Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Kongresse
Themenseiten
Künstliche Intelligenz Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Veranstaltungskalender Awards MyNewsletter Firmensuche
Kunden Login
Über Einzelzugang informieren
Über Unternehmenszugang informieren
Referenzkunden
Zukunftswerkstatt Sales Excellence 2025 | 08. Mai 2025

KI als Booster im Vertrieb

Lernen Sie von Digital-Experten, wie der gezielte Einsatz von KI-Unterstützung Ihrem Unternehmen in vielen Bereichen hilft, im Vertrieb einen Schritt voraus zu sein. Jetzt wieder live vor Ort teilnehmen in Frankfurt am Main!
Erweiterte Suche
Anmelden
nach oben
International Journal of Automotive Technology

24.09.2024 | Connected Automated Vehicles and ITS, Electrical and Electronics

Enhancing Security in Automotive Unified Diagnostic Services: A Lightweight Certificate Validation Verification Approach

verfasst von: Feng Luo, Zhihao Li, JiaJia Wang, Yifan Jiang, Cheng Luo

Erschienen in: International Journal of Automotive Technology

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

The surge in the frequency of automotive diagnostics, coupled with the exponential growth in data volume, underscores the pressing need for robust security measures. While unified diagnostic services (UDS) incorporate authentication services, we found that resource-constrained edge devices face challenges in verifying the status of certificates and validity period due to limited connectivity in application, posing serious risks to diagnostic security. To address this issue, we establish an attack model and propose a tailored lightweight certificate validation approach specifically designed for automotive scenarios. This approach employs diagnostic equipment as proxies, introducing the lightweight time query protocol (LTQP) and the Lightweight Online Certificate Status Protocol (LOCSP) to acquire precise real-time data and certificate status information. Furthermore, we integrate the protocols with authentication services while ensuring UDS protocol consistency, and standardizing the certificate verification flow. We constructed a certificate management platform based on public key infrastructure and simulated a vehicular environment to validate the security and feasibility of the approach. Through Proverif formal verification and experimental analysis, it is proved that our proposed approach significantly advances automotive cybersecurity by complementing authentication services, enhancing diagnostic communication security, and ensuring efficiency.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

ATZelectronics worldwide

ATZlectronics worldwide is up-to-speed on new trends and developments in automotive electronics on a scientific level with a high depth of information. 

Order your 30-days-trial for free and without any commitment.

