In todays cars there are tiny controllers present in them to control and regulate each and every function they perform such as braking, ignition, speed control, distance measurement etc… And they are referred to as Electronic Control Units (ECU). A CAN bus is used for communication from which any connected ECU can retrieve as well as send information. Now this is prone to attacks from intruders who can hack data which may turn out to be fatal for the passengers.
Hence it becomes necessary for us to develop some security layer which can prevent all ECUS from taking information and only grant access to the designated ones. An algorithm is developed for reception and transmission and a security layer is implemented using freshness counters (FCs). This ensures data safety.
TABLE OF CONTENTS
CHAPTER TITLE PAGE
TITLE PAGE 1
BONAFIDE CERTIFICATE 2
LIST OF FIGURES 4
LIST OF ABBREVATIONS 4
1 ABSTRACT 5
TABLE OF CONTENTS 6
2 BASICS OF AUTOMOBILES 7
2.1 TYPES OF ENGINES 7
2.2 INTERNAL COMUSTION ENGINES (ICE): 8
2.3 PARTS OF AN ENGINE 9
3 ELECTRONIC CONTROLLER UNIT(ECU) 9
3.1 KEY ELEMENTS OF ECU 10
4 V-MODEL OF APPROACH 12
5 CONTROLLER AREA NETWORK (CAN) 12
6 FRESHNESS COUNTER 14
7 SECURITY LAYER DEVELOPMENT 14
7.1 SYNCHRONIZATION ALGORITHM 15
7.2 TRANSMISSION ALGROITHM 15
7.3 RECEPTION ALGORITHM 15
7.4 RE-SYNCHRONIZATION ALGORITHM 17
8 SIMULATION RESULTS 17
8.1 SIMULATION OF FC IN ASCET 17
8.2 GENERATED CODE 18
8.3 VALIDATION IN INCA 18
8.4 MODEL GRAPH 20
9 CONCLUSION 21
10 REFERENCES 21
2. BASICS OF AUTOMOBILE ENGINES:
2.1 TYPES OF ENGINES:
1. THERMAL ENGINE:
It is basically divided into three types namely
1. Internal Combustion engines(IC)
It is a heat engine where the combustion of a fuel occurs with an oxidizer (usually air) in a combustion chamber that is an integral part of the working fluid flow circuit. In an internal combustion engine, the expansion of the high-temperature and high-pressure gases produced by combustion applies direct force to some component of the engine. The force is applied typically to pistons, turbine blades, rotor or a nozzle. This force moves the component over a distance, transforming chemical energy into useful mechanical energy.
Eg: cars, trucks.
2. External Combustion engines(EC)
It is a heat engine where a working fluid, contained internally, is heated by combustion in an external source, through the engine wall or a heat exchanger. The fluid then, by expanding and acting on the mechanism of the engine, produces motion and usable work.
Eg: Steam Engines.
3. Reaction Engines
A reaction engine is an engine or motor that produces thrust by expelling reaction mass, in accordance with Newton’s third law of motion.
Eg: Rockets, jet engines.
2. ELECTRICAL ENGINES:
2. Piezo Electric
3. PHYSICAL ENGINES:
Mechanically Operated: Eg: Lawn movers.
2.2 INTERNAL COMUSTION ENGINES (ICE):
Internal Combustion Engines are the most commonly used engines in automobiles.Now the IC engine can be further subdivided on the following basis:
1. Number of strokes:
There a number of strokes such as 2,4,6,8 in which 2 strokes are mostly used in two-wheelers because of their lesser efficiency, more noise and need for oil for lubrication. 4 stroke engines are the commonly used ones in cars. The four strokes (processes) are
1. Induction of air
3. Ignition (by spraying fuel)
The are comparatively more efficient but are complex and are heavy in weight. The 6 and 8 stroke engines are in their development stage.
2. Type of fuel:
There are mainly two types of fuel engines
1. Gasoline (petrol):
They use spark plugs for ignition. They are costlier but have reduced fuel consumption.
They use compression of air to reach ignition temperature and the spray fuel. They are more economical and reliable and also have high torque output.
3. Number of cylinders
4. Total displacement
5. Distribution of Cylinders (inline, radial, V- engines etc..)
6. Power to weight output
IN BOSCH THE MOST COMMON DESIGN FOR THE EUROPEAN CONSUMERS IS THE GASOLINE DIRECT INJECTION TYPE ENGINE.
2.3 PARTS OF AN ENGINE:
1. Cylinder block
2. Cylinder head
4. Connecting Rod
8. Gudgeon Pin (piston pin)
9. Piston rings
10. Spark Plugs
The throttle of the engine is used to decide the amount of fuel injected which in turn controls the power output and hence the speed of the car. Each and every part of the car is associated with a devoted ECU.
3. ELECTRONIC CONTROL UNITS (ECU):
An Electronic Control Unit (ECU) is any embedded system in automotive electronics that controls one or more of the electrical systems or subsystems in a vehicle.
FIG 1- ECUs CONNECTED TO CAN BUS
For communication between each and every ECU there needs to be wiring which makes it cumbersome. Hence there arises a need for a common transmission medium where all information is available and any needed information can be retrieved at any time.
The CAN bus is chosen in our organization as it is the most feasible, reliable and economical solution for broadcasted communication.
The engine ECU in most vehicles is connected to the on board diagnostic connector and will relay all diagnostic information on this line to all the other modules or ECUs. This reduces the amount of wire needed and you do not need to go to each ECU when wanting to test them.
