Timm Lauser scite author profile

Automotive Ethernet is increasingly used in modern vehicles and complements or replaces legacy bus systems such as CAN. Ethernet also enables service-oriented communication with the Scalable service-Oriented MiddlewarE over IP (SOME/IP) middleware. In this paper, we present a formal and practical security analysis of SOME/IP, the identified Man-in-the-Middle (MITM) attacks, and propose two security extensions. The attacks are possible even if SOME/IP is used in combination with link layer security mechanisms. The attacker can impersonate a service offering server and a service consuming client. The two most common communication methods, request/response and publish/subscribe, are both vulnerable. In most communication scenarios, we are able to route all messages over the attacker. Our security extensions for authentication and authorization of service provisioning and usage protect against these attacks. We formally analyze the security and evaluate the overhead with practical implementations. CCS CONCEPTS• Security and privacy → Security protocols; Embedded systems security; • Applied computing → Transportation.

show abstract

Integrating Privacy into the Electric Vehicle Charging Architecture

Kern

Lauser

Krauß

2022

PoPETs

View full text Add to dashboard Cite

The Electric Vehicle (EV) charging architecture consists of several actors which communicate with different protocols. A serious issue is the lack of adequate privacy-preserving measures that enables the generation of movement profiles or inferring consumer habits by all of the involved actors. In this paper, we propose an extension of a Trusted Platform Module (TPM)-based Direct Anonymous Attestation (DAA) scheme to enable privacy-preserving charging authorization and billing. Our implementation shows that our solution can be easily integrated into existing protocols of the Plug-and-Charge (PnC) EV charging architecture and introduces only minor overhead. The formal analysis using the Tamarin prover shows the security and privacy of our protocol extension.

show abstract

QuantumCharge: Post-Quantum Cryptography for Electric Vehicle Charging

Kern

Krauß

Lauser

et al. 2023

View full text Add to dashboard Cite

Formal Security Analysis of Vehicle Diagnostic Protocols

Lauser

Krauß

2023

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Timm Lauser

Security Analysis of Automotive Protocols

Analyzing and Securing SOME/IP Automotive Services with Formal and Practical Methods

Integrating Privacy into the Electric Vehicle Charging Architecture

QuantumCharge: Post-Quantum Cryptography for Electric Vehicle Charging

Formal Security Analysis of Vehicle Diagnostic Protocols

Contact Info

Product

Resources

About