MICROSAR Cyber Security - Vector › cms › content › events › 2019 › VH › VIC... ·...
Transcript of MICROSAR Cyber Security - Vector › cms › content › events › 2019 › VH › VIC... ·...
V0.2 | 2019-07-25
4Th VECTOR INDIA CONFERENCE 2019
MICROSAR Cyber Security
© 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Cybersecurity Realization in Automotive Systems
uCybersecurity Realization in Automotive Systems
Basics of Cryptography
Use Cases
Secure Onboard Communication
Cybersecurity Architecture
Secured Communication Configuration
Configuration of Security Manager in CANoe
Vector Company Overview
3 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Goals of Cyber Security
Cybersecurity Realization in Automotive Systems
u Authenticity:
Allows to determine whether someone or something is, in fact, who or what it is declared to be.
u Integrity:
Allows to assure the accuracy and reliability of information and allows to prevent or detect unauthorized modification
u Confidentiality:
Ensures that the necessary level of secrecy is enforced and prevents unauthorized disclosure of information.
u Availability:
Availability protection ensured reliability and timely access to data and resources to authorized individuals
4 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Layered Security Concept – The logical view
Cybersecurity Realization in Automotive Systems
Secure External Communication
Secure External Communication
Secure Gateways
Secure In-Vehicle Communication
Secure Platform
u Secure communication to services outside the vehicle
u Intrusion detection mechanisms
u Firewalls
u Key Infrastructure / Vehicle PKI
u Authenticity of messages
u Integrity and freshness of messages
u Confidentiality of messages
u Key storage
u Secure boot and secure flash
u Crypto library
u HW trust anchor (HTA)
u E.g. : HSM ( Hardware Security Modules )
Associated Security Concepts
Secure On Board Com.
Secure Off Board Com.
5 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Security Mechanisms in Vehicle Architecture
Cybersecurity Realization in Automotive Systems
Firewall
Key InfrastructureSecure On Board Com.
Secure Off Board Com.
Intrusion Detection / Prevention
Monitoring / Logging
HypervisorCrypto Primitives
Download Manager
Connectivity Gateway
CU
Instrument
ClusterDSRC 4G LTE
Laptop
Tablet
Smart-phone
Central Gateway
ADAS DC
Smart Charging
Powertrain DC
Chassis DC
Body DC
Secure Flash/Boot
Head Unit
Diagnostic Interface
6 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Cyber Security Lifecycle
Cybersecurity Realization in Automotive Systems
Functional Security Testing
Security Validation
Asset Definition
Threat and Risk Assessment
Derivation of Security Goals
Security Architecture Design & Analysis
Security Mechanisms Design & Analysis
Secure Implementation of Nominal Function and Security Mechanisms
Fuzz Testing
Penetration Testing
Incident Management and Response
Cyber Security does not start or end with
cryptography:
Similar to Safety, Security needs to be an integrated part of
the development process
7 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Safety & Security - Interdependency
Cybersecurity Realization in Automotive Systems
Dependable Automotive Systems
Protection against risks from technical failures
Functional Safety
Protection against risks from malicious actions
Cyber Security
Accident Attack
8 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Secure Hardware Extension (SHE)
Cybersecurity Realization in Automotive Systems
Controller
CPU
Peripherals (CAN, UART, ...)
SHE – Secure Hardware Extension
Control Logic
AES
RAM + Flash + ROM
Secure Zone
Hardware Security Module (HSM)
Hardware Support - Hardware Trust Anchors
9 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Cybersecurity Realization in Automotive Systems
u Basics of Cryptography
Use Cases
Secure Onboard Communication
Cybersecurity Architecture
Secured Communication Configuration
Configuration of Security Manager in CANoe
Vector Company Overview
Agenda
10 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Hash Functions
Basics of Cryptography
|10011011001101110|
H(x)
1001101100011010010010101100111100110001100110101110…
Symmetric Cryptography
Enc(x)
101101101..
Q?“D/7L$§..
Dec(x)
101101101..
Q?“D/7L$§..
Q?“D/7L$§..
Message Authentication Code (MAC)
Hashed Message-Authentication-Code (HMAC):
Uses a hash function and a secret (symmetric) key.
