| 1. |
- Gaugel, Tristan, et al.
(författare)
-
In-depth Analysis and Evaluation of Self-Organizing TDMA
- 2013
-
Ingår i: IEEE Vehicular Networking Conference, VNC. - 2157-9865 .- 2157-9857. ; , s. 79-86
-
Konferensbidrag (refereegranskat)abstract
- Recent studies suggest that Self-organizing Time- Division Multiple Access (STDMA) might be a better medium access strategy in inter-vehicle communication networks than Carrier Sense Multiple Access (CSMA), especially when con- sidering safety focused applications. Although it is necessary to completely understand a protocol and the effect of its ‘turning knobs’ on performance before adoption, STDMA has not yet been subjected to such rigorous treatment in the literature. In order to address this shortcoming we perform and present an in-depth analysis and evaluation of STDMA’s fundamental principles. In particular, we contribute a detailed and complete description of the STDMA protocol, followed by the analysis and evaluation of two key questions: How can packet collisions occur in STDMA and whether packet collisions are ‘contagious’. We further perform a fair comparison with CSMA on the basis of which we provide recommendations on the configuration of STDMA. Our results show that STDMA coordinates multiple access effectively – even in highly congested situations – as long as all transmitted packets are decoded successfully. When non-decodable (but still carrier-sensible) transmissions are present, STDMA effectiveness drops below that achieved by CSMA due to the lack of control information. To ensure reproducibility and encourage further inquiry we release the STDMA implementation used in this paper to the wireless networks research community.
|
|
| 2. |
- Kleberger, Pierre, 1978, et al.
(författare)
-
Short Paper: Formal Verification of an Authorization Protocol for Remote Vehicle Diagnostics
- 2013
-
Ingår i: IEEE Vehicular Networking Conference, VNC. - 2157-9865 .- 2157-9857. - 9781479926879 ; , s. 202-205
-
Konferensbidrag (refereegranskat)abstract
- Remote diagnostics protocols have generally only considered correct authentication to be enough to grant access to vehicles. However, as diagnostics equipment or their keys can be stolen or copied, these devices can not be trusted. Thus, authentication alone is not enough to prevent unauthorized access to vehicles. In previous work, we proposed an authorization protocol to prevent unauthorized access to vehicles. In this paper, we formally prove that the proposed authorization protocol provides mutual authentication between the diagnostics equipment and the vehicle, and that it guarantees both secrecy of the distributed session key and freshness of the distributed authorization information. Our formal analysis is conducted using both the Burrows-Abadi-Needham (BAN) Logic and the PROVERIF automated verification tool.
|
|
| 3. |
- Kleberger, Pierre, 1978, et al.
(författare)
-
Towards designing secure in-vehicle network architectures using community detection algorithms
- 2015
-
Ingår i: IEEE Vehicular Networking Conference, VNC. - 2157-9865 .- 2157-9857. - 9781479976607 ; 2015-January:January, s. 69-76
-
Konferensbidrag (refereegranskat)abstract
- Efforts in securing the in-vehicle network have resulted in a number of proposed security mechanisms in recent years. However, so far little attention has been given to the actual architecture of the in-vehicle network. An approach within in-vehicle network design is to divide the network into domains, where each domain consists of a set of Electronic Control Units (ECUs) that handles some united functionality, e.g., body control, powertrain, and telematics. Still, this approach is based on 'best engineering practice' and there is room for improvements. In this paper, we study real traffic from a modern car and we try to divide the in-vehicle network into domains using automated partitioning algorithms. To find the optimum division, we select four community detection algorithms, known from social network analysis, and we evaluate their ability to find these domains. We conclude that community detection algorithms can be used to identify in-vehicle domains based on the message types (signals) used in the in-vehicle network and we demonstrate this by applying the algorithms to real data. The approach is not limited to only message types, but domains can also be identified based on other criteria, such as frequency of messages, payload sizes, or Automotive Safety Integrity Levels (ASILs). We also conclude that the identification of good domains can facilitate the implementation of security measures. Therefore, we believe that the approach has great potential to help engineers in deriving secure in-vehicle network architectures during the design of a vehicle.
|
|
| 4. |
- Nowdehi, Nasser, 1986, et al.
(författare)
-
Improving In-Vehicle Network Architectures Using Automated Partitioning Algorithms
- 2016
-
Ingår i: IEEE Vehicular Networking Conference, VNC. - 2157-9865 .- 2157-9857. ; 2016-January, s. 259 - 266
-
Konferensbidrag (refereegranskat)abstract
- Today's in-vehicle networks are divided into domains using "best engineering practice". However, as far as we are aware of, there are no existing tools that do this domain partitioning in an automated and optimal way. A strategy for designing in-vehicle networks is to group Electronic Control Units (ECUs) into domains so that each domain isolates a certain functionality and minimizes dependencies to other domains. In this paper, we use an automated partitioning algorithm and apply it to an in-vehicle network from a real, modern car, and we analyze the results from such an approach and compare it with the EVITA reference architecture. Different partitioning criteria can be used, and we investigate security domains based on both message types and on domains optimized to minimize inter-domain traffic. We show that our approach is very flexible and can identify meaningful in-vehicle network domains which are better than the EVITA domains with respect to communication, safety and security. We have also investigated the relationship between safety and security to see if security domains contradict or support partitions based on ASILs.
|
|
