riccardo Sisto, Fulvio Valenza. Politecnico di Torino, Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering), 2018

PDF (Tesi_di_laurea) - Tesi
Licenza: Creative Commons Attribution Non-commercial No Derivatives.

Download (2MB) | Preview

Vehicles are becoming every generation more smart and ICT oriented: modern cars are characterized by dozens of different Electronic Control Units (ECUs), each one hosting one or more applications devoted to monitor and manage every single aspect of the vehicle itself. Advanced Driving Assistance Systems, nowadays becoming a standard, are going further, moving the control of safety critical systems, like braking and steering, to computers, algorithms and software. Previous researches demonstrated that many security flaws do exist in commercially available vehicles due to the massive presence of software. Network protocols designed without taking into proper account security design principles and application bugs have been exploited by researchers to remotely take over the control of different vehicular systems, without the possibility for the actual drivers to react. The thesis originates from these problems, and focuses on novel mechanisms and algorithms to provide improved security to the applications that are executed in the vehicle, which are based on the principle of defining exactly who can talk to whom, hence allowing each service to be contacted only from trusted parties. The desire for a future-proof solution, compatible with service relocatability and not tied to static configurations, has driven the research towards an emerging communication middleware designed for automotive use-cases: SOME/IP. While being very promising as a protocol, thanks to the service oriented abstraction and the transparent service discovery functionalities, it is characterized by no security features for protection from malicious or compromised ECUs. After having identified the major areas requiring protection, a security framework integrated with SOME/IP has been designed. It aims at guaranteeing both the authentication of the different parties involved in the communications and the protection of the actual messages transmitted over the network, without renouncing to the dynamism typical of this middleware. The designed framework has been implemented as a proof of concept inside the vsomeip stack, an open source implementation of the SOME/IP specifications. The functionalities and performances have been evaluated both quantitatively, by measuring the penalties introduced by the modifications, and by means of a demonstrator, which shows the different features of the proposed solution in an environment mimicking various ECUs deployed within a vehicle.

Relators: Fulvio Giovanni Ottavio Risso, Riccardo Sisto, Fulvio Valenza
Academic year: 2018/19
Publication type: Electronic
Number of Pages: 82
Corso di laurea: Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering)
Classe di laurea: New organization > Master science > LM-32 - COMPUTER SYSTEMS ENGINEERING
Aziende collaboratrici: ITALDESIGN GIUGIARO SPA
URI: http://webthesis.biblio.polito.it/id/eprint/9054
Modify record (reserved for operators) Modify record (reserved for operators)