The increasing complexity of automotive electronics and the communication of cars with the external environment have led to extensive security issues. The car industry is moving towards the use of Ethernet backbones to improve the performance and reduce the complexity of in-car networks. In this paper, we propose a security solution for automotive Ethernet-based communications. We designed a hardware Media Access Control (MAC) layer based on the MAC Security Standard (MACsec) that considers the specific constraints of the automotive world in terms of latency, throughput and area. From a security point of view, our solution guarantees the confidentiality, integrity and authenticity of data. Furthermore, the system can be configured before synthesis to meet the security needs of the context in which the Ethernet communication is used. We synthesized our architecture on a low-power 28(Formula presented.)nm standard-cell CMOS technology, which is appropriate for automotive microcontrollers. The results show that our implementation is suitable for 100(Formula presented.)Mbps, 1(Formula presented.)Gbps and 10(Formula presented.)Gbps Ethernet speeds introducing less than 350(Formula presented.)ns of latency. The size of the circuit varies from 285 to 622 kgates depending on the required level of security and the required features.
MACsec-Based Security for Automotive Ethernet Backbones
Carnevale, BerardinoMembro del Collaboration Group
;Fanucci, LucaMembro del Collaboration Group
;
2017-01-01
Abstract
The increasing complexity of automotive electronics and the communication of cars with the external environment have led to extensive security issues. The car industry is moving towards the use of Ethernet backbones to improve the performance and reduce the complexity of in-car networks. In this paper, we propose a security solution for automotive Ethernet-based communications. We designed a hardware Media Access Control (MAC) layer based on the MAC Security Standard (MACsec) that considers the specific constraints of the automotive world in terms of latency, throughput and area. From a security point of view, our solution guarantees the confidentiality, integrity and authenticity of data. Furthermore, the system can be configured before synthesis to meet the security needs of the context in which the Ethernet communication is used. We synthesized our architecture on a low-power 28(Formula presented.)nm standard-cell CMOS technology, which is appropriate for automotive microcontrollers. The results show that our implementation is suitable for 100(Formula presented.)Mbps, 1(Formula presented.)Gbps and 10(Formula presented.)Gbps Ethernet speeds introducing less than 350(Formula presented.)ns of latency. The size of the circuit varies from 285 to 622 kgates depending on the required level of security and the required features.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.