汽车SoC实时监控解决方案
The following article is from 智能汽车开发者平台 Author Hesamaldin
片上系统(SoC)集成了所有的计算部件,为当今的物联网(IoT)提供动力,包括车联网和自动驾驶汽车(CAVs)。它们的全球连接性和计算资源使它们容易受到通过各种载体的网络攻击,包括有线(如CAN、LIN)和无线(如蓝牙、Wi-Fi)通信。因此,CAVs代表了一个重大的网络安全挑战。虽然目前的软件监控解决方案无法检测到网络攻击,但却没有基于硬件的解决方案来实时监控整个SoC的运行情况。在本文中,提出了一个包含SoC现场可编程门阵列(FPGA),部署了一个独特的硅知识产权(IP),包括专用的分析CPU(中央处理器),不仅可以智能地监测SoC本身,还可以平行地实时监测汽车内部网络。该解决方案已经针对三个汽车相关的侵权案例进行了测试,突出了控制器区域网络(CAN)和高级可扩展接口(AXI)总线网络的漏洞。结果表明,所提出的解决方案有能力成功地检测和阻止汽车领域的网络攻击。
第四节介绍了三个侵权案例的实施。然后,在第五节中展示了基于硬件的监控解决方案的有效性。最后,第六节总结。
西门子的嵌入式分析IP自省监测器(显示为浅绿色)被用来评估ADAS SoC的运行情况。这些监控器可以在运行时配置,并提供丰富的数据,分析工具可以使用这些数据来深入了解可能观察到的问题。例如,AXI总线监控器是协议感知和事务感知的。它们可以在运行时进行配置,以提供许多项目信息--例如,事务的延迟;事务的最小/最大/平均延迟;带宽;事务的持续时间;计数和计时。这些数据被在专用CPU上执行的分析软件使用,以确定性能、安全和保障方面的问题。
然而,在本文中,来自监视器的数据被分析的CPU消耗和处理,这意味着没有数据离开芯片。分析IP通过AXI通信器访问监测基础设施的数据。AXI互连是ARM在2003年推出的第三代AMBA总线协议,在SoC的子系统之间提供良好的电源效率以及高效可靠的数据传输。它被广泛用于智能手机、笔记本电脑和各种嵌入式系统。它针对的是高性能和高时钟频率的系统设计。它广泛用于ARM Cortex A处理器,如Cortex A9, Cortex A53处理器。由AXI总线监视器观察和产生的数据被分析IP用来确定在FPGA的系统上CPU上模拟的ECU的正确行为。这些数据可用于基于规则的分析或基于ML的分析。
IV.汽车网络安全侵权案件
图2.用于验证的试验台配置
这个函数触发了一个模拟恶意攻击的动作,使用上面提到的DMA作为AXI启动器。AXI总线监控器/哨兵(分别用于信息娱乐系统和门锁侵权情况)发现该访问并阻止它(阻止只在使用总线哨兵的情况下),这样它就不会到达目的地,也就是模拟的ECU。除此以外,ACCPU会被通知恶意访问,并向模拟仪表盘发送命令,出现闪烁警告标志并向用户报告。在演示中没有做进一步的缓解行动,但是在真实的系统中,ACPU可以触发其他的行动,如重置信息娱乐系统,从已知的良好来源刷新其软件和/或通知外部各个模块。
VI.结论
本文提出了一种新颖的片上硅片IP (SIP)包括总线滤波器、总线监护器、锁步监视器和专门为汽车安全和安全应用定制的专用分析IP已被引入并在SoC FPGA上实现。它还由ML提供支持,授权检测并实时报告SoC的异常情况,使汽车SoC高度安全并能抵御网络攻击。解决方案的评估是通过将SoC FPGA集成到[31]中介绍的多组件汽车测试平台中进行的。三个选定的与CAN和AXI总线监控有关的侵权案例,已经在实时条件下实施测试。侵权案例的验证证明了西门子硬件解决方案实时检测、阻止和缓解网络攻击的能力。这也显示了在汽车网络安全中应用基于硬件的监控的前景。我们计划针对更多的汽车网络攻击来测试这项技术。
参考文献:
[1]S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham,
S. Savage, K. Koscher, A. Czeskis, F. Roesner, T. Kohno et al., “Comprehensive experimental analyses of automotive attack surfaces.” in USENIX Security Symposium, vol. 4, 2011, pp. 447–462.
[2]I. Studnia, V. Nicomette, E. Alata, Y. Deswarte, M. Kaaniche, and
Y. Laarouchi, “Survey on security threats and protection mechanisms in embedded automotive networks,” in 43rd Annual IEEE/IFIP (DSN- W). IEEE, 2013, pp. 1–12.
[3]C. Miller and C. Valasek, “Remote exploitation of an unaltered passenger vehicle,” Black Hat USA, vol. 2015, p. 91, 2015.
[4]T. Hoppe, S. Kiltz, and J. Dittmann, “Security threats to automotive can networks–practical examples and selected short-term countermea- sures,” in International Conference on Computer Safety, Reliability, and Security. Springer, 2008, pp. 235–248.
[5]K. Koscher, A. Czeskis, F. Roesner, S. Patel, T. Kohno, S. Checkoway,D. McCoy, B. Kantor, D. Anderson, H. Shacham et al., “Experimental security analysis of a modern automobile,” in 2010 IEEE Symposium on Security and Privacy. IEEE, 2010, pp. 447–462.
[6]U. E. Larson and D. K. Nilsson, “Securing vehicles against cyber attacks,” in Proceedings of the 4th annual workshop on Cyber security and information intelligence research: developing strategies to meet the cyber security and information intelligence challenges ahead, 2008.
