Scientists are finding a way to maintain the cybersecurity of the electronics in the vehicles by applying a domain architecture

In a recently published paper by E. Yu. Pavlenko et al. future aspects for improving the cybersecurity system mechanism based on the ECU (Electronic control unit) in modern vehicles are reviewed. To ensure the cybersecurity of modern vehicles a flexible hierarchical model of permits is developed based on different features. Accordingly, solutions to the different security problems in the electronics of today’s vehicles are challenging to solve, especially because of limiting factors as; computing power of the ECU’s; payload size within the network protocols; and stringent real-time performance requirements.

The approach of the paper is to improve the works on applying a domain architecture with organized group identification. According to the paper, in related works the methods for clustering the internal vehicle network are based on the formation of primarily five domains which are distributed in accordance with the ECU’s functional purpose, being:

• the infotainment system domain
• the comfort domain, e.g. adaptive cruise-control, climate control, seat adjustment, etc
• the chassis control domain, i.e. modules that directly influence traffic control (e.g. steering and braking)
• the transmission control domain
• the body control domain, e.g. components for accessing the vehicle (e.g. power operated door locks, anti-theft systems, keyless access), as well as auxiliary services that provide control of the external and internal lighting of the MV, wipers, direction-indicator lamps and alarm lamps.

However, the authors claim that such differentiation is only relevant for relatively simple tasks that do not require a flexible configuration. To ensure the cybersecurity of new generation vehicles, methods of more flexible automated clustering of the vehicles on-board network needs to be developed. Such methods should also be based on the characteristics of the ECU and include the features of its interaction with other components.

On the website of Peter the Great St. Petersburg Polytechnic University (SPbPU), Evgeny Pavlenko an Associate Professor at the Institute of Cybersecurity and Data Protection Associate writes:

“This distinction is relevant for solving relatively simple issues, not requiring flexible configuration. We divide the domains not according to their intended purpose, but according to their “integrity level”, an indicator, which characterizes the susceptibility of each specific electronic unit to cyber impact and the potential harm caused by the disruption of its operation. Our scientific group developed a simulation model, which automatically clusters the control units of a vehicle’s on-board system and divides it into domains thus the security breach doesn’t lead to negative consequences. This approach is modular and highly scalable. It doesn’t impose the restrictions on computing resources, and also minimizes the redundancy of the applied security measures.”

Further, the University’s website claims that experts mention that this is a unique development, and such safety systems are not implemented in today’s vehicles.

Despite the concluding exaggeration by the University, the topic is yet another example of the arms race between attackers and cybersecurity related research communities, constantly trying to be ahead each other.
Link to paper: http://www.j-npcs.org/online/vol2020/v23no3p280.pdf

Written by Joakim Rosell