MICROSAR Cyber Security
4Th VECTOR INDIA CONFERENCE 2019
V0.2 | 2019-07-25 Cybersecurity Realization in u Automotive Systems Basics of Cryptography Use Cases Secure Onboard Communication Cybersecurity Architecture Secured Communication Configuration Configuration of Security Manager in CANoe Vector Company Overview
Cybersecurity Realization in Automotive Systems
© 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Cybersecurity Realization in Automotive Systems Goals of Cyber Security
u Authenticity: u Confidentiality: Allows to determine whether someone or Ensures that the necessary level of secrecy is something is, in fact, who or what it is declared enforced and prevents unauthorized disclosure of to be. information.
u Integrity: u Availability: Allows to assure the accuracy and reliability of Availability protection ensured reliability and information and allows to prevent or detect timely access to data and resources to authorized unauthorized modification individuals
3 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Cybersecurity Realization in Automotive Systems Layered Security Concept – The logical view Associated Security Concepts Secure External Communication u Secure communication to services outside the vehicle Secure External Secure Off Board Com. Communication
u Intrusion detection mechanisms
u Firewalls Secure Gateways u Key Infrastructure / Vehicle PKI
Secure In-Vehicle u Authenticity of messages Communication u Integrity and freshness of messages Secure On Board Com. u Confidentiality of messages
u Key storage
u Secure boot and secure flash Secure Platform u Crypto library
u HW trust anchor (HTA)
u E.g. : HSM ( Hardware Security Modules )
4 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Cybersecurity Realization in Automotive Systems Security Mechanisms in Vehicle Architecture
Diagnostic Interface Head Unit Instrument DSRC 4G LTE Cluster
Powertrain CU DC Central Connectivity Gateway Gateway Chassis DC Laptop
Body Tablet DC
Smart- phone
ADAS Smart DC Charging
Firewall Monitoring / Logging Secure On Board Com. Secure Flash/Boot Key Infrastructure
Hypervisor Secure Off Board Com. Crypto Primitives Intrusion Detection / Prevention Download Manager 5 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Cybersecurity Realization in Automotive Systems Cyber Security Lifecycle
Asset Definition
Security Validation Threat and Risk Assessment
Penetration Testing Derivation of Security Goals
Fuzz Testing
Security Architecture Design & Analysis Functional Security Testing Cyber Security does Security Mechanisms not start or end with Design & Analysis cryptography:
Similar to Safety, Secure Implementation of Nominal Function and Security needs to be Security Mechanisms an integrated part of the development Incident Management and Response process
6 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Cybersecurity Realization in Automotive Systems Safety & Security - Interdependency
Dependable Automotive Systems
Accident Attack
Functional Safety Cyber Security
Protection against risks Protection against risks from technical failures from malicious actions
7 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Cybersecurity Realization in Automotive Systems Hardware Support - Hardware Trust Anchors Hardware Security Module (HSM) Secure Hardware Extension (SHE)
Controller Secure Zone
SHE – Secure Hardware Extension AES Control CPU Logic RAM + Flash + ROM
Peripherals (CAN, UART, ...)
8 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Agenda
Cybersecurity Realization in Automotive Systems u Basics of Cryptography Use Cases Secure Onboard Communication Cybersecurity Architecture Secured Communication Configuration Configuration of Security Manager in CANoe Vector Company Overview
9 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Basics of Cryptography
Hash Functions Symmetric Cryptography
100110110001101 001001010110011 110011000110011 0101110… 101101101.. 101101101..
Enc(x) Dec(x)
Q?“D/7L$§.. Q?“D/7L$§.. Q?“D/7L$§..
H(x) Message Authentication Code (MAC)
Hashed Message-Authentication-Code (HMAC): Uses a hash function and a secret (symmetric) key.