The development of an ECU involves both hardware and software required to perform the functions expected from that particular module.
4. V-MODEL OF APPROACH:
This is the general approach followed for any task solving :
FIG 2: V-MODEL DIAGRAM
The V-model is an SDLC model where execution of processes happens in a sequential manner in a V-shape. It is also known as Verification and Validation model. The V-Model is based on the association of a testing phase for each corresponding development stage. This means that for every single phase in the development cycle, there is a directly associated testing phase. This is a highly-disciplined model and the next phase starts only after completion of the previous phase. The advantage of the V-Model method is that it is very easy to understand and apply. The simplicity of this model also makes it easier to manage. The disadvantage is that the model is not flexible to changes.
5. CONTROLLER AREA NETWORK (CAN) PROTOCOL:
It is a serial communication protocol which efficiently supports distributed real time control with a very high level of security. Its domain of application ranges from high speed networks to low cost multiplex wirings. In automotive electronics, ECUs, sensors, anti-skid systems etc. are connected using CAN with bitrates up to 1 Mbit/s. At the same time it is cost effective to build into vehicle body electronics to replace the cumbersome wiring otherwise required. The OSI model consists of seven layers out of which network layer is responsible for transmitting the entire packets.
FIG 3- OSI MODEL LAYERS
CAN protocol is used in this network layer. All ECUs are connected via CAN bus. Here we choose the CAN protocol because it broadcasts the messages so that any ECU which is in need of the information can get it. Now the same feature poses a security threat i.e. any hacker ECU can receive the data if its available unprotected. Hence we go for security checks before sending or receiving information. To achieve design transparency and implementation flexibility CAN has been sub divided into different layers:
The CAN object layer- messages to be transmitted, which message to be used, inter face to application layer related hardware.
The CAN transfer layer- transfer protocol i.e. controlling the framing, performs arbitration, error checking, error signaling and fault confinement.
The physical layer- transfer of bits between nodes with respect to electrical properties.
The security layer is implemented in between the datalink and transfer layers because it is the preliminary layer at which the physical data is inducted and the information is supplied to CAN bus. In case of any intrusion it is easier to remove at the basic level and is also less complicated.
The CAN has following benefits:
1. All ECUs can send as well as receive data.
2. There is no entitled master or slave i.e. at the time of transmission the particular ECU behaves as master and the others as slaves and vice versa.
3. There are both 11 bit as well as extended 29 bit addresses for specialized applications.
4. The bandwidth is high
5. It is not a time based protocol
6. The concept of arbitration ensures that the important messages are sent first
7. Bit- stuffing and De- stuffing is used to ensure synchronization of all nodes.
8. If the transmitted message throws an error the messages are automatically retransmitted until it is successful.
A freshness counter is a counter used to count each time the timer overflows. The FC plays an important role in checking the authenticity of ECUs. Each and every ECU in a particular system has the same count with a tolerance of ± 10. The FC values are periodically checked for synchronization and if any ECU goes out of sync it is declared as un-authentic and hence is blocked. The FC has a threshold parameter beyond which it resets to 0 and starts to increment once again. Here the ignition on T15 starts the FC and the value gets stored in EEPROM.
7.SECURITY LAYER DEVELOPMENT:
To prevent unauthorized reception of CAN data, ECU shall send its CAN security message to CAN bus. ECU shall receive its partner ECU CAN security messages. ECU shall receive synchronization message from master node.
Network Security message:
New CAN message transmitted by all nodes in that CAN Network. Based on the MAC status is indicated in MAC indicator CAN signal.
Freshness Counter Calculation
Sync Message Sending and Receiving
TX- NSM- Sync
– Stop Unidentified ECUS
– Receive Authentic ECUS
7.1 SYNCHRONIZATION ALGORITHM:
FIG 4-SYNCRONIZATION ALGORITHM
It is transmitted by Master node. It is used by all partner nodes from sync with master. MAC is used to validate partner nodes and update partner nodes internal FC to master nodes FC value.
Master Sync MAC=5
Slaves Internal MAC=5
Master Sync MAC = Slaves Internal MAC
Decryption MAC-K1= 3
Freshness counter =3
Master Sync MAC=5
Slaves Internal MAC=7
Master Sync MAC!= Slaves Internal MAC
7.2 TRANSMISSION ALGORITHM:
FIG 5- TRANSMISSION ALGORITHM
With the generated FC value and keys, encryption is done and MAC is obtained. Then the security message is transmitted.
7.3 RECEPTION ALGORITHM:
FIG 6- RECEPTION ALGORITHM
ECU should receive its own CAN Transmission message apart from partner node application and CAN security messages. We get a decrypted FC value from the received MAC. Receiver also calculates individual FC values. If difference between both FCs is less than threshold then accept the signal. If difference between both FCs is more than threshold then invoke resync algorithm.
7.4 RE-SYNCHRONIZATION ALGORITHM:
FIG 7- RE-SYNC ALGORITHM
When MAC2 is received decryption is done using the keys and a key value is obtained. Now this key is checked with the internal key table available and if it doesnt match the no communication is done. It is set as DTC1 which means Diagnostic trouble code- Unintended message. If they match then sync message is repeated until receiver updates FC as to the Masters FC value. Every time resync happens a resync counter is incemented. If the counter value exceeds threshold then the particular device is terminated from communication and it is set as DTC2 which means Diagnostic trouble code- Unintended device or internal issue.