International Journal of Automotive Technology

, Volume 19, Issue 5, pp 879–894 | Cite as

Review of Secure Communication Approaches for In-Vehicle Network

  • Qiang Hu
  • Feng Luo


In the connected vehicles, connecting interfaces bring threats to the vehicles and they can be hacked to impact the vehicles and drivers. Compared with traditional vehicles, connected vehicles require more information transfer. Sensor signals and critical data must be protected to ensure the cyber security of connected vehicles. The communications among ECUs, sensors, and gateways are connected by in-vehicle networks. This paper discussed the state-of-art techniques about secure communication for in-vehicle networks. First, the related concepts in automotive secure communication have been provided. Then we have compared and contrasted existing approaches for secure communication. We have analyzed the advantages/disadvantages of MAC and digital signatures for message authentication and compared the performance and limitations of different cryptographic algorithms. Firewall and intrusion detection system are introduced to protect the networks. The constraints and features of different intrusion detection approaches are presented. After that, the technical requirements for cryptographic mechanism and intrusion detection policy are concluded. Based on the review of current researches, the future development directions of the automotive network security have been discussed. The purpose of this paper is to review current techniques on automotive secure communication and suggest suitable secure approaches to implement on the in-vehicle networks.

Key words

Cyber security Vehicle network Secure communication Intrusion detection 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. Ahn, S., Kim, H., Jeong, J. and Kim, K. (2016). A countermeasure against spoofing and DoS attacks based on message sequence and temporary IDin CAN. Symp. Cryptography and Information Security, Kumamoto, Japan.Google Scholar
  2. AUTOSAR (2016a). Specification of Crypto Service Manager. AUTOSAR CPRelease 4.3.0.Google Scholar
  3. AUTOSAR (2016b). Requirements on E2E Communication Protection. AUTOSAR CPRelease 4.3.0, 1–14.Google Scholar
  4. AUTOSAR (2016c). Specification of Module Secure Onboard Communication. AUTOSAR Release 4.3.0.Google Scholar
  5. Bayer, S., Enderle, T., Oka, D. K. and Wolf, M. (2015). Security crash test–Practical security evaluations of automotive onboard IT components. Automotive–Safety & Security, Stuttgart, Germany.Google Scholar
  6. Bayer, S., Enderle, T., Oka, D., Wolf, M. and Gmbh, E. (2016). Automotive security testing–The digital crash test. Energy Consumption and Autonomous Driving: Proc. 3rd CESA Automotive Electronics Cong., Paris, France.Google Scholar
  7. Bittl, S. (2014). Attack potential and efficient security enhancement of automotive bus networks using short MACs with rapid key change. Communication Technologies for Vehicles, 113–125.CrossRefGoogle Scholar
  8. Bogdanov, A., Knudsen, L. R., Leander, G., Paar, C., Poschmann, A., Robshaw, M. J., Seurin, Y. and Vikkelsoe, C. (2007). PRESENT: An ultra-lightweight block cipher. Cryptographic Hardware and Embedded Systems–CHES, 450–466.Google Scholar
  9. Bouard, A., Glas, B., Jentzsch, A., Kiening, A., Kittel, T., Stadler, F. and Weyl, B. (2012a). Driving automotive middleware towards a secure ip-based future. 10th ESCAR Europe, 1–9.Google Scholar
