The global time that is propagated and synchronized in vehicle E/E architecture is used in safety-critical, security-critical and time-critical applications. The cybersecurity attacks on the global time result in false time, accuracy degradation and DoS as stated in IETF RFC 7384. These failures reduce the vehicle availability, robustness and safety of the road user. AUTOSAR R22-11 defines the detailed specifications for the integrated security mechanism to secure the global time on automotive networks. However, there are also external security mechanisms like MACsec on the Ethernet network. Challenges in achieving a holistic solution to secure the global time in the vehicle, include zero impact on the precision of global time, end-to-end security and being cost-effective. This triggers the questions: what are the security mechanisms in the vehicle E/E architecture? Can the external security mechanisms satisfy all security requirements of global time? Can they replace the integrated security mechanism to achieve a holistic solution? Our paper describes the use cases that require the integrated security mechanism despite external security mechanisms on an ethernet network. It substantiates with rationale the need to achieve end-to-end security in specific vehicle E/E architectures. It is extended with experimental data that the vehicle timing constraints can be better achieved with integrated security mechanisms rather than external security mechanisms.
Session:
Software Defined Vehicle II
|
| 15:30 - 16:00