Jetzt informieren
Weitere Produktempfehlungen anzeigen
Anhänge
Nur mit Berechtigung zugänglich
Literatur
Aini, Q., Harahap, E. P., Santoso, N. P. L., et al. (2023). Blockchain based certificate verification system management. APTISI Transactions on Management, 7(3), 191–200.
Bandur, V., Selim, G., Pantelic, V., et al. (2021). Making the case for centralized automotive e/e architectures. IEEE Transactions on Vehicular Technology, 70(2), 1230–1245.CrossRef
Busygin, A. G., Konoplev, A. S., & Kalinin, M. O. (2016). Approaches to protection of applications based on the tls protocol against attacks using revoked certificates. Automatic Control and Computer Sciences, 50, 743–748.CrossRef
Daimi, K. (2017). A security architecture for remote diagnosis of vehicle defects. In: Advanced international conference on telecommunications-AICT, IARIA XPS PRESS location WILMINGTON (pp. 1–7).
De La Torre, G., Rad, P., & Choo, K. K. R. (2020). Driver-less vehicle security: Challenges and future research opportunities. Future Generation Computer Systems, 108, 1092–1111.CrossRef
Dibaei, M., Zheng, X., Jiang, K., et al. (2020). Attacks and defences on intelligent connected vehicles: A survey. Digital Communications and Networks, 6(4), 399–421.CrossRef
Halder, S., Ghosal, A., & Conti, M. (2020). Secure over-the- air software updates in connected vehicles: A survey. Computer Networks, 178, 107343.CrossRef
ISO. (2015). Iso 11898-1 road vehicles controller area network (can) part 1: Data link layer and physical signalling.
ISO. (2016). Iso 17987-3 road vehicles local interconnect network (lin) part 3: Protocol specification.
ISO. (2020). Iso 14229-1 road vehicles unified diagnostic services (uds) part 1: Application layer.
ITU-T. (2019). Information technology—open systems interconnection—the directory: Public-key and attribute certificate frameworks. Tech. Rep. X.509, International Telecommunication Union.
ITU-T. (2021). Information technology—abstract syntax notation one (asn.1): Specification of basic notation. Tech. Rep. X.680, International Telecommunication Union.
Kurachi, R., Takada, H., & Takei, K., et al. (2019). Evaluation of security access service in automotive diagnostic communication. In: 2019 IEEE 89th vehicular technology conference (VTC2019-spring), IEEE (pp. 1–7).
Lauser, T., & Krauß, C. (2023). Formal security analysis of vehicle diagnostic protocols. In: Proceedings of the 18th international conference on availability, reliability and security (pp. 1–11).
Liu, A., Alqazzaz, A., Ming, H., et al. (2021). Iotverif: Automatic verification of ssl/tls certificate for iot applications. IEEE Access, 9, 27038–27050.CrossRef
Mundhenk, P., Steinhorst, S., & Lukasiewycz, M., et al. (2015). Lightweight authentication for secure automotive networks. In: 2015 design, automation & test in europe conference & exhibition (DATE), IEEE (pp. 285–288).
Mundhenk, P., Paverd, A., Mrowca, A., et al. (2017). Security in automotive networks: Lightweight authentication and authorization. ACM Transactions on Design Automation of Electronic Systems (TODAES), 22(2), 1–27.CrossRef
Papapanagiotou, K., Marias, G. F., & Georgiadis, P. (2007). Acertificate validation protocol for vanets. In: 2007 IEEE globecom workshops, IEEE (pp. 1–9).
Püllen, D., Anagnostopoulos, N. A., Arul, T., et al. (2019). Using implicit certification to efficiently establish authenticated group keys for in-vehicle networks. In: 2019 IEEE vehicular networking conference (VNC), IEEE (pp. 1–8).
Ring, M., Rensen, T., & Kriesten, R. (2014). Evaluation of vehicle diagnostics security—implementation of a reproducible security access. Securware, 2014, 213.
Santesson, S., Myers, M., & Ankney, R., et al. (2013). X.509 internet public key infrastructure online certificate status protocol—OCSP. RFC 6960.
Sermersheim, J. (2006). Lightweight directory access protocol (LDAP): The protocol. RFC 4511.
Subke, P., Moshref, M., & Erber, J. (2020). In-vehicle diagnostic system for prognostics and ota updates of automated/autonomous vehicles. SAE International Journal of Advances and Current Practicesin Mobility, 2(2020-01–1373), 2963–2968.CrossRef
Sun, X., Yu, F. R., & Zhang, P. (2021). A survey on cybersecurity of connected and autonomous vehicles (cavs). IEEE Transactions on Intelligent Transportation Systems, 23(7), 6240–6259.CrossRef
Thompson, M. (2022). Uds security access for constrained ecus. Tech. rep., SAE technical paper.
Wachter, P., & Kleber. S. (2022). Analysis of the doip protocol for security vulnerabilities. In: Proceedings of the 6th ACM computer science in cars symposium, CSCS ’22.
Yao, J., Xu, C., & Li, D., et al. (2022). Formal verification of security protocols: Proverif and extensions. In: International conference on artificial intelligence and security (pp. 500–512). Springer.
Metadaten
Titel
Enhancing Security in Automotive Unified Diagnostic Services: A Lightweight Certificate Validation Verification Approach
verfasst von
Feng Luo
Zhihao Li
JiaJia Wang
Yifan Jiang
Cheng Luo
Publikationsdatum
24.09.2024
Verlag
The Korean Society of Automotive Engineers
Erschienen in
International Journal of Automotive Technology
Print ISSN: 1229-9138
Elektronische ISSN: 1976-3832
DOI
https://doi.org/10.1007/s12239-024-00159-8

Premium Partner

    Bildnachweise