  10. Bouard, A., Schanda, J., Herrscher, D. and Eckert, C. (2012b). Automotive proxy-based security architecture for CE device integration. Int. Conf. Mobile Wireless Middleware, Operating Systems, and Applications, 62–76.Google Scholar
  11. Cain, H. (2015). Applying machine learning for anomaly detection in CAN bus networks. 13th ESCAR Europe, 1–3.Google Scholar
  12. Checkoway, S., Mccoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S., Koscher, K., Czeskis, A., Roesner, F. and Kohno, T. (2011). Comprehensive experimental analyses of automotive attack surfaces. Proc. 20th USENIX Conf. Security, San Francisco, California, USA.Google Scholar
  13. Cho, K. T. and Shin, K. (2017). Viden: Attacker identification on in-vehicle networks. Proc. ACM SIGSAC Conf. Computer and Communications Security, 1109–1123.Google Scholar
  14. Czerny, B. J. (2013). System security and system safety engineering: Differences and similarities and a system security engineering process based on the ISO 26262 process framework. SAE Int. J. Passenger Cars - Electronic and Electrical Systems 6, 1, 349–359.CrossRefGoogle Scholar
  15. Dagan, T. and Wool, A. (2016). Parrot, a software-only anti-spoofing defense system for the CAN bus. 14th ESCAR Europe, 1–10.Google Scholar
  16. Dardanelli, A., Maggi, F., Tanelli, M., Zanero, S., Savaresi, S. M., Kochanek, R. and Holz, T. (2013). A security layer for smartphone-to-vehicle communication over bluetooth. IEEE Embedded Systems Letters 5, 3, 34–37.CrossRefGoogle Scholar
  17. Dariz, L., Ruggeri, M., Costantino, G. and Martinelli, F. (2016). A survey over low-level security issues in heavy duty vehicles. 14th ESCAR Europe, 1–7.Google Scholar
  18. Elend, B. and Adamson, T. (2017). Cyber security enhancing CAN transceivers. 16th Int. CAN Conf., Nuremberg, Germany.Google Scholar
  19. Escherich, R., Ledendecker, I., Schmal, C., Kuhls, B., Grothe, C. and Scharberth, F. (2009). SHE–Secure Hardware Extension Functional Specification. HIS AK Security.Google Scholar
  20. Forest, T. and Jochim, M. (2011). On the fault detection capabilities of AUTOSAR’s end-to-end communication protection CRC’s. SAE Paper No. 2011–01–0999.Google Scholar
  21. Fuchs, A. and Rieke, R. (2009). Identification of authenticity requirements in systems of systems by functional security analysis. Architecting Dependable Systems VII, 74–96.Google Scholar
  22. Garner, G. M., Feng, F., den Hollander, K., Jeong, H., Kim, B., Lee, B. J., Jung, T. C. and Joung, J. (2007). IEEE 802.1 AVB and its application in carrier-grade ethernet [Standards topics]. IEEE Communications Magazine 45, 12, 126–134.CrossRefGoogle Scholar
  23. Glas, B., Gramm, J. and Vembar, P. (2015). Towards an information security framework for the automotive domain. Lecture Notes in Informatics, Proc.–Series of the Gesellschaft für Informatik, Stuttgart, Germany, 109–124.Google Scholar
  24. Glass, M., Herrscher, I., Meier, H. and Schoo, P. (2010). ‘SEIS’–Security in embedded IP-based systems. ATZ Elektronik, 36–41.Google Scholar
  25. Groll, A. and Ruland, C. (2009). Secure and authentic communication on existing in-vehicle networks. IEEE Intelligent Vehicles Symp., 1093–1097.Google Scholar
  26. Grote, R., Friederici, F., Holle, J., Groll, A., Cankaya, H. and Enderle, T. (2011). Specification of Secure Communication. Oversee Project Deliverable Report. D2.4.Google Scholar
  27. Groza, B. and Murvay, S. (2013). Efficient protocols for secure broadcast in controller area networks. IEEE Trans. Industrial Informatics 9, 4, 2034–2042.CrossRefGoogle Scholar
