Analyzing and Securing SOME/IP Automotive Services with Formal and Practical Methods

Zelle, Daniel; Lauser, Timm; Kern, Dustin; Krauß, Christoph

doi:10.1145/3465481.3465748

Cited by 24 publications

(12 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The analysis shows that in the process of communication transmission, the state space of the reinforcement scheme is significantly reduced, the security performance is also significantly improved, and the calculation time is also greatly reduced. Reference [31] uses Tamarin to analyze the SOME/IP protocol formally. The analysis results show that the protocol has three different types of man-in-the-middle attack vulnerabilities.…”

Section: Improvement Scheme Performance Analysis and Methods Comparisonmentioning

confidence: 99%

Security Analysis and Improvement of Vehicle Ethernet SOME/IP Protocol

Tang

Feng

2022

Sensors

View full text Add to dashboard Cite

The combination of in-vehicle networks and smart car devices has gradually developed into Intelligent Connected Vehicles (ICVs). Through the vehicle security protocol, ICVs can quickly realize communication transmission. However, with the more frequent connections between smart in-vehicle devices and the network, the relationship between intelligent cars and external systems is becoming more and more complicated, and in-vehicle networks are gradually facing many security issues. Strengthening the security of in-vehicle protocols has become particularly important. This paper uses the model building method based on the Colored Petri Net (CPN) theory to model the Scalable service-Oriented MiddlewarE over IP (SOME/IP) protocol of the vehicle Ethernet. The security protocol is formally verified and analyzed by combining it with the Dolev–Yao adversary model detection method. After verification, the protocol is subject to three attack vulnerabilities: replay, tampering, and deception. We introduce timestamps and random numbers to strengthen the protocol security. After the final analysis and verification, the improved scheme in this paper can effectively improve the security performance of the protocol.

show abstract

Section: Improvement Scheme Performance Analysis and Methods Comparisonmentioning

confidence: 99%

Security Analysis and Improvement of Vehicle Ethernet SOME/IP Protocol

Tang

Feng

2022

Sensors

View full text Add to dashboard Cite

show abstract

“…The advantage of flexible communication of SOME/IP, though, can be a security vulnerability. As a result, researchers have revealed several feasible MITM attacks related to SOME/IP communication [ 12 , 13 ]. Since the importance of protecting vehicle control and messages is very high, a secure SOME/IP communication method that is both robust against possible attacks while maintaining the advantages of the SOME/IP-SD protocol is required.…”

Section: Some/ipmentioning

confidence: 99%

“…A detailed description of representative MITM attacks is explained in the blog [ 12 ] written by Shir Mousseri from ARGUS cyber security. Zelle et al [ 13 ] present various MITM attack scenarios that can occur in SOME/IP, as well as the feasibility of the attacks in detail. Since actual vehicle control messages can create hazardous situations when attacked, a method that mitigates MITM attacks and does not affect the vehicle’s requirements is needed.…”

Section: Some/ipmentioning

confidence: 99%

“…To ensure the secure usage of SOME/IP, there are various papers [ 13 , 14 , 15 , 16 , 17 ] available. Among them, I have compared two early papers with my own research.…”

Section: Related Workmentioning

confidence: 99%

“…Zelle et al [ 13 ] presented several SOME/IP MITM attack scenarios and showed the feasibility of actual MITM attacks using the revealed attack procedures. The authors suggested two security extensions as MITM attack mitigation methods.…”

Section: Related Workmentioning

confidence: 99%

See 2 more Smart Citations

Protecting SOME/IP Communication via Authentication Ticket

Lee

Choi

Lee

2023

Sensors

View full text Add to dashboard Cite

Designed using vehicle requirements, Scalable service-Oriented MiddlewarE over IP (SOME/IP) has been adopted and used as one of the Ethernet communication standard protocols in the AUTomotive Open System Architecture (AUTOSAR). However, SOME/IP was designed without considering security, and its vulnerabilities have been demonstrated through research. In this paper, we propose a SOME/IP communication protection method using an authentication server (AS) and tickets to mitigate the infamous SOME/IP man-in-the-middle (MITM) attack. Reliable communication between the service-providing node and the node using SOME/IP communication is possible through the ticket issued from the authentication server. This method is relatively light in operation at each node, has good scalability for changes such as node addition, guarantees freshness, and provides interoperability with the existing SOME/IP protocol.

show abstract