Cipher-based Message-Authentication-Code (CMAC): |10011011001101110| Use a block cipher (e.g. AES) and the key
10 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Basics of Cryptography Asymmetric Cryptography
u Asymmetric cryptosystems are based on a key pair owned by a party.
u The key pair consists of a public key and a private key. u Public key can be known by the public. u A Private Key shall never be shared.
u Messages can be 101101101.. u encrypted with the public key and the cipher function M‘=E(M, Kpub). k D(M’) E(M) public u decrypted with the decryption function and the private key M=D(M‘, Kpriv) kprivate u There is no way the private key can be calculated. Q?“D/7L$§..
11 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Basics of Cryptography Asymmetric vs. Symmetric Cryptography
Symmetric Asymmetric
Key One single secret key Key pair (One public and one private key)
Key length Relatively short Relatively long
Data throughput rate Very fast especially with HW support Always much slower than symmetric
Secrecy Secret has to be shared with each Secret (private key) is kept to its involved communication partner owner, public key is shared
Key management Complexity grows with number of Complexity is linear with number involved communication partners of number of communication partners
12 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Basics of Cryptography Digital Signature - Principles
Goals : authenticity and integrity of data
u The originator needs to have a generated Public-Private key pair.
u The originator uses the following process to generate a signature u Calculate Hash Value for the Data u Resulting hash value is encrypted using the private key of the originator u Signature is appended to the data and sent over to the user
u The user uses the following signature verification process u Decrypts the hashed value with the originator's public key u calculates the hash of the data u compares the hashed data and decrypted hashed value u If they are the same, then the authenticity and integrity of data can be assured
[1] u Standards for Digital Signatures are set forth in FIPS 186
13 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Basics of Cryptography Certificates
Certificates
u … used to identify communication partners
u … contains signed personal characteristics of the owner (name, place, …)
u … can be restricted to a limited period of time, service and location.
u … can be provided by a „Trusted Authority“ (TA) or „Certificate Authority“ (CA)), which is the trust anchor and has built the signature within the certificate.
TA
C
T1 T2
14 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Basics of Cryptography Certificates - Example for Automotive PKI
OEM Root Certificate, Root CA Kpub CA Self signed Issuer tbsCert Kpub CA Kpriv CA Signature C
Sign(Root CA) = SignAlgo( tbsCert (Root CA), K(Priv RootCA) )
Platform CA Tester CA K K Issuer pub PCA Issuer pub TCA
Kpub PCA Kpub TCA K K Signature C priv PCA Signature C priv TCA
Sign(PlatformCA) = SignAlgo( tbsCert (PlatformCA), K(Priv RootCA) ) Sign(TesterCA) = SignAlgo( tbsCert (TesterCA), K(Priv RootCA) )
Car Cert Tester Cert K K Issuer pub car Issuer pub Tester K pub car … Kpub Tester … K K Signature C priv car Signature C priv Tester
Sign(CarCA) = SignAlgo( tbsCert (CarCA), K(Priv PlatformCA) ) Sign(CarCA) = SignAlgo( tbsCert (CarCA), K(Priv TesterCA) )
15 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Basics of Cryptography Transport Layer Security (TLS 1.2)
u Application data can be reliably exchanged on an IP based Network by the Transport Control Protocol (TCP), but, TCP does neither ensure privacy, nor integrity of the exchanged data.
u To protect a TCP connection, the Transport Layer Security Protocol (TLS 1.2, RFC5246) can be used.
u Privacy is ensured by Symmetric Cryptography (e.g. AES). u Data integrity is ensured by a Hash-based Message Authentication Code (H-MAC). u The encryption and H-MAC computations are using temporary secret keys bound to TLS 1.2 session. u Authenticity of the server is always ensured by a Digital Certificate (X.509v3). u Optionally the client can be authenticated, too.