  28. Groza, B., Murvay, S., Van Herrewege, A. and Verbauwhede, I. (2012). LiBrA-CAN: A lightweight broadcast authentication protocol for controller area networks. Cryptology and Network Security, 185–200.CrossRefGoogle Scholar
  29. Hamada, Y., Inoue, M., Horihata, S. and Kamemura, A. (2016). Intrusion detection by density estimation of reception cycle periods for in-vehicle networks: A proposal. 14th ESCAR Europe, 1–10.Google Scholar
  30. Han, G., Zeng, H., Li, Y. and Dou, W. (2014). SAFE: Security-aware flexray scheduling engine. Design, Automation & Test in Europe Conf. & Exhibition (DATE), Dresden, Germany.Google Scholar
  31. Han, K., Divya Potluri, S. and Shin, K. G. (2013). On authentication in a connected vehicle: Secure integration of mobile devices with vehicular networks. Proc. IEEE Int. Conf. Cyber-Physical Systems (ICCPS), Philadelphia, Pennsylvania, USA, 160–169.CrossRefGoogle Scholar
  32. Han, K., Weimerskirch, A. and Shin, K. G. (2015). A practical solution to achieve real-time performance in the automotive network by randomizing frame identifier. 13th ESCAR Europe, 1–10.Google Scholar
  33. Happel, A. (2014). Secure communication for CANFD. CAN Newsletter, 4, 1–3.Google Scholar
  34. Hartkopp, O., Reuber, C. and Schilling, R. (2012). MaCAN–Message authenticated CAN. 10th ESCAR Europe, 1–7.Google Scholar
  35. Hazem, A. and Fahmy, H. A. H. (2012). LCAP–A lightweight CAN authentication protocol for securing in-vehicle networks. 10th ESCAR Europe, 1–10.Google Scholar
  36. Henniger, O., Apvrille, L., Fuchs, A., Roudier, Y., Ruddle, A. and Weyl, B. (2009). Security requirements for automotive on-board networks. Proc. IEEE Int. Conf. Intelligent Transport Systems Telecommunications, Lille, France, 641–646.Google Scholar
  37. Herber, C., Richter, A., Rauchfuss, H. and Herkersdorf, A. (2014). Spatial and temporal isolation of virtual CAN controllers. ACM SIGBED Review 11, 2, 19–26.CrossRefGoogle Scholar
  38. Herrewege, A. V., Singelee, D. and Verbauwhede, I. (2011). CANAuth–A simple, backward compatible broadcast authentication protocol for CAN bus. ECRYPT Workshop on Lightweight Cryptography, Louvain-la-Neuve, Belgium.Google Scholar
  39. Idrees, M. S. and Roudier, Y. (2012). Effective and efficient security policy engines for automotive on-board networks. Communication Technologies for Vehicles, 14–26.CrossRefGoogle Scholar
  40. ISO 11898–1 (2015). Road Vehicles — Controller Area Network (CAN) — Part 1: Data Link Layer and Physical Signalling.Google Scholar
  41. ISO 17458–1 (2013). Road Vehicles — FlexRay Communications System — Part 1: General Information and Use Case Definition.Google Scholar
  42. ISO/DIS 17987–3 (2015). Road Vehicles–Local Interconnect Network (LIN)–Part 3: Protocol Specification.Google Scholar
  43. ISO/DIS 26262–6 (2011). Road Vehicles — Functional Safety — Part 6: Product Development at the Software Level.Google Scholar
  44. Jerschow, Y. I., Lochert, C., Scheuermann, B. and Mauve, M. (2008). CLL: A cryptographic link layer for local area networks. Int. Conf. Security and Cryptography for Networks, 21–38.CrossRefGoogle Scholar
  45. Kang, M. J. and Kang, J. W. (2016). A novel intrusion detection method using deep neural network for invehicle network security. Proc. IEEE 83rd Vehicular Technology Conf. (VTC Spring), Nanjing, China.Google Scholar
  46. Karthik, T., Awwad, S., Mccoy, D., Bielawski, R., Mott, C., Lauzon, S., Cappos, J. and Trishank, K. K. (2016). Uptane: Securing software updates for automobiles. 14th ESCAR Europe, 1–11.Google Scholar