[7]P. R. Thom and C. A. MacCarley, “A spy under the hood: Controlling risk and automotive edr,” Risk Management Magazine, vol. 55, no. 2, p. 22, 2008.
[8]M. Wolf, A. Weimerskirch, and C. Paar, “Security in automotive bus systems,” in Workshop on Embedded Security in Cars. Bochum, 2004.
[9]Y. Zhao, “Telematics: safe and fun driving,” IEEE Intelligent systems, vol. 17, no. 1, pp. 10–14, 2002.
[10]A. Weimerskirch and R. Gaynier, “An overview of automotive cyberse- curity: Challenges and solution approaches.” in TrustED@ CCS, 2015, p. 53.
[11]“Simens Tessent Embbeded Analytics - A Hardware-based Cybersecu- rity solution,” https://www.tessentembeddedanalytics.com/.
[12]J. Hayward, A. Tomlinson, and J. Bryans, “Adding cyberattacks to an industry-leading can simulator,” in 2019 IEEE 19th International Conference on Software Quality, Reliability and Security Companion (QRS-C), 2019, pp. 9–16.
[13]The Institution of Engineering and Technology (IET) and The Knowl- edge Transfer Network (KTN), “Automotive Cyber Security: An IET/KTN Thought Leadership Review of risk perspectives for connected vehicles,” Tech. Rep., 2015.
[14]C. Valasek and C. Miller, “Adventures in Automotive Networks and Control Units,” Technical White Paper, p. 99, 2013. [Online]. Available: https://ioactive.com/resources/library/page/2/
[15]S. Fro¨schle and A. Stu¨hring, “Analyzing the capabilities of the CAN At- tacker,” Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10492 LNCS, pp. 464–482, 2017.
[16]D. S. Fowler, J. Bryans, M. Cheah, P. Wooderson, and S. A. Shaikh, “A method for constructing automotive cybersecurity tests, a can fuzz testing example,” in IEEE 19th QRS-C Conference, 2019, pp. 1–8.
[17]J. Singh and M. J. Nene, “A Survey on Machine Learning Techniques for Intrusion Detection Systems,” International Journal of Advanced Research in Computer and Communication Engineering, vol. 2, no. 11, pp. 4349–4355, 2013.
[18]D. Bhattacharyya and J. Kalita, Network Anomaly Detection. CRC Press, 2013.
[19]B. Groza and P. S. Murvay, “Efficient Intrusion Detection with Bloom Filtering in Controller Area Networks,” IEEE Transactions on Informa- tion Forensics and Security, vol. 14, no. 4, pp. 1037–1051, 2019.
[20]E. M. Knorr, R. T. Ng, and V. Tucakov, “Distance-based outliers: Algorithms and applications,” VLDB J., vol. 8, no. 3-4, pp. 237–253, 2000. [Online]. Available: https://doi.org/10.1007/s007780050006
[21]F. Martinelli, F. Mercaldo, V. Nardone, and A. Santone, “Car Hacking Identification through Fuzzy Logic Algorithms,” in IEEE International Conference on Fuzzy Systems, Naples, 2017.
[22]A. Taylor, S. Leblanc, and N. Japkowicz, “Anomaly Detection in Automobile Control Network Data with Long Short-Term Memory Networks,” IEEE DSAA, pp. 130–139, 2016.
[23]M. M. Breunig, H. Kriegel, R. T. Ng, and J. Sander, “LOF: identifying density-based local outliers,” in Proceedings of the ACM SIGMOD May 16-18, Dallas, Texas, USA. ACM, 2000, pp. 93–104.
[24]K.-T. Cho and K. G. Shin, “Error Handling of In-vehicle Networks Makes Them Vulnerable,” in 23rd ACM Conference on Computer and Communications Security, 2016.
[25]J. An and S. Cho, “Variational autoencoder based anomaly detection using reconstruction probability,” Special Lecture on IE, vol. 2, no. 1, pp. 1–18, 2015.
[26]A. Taylor, N. Japkowicz, and S. Leblanc, “Frequency-based anomaly detection for the automotive CAN bus,” WCICSS 2015, pp. 45–49, 2015.
[27]C. Marchand, A. Aubert, L. Bossuet et al., “On the security evaluation of the arm trustzone extension in a heterogeneous soc,” in 30th IEEE SOCC). IEEE, 2017, pp. 108–113.
[28]R. Bhaktavatchalu, B. S. Rekha, G. A. Divya, and V. U. S. Jyothi, “Design of axi bus interface modules on fpga,” in 2016 ICACCCT. IEEE, 2016, pp. 141–146.
[29]K. Tindell, “Can bus security attacks on can bus and their mitigation,” 2020.
[30]K. Tindell, “CAN-HG overview, Augmenting Classic CAN for Perfor- mance and Security,” 2020.
[31]H. Jadidbonab, A. Tomlinson, H. N. Nguyen, T. Doan, and S. Shaikh, “A realtime in-vehicle network testbed for machine learning-based ids training and validation,” in AI-CyberSec 2021: Workshop on Artificial Intelligence and Cyber Security. CEUR Workshop Proceedings, 2021, pp. In–Press.
推荐阅读
Linux+Windows安装r2Frida环境的配置及使用方法
车联网安全|Android车机之证书攻击/入侵场景检测(1)
车联网安全|Android车机之ICMP隧道攻击原理与入侵检测实践
APP逆向分析/渗透测试/安全检测/隐私合规如何选择手机机型或系统