TLS_ECHDE_ECDSA_WITH_AES_128_CBC_SHA256
Digital Signature Algorithm Hash Algorithm
Key Exchange Algorithm Symmetric Encryption Algorithm
16 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Agenda
Cybersecurity Realization in Automotive Systems Basics of Cryptography u Use Cases Secure Onboard Communication Cybersecurity Architecture Secured Communication Configuration Configuration of Security Manager in CANoe Vector Company Overview
17 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Use Cases Example: HMAC for flash programming
Calculated Flashfile HMAC
Verify Hash Hash
ksecret Flash data Transferred Flash- HMAC Flashfile HMAC download Boot ksecret
Hash Hash function ksecret: Secret key HMACHMAC Keyed-Hash Message Authentication Code (FIPS PUB 198)
18 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Use Cases Example: Digital Signature for flash programming
kprivate Flashfile
MAC-E Verify MAC-I H Code
kpublic kprivate RSA H RSA Flash data
Flash- SIGN Flashfile SIGN download Boot
19 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Use Cases Usage Example: Communication between tester and vehicle
u Certificates are used for an authentic communication
u They can be used for the following purposes: u Tester to car:
> Usage of CertTester and CertCar for communication. > Car requests the revocation list of tester serial number from backend. > Option: If revocation list cannot verified at the moment, only restricted operations by the tester are allowed.
Example: Revocated?
OEM
Generate Generate C
Kpub CA
Kpub PCA CAR Tester Kpub Tester Kpub TCA Send C C
Kpriv car
20 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Secure Onboard Communication Goals
integrity authenticity
ECU 1 ECU 2 ECU 1 ECU 2
21 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Secure Onboard Communication AUTOSAR SecOC
ECU 1 ECU 2
data
freshness value authenticated message
MAC generator
MAC
BUS
MAC=Message Authentication Code
22 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Secure Onboard Communication AUTOSAR SecOC
ECU 1 ECU 2
data data freshness value MAC freshness value authenticated message
MAC
BUS
23 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Secure Onboard Communication AUTOSAR SecOC
ECU 1 ECU 2
data data freshness value MAC authenticated message freshness value
MAC generator
MAC
BUS
24 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Secure Onboard Communication AUTOSAR SecOC
ECU 1 ECU 2
MAC authenticated message
MAC
BUS
25 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Secure Onboard Communication Freshness Value Manager (FvM)
u AUTOSAR does not specify the calculation/synchronization of the freshness value.
u Instead a generic callout to a Freshness Value Manager (FVM) component is provided
u FVM specification is left to the OEM
26 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Secure Onboard Communication Freshness: Replay of authenticated messages
ECU 1 ECU 2
27 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Secure Onboard Communication Freshness: Replay of authenticated messages
ECU 1 ECU 2
28 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Secure Onboard Communication Freshness: Replay of authenticated messages
ECU 1 ECU 2
29 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Secure Onboard Communication Concepts of Freshness
u Message counter based freshness (MCBF) u Trip counter based freshness (TCBF)
ECU 1 ECU 2 ECU 1 ECU 2
trip counter reset counter message counter
u Time stamps u Hybrid system: time stamp & message counter
ECU 1 ECU 2 ECU 1 ECU 2
31 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Agenda
Cybersecurity Realization in Automotive Systems Basics of Cryptography Use Cases Secure Onboard Communication u Cybersecurity Architecture Secured Communication Configuration Configuration of Security Manager in CANoe Vector Company Overview
32 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Cybersecurity Architecture MICROSAR Cyber Security Solution
u Crypto Service Manager – CSM > Services can be called by SWCs SWC/Application FVM > Configuration of cryptographic keyelements FBL Application > Configuration of cryptographic services RTE LIBS SYS u Crypto Interface – CRYIF CALCSM (CPL) HIS Security Module SecOC > Supports dispatching of security jobs to HW or SW Complex Runtime Protection crypto drivers Driver CRYIF Update Authorization
Crypto(SW) COMSecure Update Manager
u Crypto Driver – Crypto (SW/HW) > Implementation of cryptographic functions MCAL Crypto(HW) CDD > Crypto (SW): Usage of SW-libraries > Crypto (HW): Usage of resources and capabilities Microcontroller Sec. BootmanagerHTA (HSM) of HW-Trust Anchors (SHE, HSM, TPM,…)