  47. Kleberger, P., Olovsson, T. and Jonsson, E. (2011). Security aspects of the in-vehicle network in the connected car. Proc. IEEE Intelligent Vehicles Symp. (IV), Baden-Baden, Germany, 528–533.Google Scholar
  48. Klimke, M., Scheibert, K., Freiwald, A. and Steurich, B. (2015). Secure and seamless integration of Software Over The Air (SOTA) update in modern car board net architectures. 13th ESCAR Europe, 1–19.Google Scholar
  49. Kobayashi, H., Konno, C., Kayashima, M. and Nakano, M. (2013). Approaches for Vehicle Information Security. IPA Report.Google Scholar
  50. Kochanek, R., Dardanelli, A., Maggi, F., Zanero, S. and Holz, T. (2013). Secure integration of mobile devices for automotive services. 11th ESCAR Europe, 1–18.Google Scholar
  51. Koscher, K., Czeskis, A., Roesner, F., Patel, S. and Kohno, T. (2010). Experimental security analysis of a modern automobile. Proc. IEEE Symp. Security and Privacy (SP), Berkeley/Oakland, California, USA, 447–462.Google Scholar
  52. Kurachi, R., Takada, H., Mizutani, T., Ueda, H. and Horihata, S. (2015). SecGW–Secure gateway for invehicle networks. 13th ESCAR Europe, 1–8.Google Scholar
  53. Kuzhiyelil, D. and Tverdyshev, S. (2015). A secure update architecture for high assurance mixed-criticality system. 13th ESCAR Europe, 1–10.Google Scholar
  54. Larson, U. E., Nilsson, D. K. and Jonsson, E. (2008). An approach to specification-based attack detection for invehicle networks. Proc. IEEE Intelligent Vehicles Symp., Eindhoven, Netherlands, 220–225.Google Scholar
  55. Lastinec, J. and Hudec, L. (2016). Comparative analysis of TCP/IP security protocols for use in vehicle communication. Proc. IEEE 17th Int. Carpathian Control Conf. (ICCC), Tatranska Lomnica, Slovakia, 429–433.Google Scholar
  56. Lin, C.-W. and Sangiovanni-Vincentelli, A. (2012). Cybersecurity for the controller area network (CAN) communication protocol. Proc. IEEE Int. Conf. Cyber Security, Alexandria, Virginia, USA, 1–7.Google Scholar
  57. Macher, G., Messnarz, R., Armengaud, E., Riel, A., Brenner, E. and Kreiner, C. (2017). Integrated safety and security development in the automotive domain. SAE Paper No. 2017–01–1661.CrossRefGoogle Scholar
  58. Mansor, H., Markantonakis, K. and Mayes, K. (2014). CAN bus risk analysis revisit. Proc. Information Security Theory and Practice, Heraklion, Crete, Greece, 170–179.Google Scholar
  59. Matheus, K. and Königseder, T. (2015). Automotive Ethernet. Cambridge University Press. Cambridge, UK.Google Scholar
  60. Matsumoto, T., Hata, M., Tanabe, M., Yoshioka, K. and Oishi, K. (2012). A method of preventing unauthorized data transmission in controller area network. Proc. IEEE 75th Vehicular Technology Conf. (VTC Spring), Yokohama, Japan, 1–5.Google Scholar
  61. McCarthy, C. and Harnett, K. (2014). National Institute of Standards and Technology Cybersecurity Risk Management Framework Applied to Modern Vehicles. NHTSA Technical Report. DOT HS812073.Google Scholar
  62. McCarthy, C., Harnett, K. and Carter, A. (2014). A Summary of Cybersecurity Best Practices. NHTSA Technical Report. DOT HS812075.Google Scholar
  63. Miller, C. and Valasek, C. (2013). Adventures in automotive networks and control units. DEF CON 21 Hacking Conf., Las Vegas, USA.Google Scholar
  64. Miller, C. and Valasek, C. (2015). Remote exploitation of an unaltered passenger vehicle. Black Hat USA, Las Vegas, USA.Google Scholar
