차량 보안을 고려한 게이트웨이의 라우팅 방법에 대한 연구

Abstract

Vehicle networks are becoming increasingly complex due to the demands of autonomous driving and connectivity.

This increment of data complexity requires higher bandwidth communication, and automakers are using Ethernet-based communications for this purpose. In order to use existing in-vehicle communication with high-speed Ethernet communication, an extended gateway system is used in the vehicle. The system uses Ethernet as the interface for the external controller and the gateway, and CAN as the interface for the communication between the internal controllers. Vehicle gateway provides an interface for exchanging vehicle data and connecting in real time in a heterogeneous communication environment between the existing CAN network protocol and the external Ethernet protocol. In this routing operation, time delay occurs, and in the in-vehicle network environment where communication time is important, this delay time must be considered and measured during the development process. Since the involvement of the external communication network causes a security vulnerability, a security function that guarantees the integrity of the message against cybersecurity risks should be considered. In this paper, we investigate the effects of delayed gateway routing on CAN frames and Ethernet frames, including security systems. For the above investigation, quantitative comparison and analysis are performed by using two routing methods: direct routing method without data modification when routing from CAN frame to Ethernet frame, and indirect routing method for selecting and transmitting the necessary data.

For security, CMAC is used in order to ensure the integrity of the CAN network messages and Ethernet messages. Generation and verification of the CMAC uses the hardware security module(HSM) that is built into the Infineon 32-bit MCU, TC397.