33 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Cybersecurity Architecture Interaction of the AUTOSAR Application, BootLoader with Vector HSM
Host Core of ECU HSM Core of ECU
HSM Application FBL Application Secure SWC/Application Mode FVM Boot Custom Manager Manager Secure Secure Repro- Boot gramming
RTE Job Crypto Primitive Manager Dispatcher
CSM SecOC
SYS Cry Cry Cry Cry CryLib KeyM TRNG AES …
CRYIF Vector Crypto Lib COM OS SYS
FBL Crypto (HW) MCAL Crypto (HW) MCAL IPC FLS TRNG AES …
Microcontroller Inter Process Communication (IPC) HW Trust Anchor
34 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Cybersecurity Architecture
CSM Job Handling : CSM Keys Job Priority Key Synchronous job CSM Queues Priority Asynchronous job Sync/Async CSM keys Queue Callback function CSM queues CSM Primitives CSM primitives Primitive
Crypto Service Module
CSM
Job Job Queue
Crypto Interface
CryIF Channel
Driver Obj Crypto Driver
35 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Cybersecurity Architecture Scheduling of Asynchronous Jobs
u Upon calling CSM service function, the job is added into the queue Application/RTE u Scheduling and execution in CSM mainfunction
Csm_Encrypt(jobId, data…)
CSM Queue1 Csm_MainFunction u Sort job wrt. their priorities
u Synchronously call Driver Object to process the job with highest priority CryIf
u After job finishes, call callback function & Channel1 remove the job from the queue Crypto
Driver Obj1
Low High Job priority
36 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Cybersecurity Architecture Crypto Driver objects & CSM Keys
u Crypto Driver :
Cryptographic capabilities
Primitives
Driver Obj1
Driver Obj1
37 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Agenda
Cybersecurity Realization in Automotive Systems Basics of Cryptography Use Cases Secure Onboard Communication Cybersecurity Architecture u Secured Communication Configuration Configuration of Security Manager in CANoe Vector Company Overview
38 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Secured Communication Configuration
Flow of Secured Receive Frame :
data COM
FvM SecOC CSM data FV MAC FV MAC CryIF data FV MAC PDUR
CANIF data FV MAC Crypto
data FV MAC CAN
CAN Bus data freshness value MAC authenticated message
39 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Secured Communication Configuration SecOC Configuration
User can select the Freshness calculation function
User can configure Call back function, which will be called based on each individual PDU propagation Mode
40 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Secured Communication Configuration AES primitive configuration for MAC calculation :
SecOC ID has been considered from CAN ID
Here user can decide for verification result propagation / Call backs
41 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Secured Communication Configuration Key Configuration:
CryIF Key CSM Key Cry Key
This is the Symmetric Key , which should be same in both sides In this example , same key should be configured in the Canoe Security profile
42 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Configuration of Security Manager in CANoe Testing : Enabling Analysis and Test of Secured Networks
u CANoe Fuzz Testing Crypt o Mat erial u Available: for selected Provider Pilot Customers
OEM Securit y Cloud u Security Manager Def ault Car2X Securit y Sources Backend Adapt er Adapt er u Available: (OEM specific)
Securit y Manager
Device Vect or Tools CANoe CANalyzer . . . under Test
Int erf ace Bus Syst em
43 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 Vector Company Overview Application Areas and Product Examples
Development of Distributed Systems PREEvision
Embedded Software and Systems MICROSAR, CANbedded, VC ECU, Customer Projects
Testing CANoe, CANalyzer, vTESTstudio, VT System, Logger, VectorCAST
Diagnostics CANdelaStudio, Indigo, vFlash, CANoe.DiVa
ECU Calibration CANape, VX1000, vCDM, vADASdeveloper, ASAP2 Tool-Set
Measurement Technology vMeasure exp, vSignalyzer, vMDM, MDF4 Lib, Analog Measurement Devices
Consulting Consulting Services, Engineering Services
44 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25 More information ! Visit our Website for : > News > Products > Demo Software > Support > Workshops > Contact Addresses
www.vector.com Author: Subrahmanyam Namdikam Vector Informatik India Limited
45 © 2019. Vector Informatik India Private Limited. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V0.2 | 2019-07-25