  65. Mousa, A. R., NourElDeen, P., Azer, M. and Allam, M. (2016). Lightweight authentication protocol deployment over FlexRay. Proc. 10th Int. Conf. Informatics and Systems, Giza, Egypt, 233–239.CrossRefGoogle Scholar
  66. Müter, M. and Asaj, N. (2011). Entropy-based anomaly detection for in-vehicle networks. Proc. IEEE Intelligent Vehicles Symp. (IV), 1110–1115.Google Scholar
  67. Navale, V. M., Williams, K., Lagospiris, A., Schaffert, M. and Schweiker, M.-A. (2015). (R)evolution of E/E architectures. SAE Int. J. Passenger Cars - Electronic and Electrical Systems 8, 2, 282–288.CrossRefGoogle Scholar
  68. Nilsson, D. K. and Larson, U. E. (2008). Secure firmware updates over the air in intelligent vehicles. Proc. IEEE Int. Conf. Communications, Beijing, China, 380–384.Google Scholar
  69. Nilsson, D. K., Larson, U. E., Picasso, F. and Jonsson, E. (2009). A first simulation of attacks in the automotive network communications protocol flexRay. Proc. Int. Workshop on Computational Intelligence in Security for Information Systems, 84–91.Google Scholar
  70. Nilsson, D. K., Sun, L. S. L. and Nakajima, T. (2008). A framework for self-verification of firmware updates over the air in vehicle ECUs. Proc. IEEE Globecom Workshops, New Orleans, Louisiana, USA, 1–5.Google Scholar
  71. NIST (2001). Announcing the Advanced Encryption Standard (AES). Federal Information Processing Standards Publication 197.Google Scholar
  72. Northcutt, S. and Novak, J. (2002). Network Intrusion Detection. Sams Publishing. Indianapolis, Indiana, USA.Google Scholar
  73. Otsuka, S. and Ishigooka, T. (2014). CAN security: Costeffective intrusion detection for real-time control systems overview of in-vehicle networks. SAE Paper No. 2014–01–0340.Google Scholar
  74. Park, S., Park, Y. and Park, Y. S. (2016). Degree of fault isolability and active fault diagnosis for redundantly actuated vehicle system. Int. J. Automotive Technology 17, 6, 1045–1053.CrossRefGoogle Scholar
  75. Petit, J. and Shladover, S. E. (2015). Potential cyberattacks on automated vehicles. IEEE Trans. Intelligent Transportation Systems 16, 2, 546–556.Google Scholar
  76. Petri, R., Springer, M., Zelle, D., McDonald, I., Fuchs, A. and Krauß, C. (2016). Evaluation of lightweight TPMs for automotive software updates over the air. 4th ESCAR USA, 1–15.Google Scholar
  77. Ruddle, A., Ward, D., Idrees, S. and Roudier, Y. (2009). Security Requirements for Automotive On-board Networks Based on Dark-side Scenarios. EVITA Project Deliverable Report. D3.2.Google Scholar
  78. SAE (2016a). Cybersecurity Guidebook for Cyber-physical Vehicle Systems. SAE International.Google Scholar
  79. SAE (2016b). Time-triggered Ethernet. SAE International.Google Scholar
  80. Schmidt, K., Zweck, H., Dannebaum, U. and Ag, I. T. (2016). Hardware and software constraints for automotive firewall systems. SAE Paper No. 2016–01–0063.CrossRefGoogle Scholar
  81. Schweppe, H., Idrees, S., Roudier, Y., Weyl, B., Khayari, R. E., Henniger, O., Scheuermann, D., Pedroza, G., Apvrille, L., Seudi’e, H., Platzdasch, H. and Sall, M. (2011). D3.3: Secure On-board Protocols Specification.Google Scholar
  82. Seifert, S. and Obermaisser, R. (2014). Secure automotive gateway–Secure communication for future cars. Proc. IEEE Int. Conf. Industrial Informatics (INDIN), Porto Alegre, Brazil, 213–220.Google Scholar
  83. Smith, C. (2016). Car Hacker’s Handbook. No Starch Press. San Francisco, California, USA.Google Scholar