Cipher-based Message-Authentication-Code (CMAC):
Use a block cipher (e.g. AES) and the key
11 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
u Asymmetric cryptosystems are based on a key pair owned by a party.
u The key pair consists of a public key and a private key.
u Public key can be known by the public.
u A Private Key shall never be shared.
u Messages can be
u encrypted with the public key and the cipher function M‘=E(M, Kpub).
u decrypted with the decryption function and the private key M=D(M‘, Kpriv)
u There is no way the private key can be calculated.
Asymmetric Cryptography
Basics of Cryptography
D(M’) E(M) kpublic
101101101..
Q?“D/7L$§..
kprivate
12 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Symmetric Asymmetric
Key One single secret key Key pair (One public and one private key)
Key length Relatively short Relatively long
Data throughput rate Very fast especially with HW support Always much slower than symmetric
Secrecy Secret has to be shared with each involved communication partner
Secret (private key) is kept to its owner, public key is shared
Key management Complexity grows with number of involved communication partners
Complexity is linear with number of number of communication partners
Asymmetric vs. Symmetric Cryptography
Basics of Cryptography
13 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Goals : authenticity and integrity of data
u The originator needs to have a generated Public-Private key pair.
u The originator uses the following process to generate a signature
u Calculate Hash Value for the Data
u Resulting hash value is encrypted using the private key of the originator
u Signature is appended to the data and sent over to the user
u The user uses the following signature verification process
u Decrypts the hashed value with the originator's public key
u calculates the hash of the data
u compares the hashed data and decrypted hashed value
u If they are the same, then the authenticity and integrity of data can be assured
u Standards for Digital Signatures are set forth in FIPS 186[1]
Digital Signature - Principles
Basics of Cryptography
14 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Certificates
u … used to identify communication partners
u … contains signed personal characteristics of the owner (name, place, …)
u … can be restricted to a limited period of time, service and location.
u … can be provided by a „Trusted Authority“ (TA) or „Certificate Authority“ (CA)), which is the trust anchor and has built the signature within the certificate.
Certificates
Basics of Cryptography
T1
TA
T2
C
15 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
C
Kpub CA
Kpriv CASignature
Issuer
Kpub CA
OEM Root Certificate, Self signed
Root CA
CSignature
Issuer
Kpub PCA
Platform CA
tbsCert
Kpub PCA
Kpriv PCA
Sign(Root CA) = SignAlgo( tbsCert (Root CA), K(Priv RootCA) )
Sign(PlatformCA) = SignAlgo( tbsCert (PlatformCA), K(Priv RootCA) )
CSignature
Issuer
Kpub TCA
Tester CAKpub TCA
Kpriv TCA
Sign(TesterCA) = SignAlgo( tbsCert (TesterCA), K(Priv RootCA) )
CSignature
Issuer
Kpub car
Car CertKpub car
Kpriv car
Sign(CarCA) = SignAlgo( tbsCert (CarCA), K(Priv PlatformCA) )
CSignature
Issuer
Kpub Tester
Tester CertKpub Tester
Kpriv Tester
Sign(CarCA) = SignAlgo( tbsCert (CarCA), K(Priv TesterCA) )
… …
Basics of Cryptography
Certificates - Example for Automotive PKI
16 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
u Application data can be reliably exchanged on an IP based Network by the Transport Control Protocol (TCP), but, TCP does neither ensure privacy, nor integrity of the exchanged data.
u To protect a TCP connection, the Transport Layer Security Protocol (TLS 1.2, RFC5246) can be used.
u Privacy is ensured by Symmetric Cryptography (e.g. AES).
u Data integrity is ensured by a Hash-based Message Authentication Code (H-MAC).
u The encryption and H-MAC computations are using temporary secret keys bound to TLS 1.2 session.
u Authenticity of the server is always ensured by a Digital Certificate (X.509v3).
u Optionally the client can be authenticated, too.