  84. Standaert, F.-X., Piret, G., Gershenfeld, N. and Quisquater, J.-J. (2006). SEA: A scalable encryption algorithm for small embedded applications. Smart Card Research and Advanced Applications, 222–236.CrossRefGoogle Scholar
  85. Takahashi, J., Aragane, Y., Miyazawa, T., Fuji, H., Yamashita, H., Hayakawa, K., Ukai, S. and Hayakawa, H. (2017). Automotive attacks and countermeasures on LIN-bus. J. Information Processing, 25, 220–228.CrossRefGoogle Scholar
  86. Trusted Computing Group (2015). TCG TPM 2.0 Automotive Thin Profile. TCG Published, TCG Published Vol. 1.0.Google Scholar
  87. Ueda, H., Kurachi, R., Takada, H., Mizutani, T., Inoue, M. and Horihata, S. (2015). Security authentication system for in-vehicle network. SEI Technical Review, 81, 5–9.Google Scholar
  88. Ujiie, Y., Kishikawa, T., Haga, T., Matsushima, H., Wakabayashi, T., Tanabe, M., Kitamura, Y. and Anzai, J. (2015). A method for disabling malicious CAN messages by using a centralized monitoring and interceptor ECU. 13th ESCAR Europe, 1–10.Google Scholar
  89. Vuillaume, C., Oka, D. K., Furue, T. and Etas, K. K. (2015). Cyber-security for engine ECUs: Past, present and future. SAE Paper No. 2015–01–1998.Google Scholar
  90. Ward, D., Ibara, I. and Ruddle, A. (2013). Threat analysis and risk assessment in automotive cyber security. SAE Int. J. Passenger Cars - Electronic and Electrical Systems 6, 2, 507–513.CrossRefGoogle Scholar
  91. Weimerskirch, A. (2011). Do vehicles need data security?. SAE Paper No. 2011–01–0040.CrossRefGoogle Scholar
  92. Weyl, B., Wolf, M., Zweers, F., Idrees, M. S., Roudier, Y., Schweppe, H., Khayari, R. E., Henniger, O., Scheuermann, D. and Apvrille, L. (2011). Secure Onboard Architecture Specification. EVITA Project Deliverable Report. D3.2.Google Scholar
  93. Wolf, M. (2009). Security Engineering for Vehicular IT Systems. Viewet + Teubner. Wiesbaden, Germany.CrossRefGoogle Scholar
  94. Wolf, M., Weimerskirch, A. and Paar, C. (2004). Security in automotive bus systems. 2nd ESCAR Europe, 1–13.Google Scholar
  95. Woo, S., Jo, H. J. and Lee, D. H. (2015). A practical wireless attack on the connected car and security protocol for in-vehicle CAN. IEEE Trans. Intelligent Transportation Systems 16, 2, 993–1006.Google Scholar
  96. Woo, S., Jo, H. J., Kim, I. S. and Lee, D. H. (2016). A practical security architecture for in-vehicle CAN-FD. IEEE Trans. Intelligent Transportation Systems 17, 8, 2248–2261.CrossRefGoogle Scholar
  97. Wooderson, P. and Ward, D. (2017). Cybersecurity testing and validation. SAE Paper No. 2017–01–1655.CrossRefGoogle Scholar
  98. Yoshikawa, M., Sugioka, K., Nozaki, Y. and Asahi, K. (2015). Secure in-vehicle systems against Trojan attacks. Proc. IEEE/ACIS 14th Int. Conf. Computer and Information Science (ICIS), Las Vegas, Nevada, USA, 29–33.Google Scholar
  99. Zelle, D., Krauß, C. and Schmidt, K. (2017). On using TLS to secure in-vehicle networks. Proc. 12th Int. Conf. Availability, Reliability and Security, Reggio Calabria, Italy.Google Scholar
  100. Ziermann, T., Wildermann, S. and Teich, J. (2009). CAN+: A new backward-compatible controller area network (CAN) protocol with up to 16x higher data rates. Proc. Conf. Design, Automation and Test in Europe, Nice, France.Google Scholar

Copyright information

© The Korean Society of Automotive Engineers and Springer-Verlag GmbH Germany, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Clean Energy Automotive Engineering Center, School of Automotive StudiesTongji UniversityShanghaiChina

Personalised recommendations