Transport Layer Security (TLS 1.2)
Basics of Cryptography
TLS_ECHDE_ECDSA_WITH_AES_128_CBC_SHA256
Key Exchange Algorithm
Digital Signature Algorithm
Symmetric Encryption Algorithm
Hash Algorithm
17 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Cybersecurity Realization in Automotive Systems
Basics of Cryptography
u Use Cases
Secure Onboard Communication
Cybersecurity Architecture
Secured Communication Configuration
Configuration of Security Manager in CANoe
Vector Company Overview
Agenda
18 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Example: HMAC for flash programming
Use Cases
Hash
ksecret
Flashfile
Hash function ksecret: Secret key HMAC Keyed-Hash Message Authentication Code(FIPS PUB 198)
Flashfile
HMAC
Hash
Flash-download
Flash data
HMAC
Verify
HMAC Bootksecret
Hash HMAC
Transferred
Calculated
19 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Example: Digital Signature for flash programming
Use Cases
Flashfile
SIGN
H
Flash-download
Flash data
MAC-IVerify
RSA
kprivate
kprivate RSA kpublic
MAC-E
Flashfile SIGN Boot
H Code
20 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
u Certificates are used for an authentic communication
u They can be used for the following purposes:
u Tester to car:> Usage of CertTester and CertCar for communication.
> Car requests the revocation list of tester serial number from backend.
> Option: If revocation list cannot verified at the moment, only restricted operations by the tester are allowed.
Usage Example: Communication between tester and vehicle
Use Cases
Example:
OEM
C
CAR
C
Tester
C
GenerateGenerate
Send
Revocated?
Kpub TesterKpub TCA
Kpub PCA
Kpub CA
Kpriv car
21 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Goals
Secure Onboard Communication
ECU 1 ECU 2
integrity authenticity
ECU 1 ECU 2
22 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
AUTOSAR SecOC
Secure Onboard Communication
ECU 1
BUS
MAC generator
authenticated message
data
MAC
ECU 2
MAC=Message Authentication Code
freshness value
23 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
AUTOSAR SecOC
Secure Onboard Communication
ECU 1
BUS
authenticated message
data freshness value MAC
data
freshness value
MAC
ECU 2
24 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
AUTOSAR SecOC
Secure Onboard Communication
ECU 1
BUS
authenticated message
data freshness value MAC
ECU 2
MAC generator
data
MAC
freshness value
25 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
ECU 2
AUTOSAR SecOC
Secure Onboard Communication
ECU 1
BUS
authenticated message
MAC
MAC
26 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
u AUTOSAR does not specify the calculation/synchronization of the freshness value.
u Instead a generic callout to a Freshness Value Manager (FVM) component is provided
u FVM specification is left to the OEM
Freshness Value Manager (FvM)
Secure Onboard Communication
27 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Freshness: Replay of authenticated messages
Secure Onboard Communication
ECU 1 ECU 2
28 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Freshness: Replay of authenticated messages
Secure Onboard Communication
ECU 1 ECU 2
29 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Freshness: Replay of authenticated messages
Secure Onboard Communication
ECU 1 ECU 2
31 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Concepts of Freshness
Secure Onboard Communication
u Trip counter based freshness (TCBF)
trip counter reset counter message counter
ECU 1 ECU 2ECU 1 ECU 2
u Message counter based freshness (MCBF)
u Time stamps
ECU 1 ECU 2
u Hybrid system: time stamp & message counter
ECU 1 ECU 2
32 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Cybersecurity Realization in Automotive Systems
Basics of Cryptography
Use Cases
Secure Onboard Communication
u Cybersecurity Architecture
Secured Communication Configuration
Configuration of Security Manager in CANoe
Vector Company Overview
Agenda
33 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
MICROSAR Cyber Security Solution
Cybersecurity Architecture
u Crypto Service Manager – CSM
> Services can be called by SWCs
> Configuration of cryptographic keyelements
> Configuration of cryptographic services
u Crypto Interface – CRYIF
> Supports dispatching of security jobs to HW or SW crypto drivers
u Crypto Driver – Crypto (SW/HW)
> Implementation of cryptographic functions
> Crypto (SW): Usage of SW-libraries
> Crypto (HW): Usage of resources and capabilities of HW-Trust Anchors (SHE, HSM, TPM,…)
FBL Application
HIS Security Module
Runtime Protection
Sec. Bootmanager (HSM)
Secure Update Manager
Update Authorization
LIBS
ComplexDriver
CAL (CPL)
RTE
Microcontroller
SYS
COM
CDDMCAL
SWC/Application
CSM
Crypto(SW)
Crypto(HW)
HTA
CRYIF
SecOC
FVM
34 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Cybersecurity Architecture
SYS
RTE
Microcontroller
SYS
COM
MCAL
SWC/Application
CSM
Crypto (HW)
CRYIF
Host Core of ECU
MCAL
Job
Dispatcher
HSM Application
FLS TRNG AES …
OS
IPC
Vector Crypto Lib
Crypto Primitive Manager
Mode Manager
Secure Boot
Manager
Cry
KeyM
Custom
Cry
TRNG
Cry
AES
Cry
…
CryLib
SecOC
FVM
Inter Process Communication (IPC) HW Trust Anchor
HSM Core of ECU
FBL Crypto (HW)
FBL Application
Secure Repro-
gramming
Secure Boot
Interaction of the AUTOSAR Application, BootLoader with Vector HSM
35 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Cybersecurity Architecture
Priority
Synchronous job
Asynchronous job
CSM keys
CSM queues
CSM primitives
Priority
Sync/Async
Callback function
Job
Key
Queue
Primitive
CSM Queues
CSM Keys
CSM Primitives
Crypto Service Module
CSM
Crypto Interface
CryIF
Crypto Driver
Job
Queue
Driver Obj
Channel
CSM Job Handling :
36 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
u Upon calling CSM service function, the job is added into the queue
u Scheduling and execution in CSM mainfunction
u Sort job wrt. their priorities
u Synchronously call Driver Object to process the job with highest priority
u After job finishes, call callback function &remove the job from the queue
Crypto
CryIf
CSM
Scheduling of Asynchronous Jobs
Cybersecurity Architecture
Low High
Job priority
Queue1
Driver Obj1
Channel1
Application/RTE
Csm_Encrypt(jobId, data…)
Csm_MainFunctionQueue1
37 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Cybersecurity Architecture
Cryptographic capabilities
Driver Obj1
Primitives
Driver Obj1
Crypto Driver objects & CSM Keys
u Crypto Driver :
38 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Cybersecurity Realization in Automotive Systems
Basics of Cryptography
Use Cases
Secure Onboard Communication
Cybersecurity Architecture
u Secured Communication Configuration
Configuration of Security Manager in CANoe
Vector Company Overview
Agenda
39 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Secured Communication Configuration
Flow of Secured Receive Frame :
COM
PDUR
CANIF
CAN
CAN Bus
authenticated message
data freshness value MAC
SecOCFvM CSM
data FV MAC
data FV MACFV MAC
data
CryIF
Crypto
data FV MAC
data FV MAC
40 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
SecOC Configuration
Secured Communication Configuration
User can configure Call back function, which will be
called based on each individual PDU propagation Mode
User can select the Freshness calculation function
41 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
AES primitive configuration for MAC calculation :
Secured Communication Configuration
SecOC ID has been considered from CAN ID
Here user can decide for verification result propagation / Call backs
42 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Secured Communication Configuration
This is the Symmetric Key , which should be same in both sides
In this example , same key should be configured in the Canoe Security profile
CSM KeyCryIF Key
Cry Key
Key Configuration:
43 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Testing : Enabling Analysis and Test of Secured Networks
Configuration of Security Manager in CANoe
CANoe
Bus Syst em
CANalyzerVect or Tools
Int erf ace
Crypt o Mat erial
Provider
Security Manager
Securit y Sources
Device
under Test
Default Car2XOEM Securit y
Backend Adapt er
Cloud
Adapt er
. . .
u CANoe Fuzz Testing
u Available: for selected Pilot Customers
u Security Manager
u Available: (OEM specific)
44 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Application Areas and Product Examples
Vector Company Overview
Development of Distributed Systems
PREEvision
Testing
CANoe, CANalyzer, vTESTstudio, VT System, Logger, VectorCAST
ECU Calibration
CANape, VX1000, vCDM, vADASdeveloper, ASAP2 Tool-Set
Embedded Software and Systems
MICROSAR, CANbedded, VC ECU, Customer Projects
Consulting
Consulting Services, Engineering Services
Diagnostics
CANdelaStudio, Indigo, vFlash, CANoe.DiVa
Measurement Technology
vMeasure exp, vSignalyzer, vMDM, MDF4 Lib, Analog Measurement Devices
45 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25
Author:Subrahmanyam Namdikam Vector Informatik India Limited
More information !Visit our Website for : > News > Products > Demo Software > Support > Workshops> Contact Addresses
www.vector.com