1 / 14

Blockchain Authentication Framework for Autonomous Vehicle System Integrity

This conceptual design proposes a blockchain-based security layer to authenticate and isolate malicious entities in IoT. It includes a firmware update framework and sandbox approach to ensure trusted and properly installed updates. The system monitors modifications, OTA updates, and network access, controlled by the blockchain core. Potential attack scenarios and mitigation strategies are implemented to enhance system integrity.

mollyb
Download Presentation

Blockchain Authentication Framework for Autonomous Vehicle System Integrity

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Blockchain Authentication Framework for Autonomous Vehicle System Integrity Matt Pasco pascomat@msu.edu

  2. Why blockchain? • Mostly a buzzword • Hundreds of ECUs on a given car • ECUs come from variety of manufacturers • CAN has no real hierarchy • No routers, no DHCP • Block chain is designed for decentralized networks

  3. Blockchain-Based Security Layer for Identification and Isolation of Malicious Things in IoT: A Conceptual Design • Banerjee et al. (2018) • Adds authentication layer • Periodically check device firmware • Hash device firmware • Corelate firmware signature against blockchain • Hardware based add-on

  4. Blockchain-based firmware update framework for internet-of-things environment • Yohan et al. (2018) • Ledger based approach • Ensures firmware updates are properly installed • Ensures firmware updates are trusted

  5. Electronic Control Units (ECUs) • Often run a form a Linux, GENIVI • Have unutilized CPU Cores

  6. Proposed work • Utilize a sandbox approach • 1 core for functional usage • Runs as root in container/VM, user to system • Only runs whitelisted applications • 1 core for blockchain • Runs as root • Minimize cost • Blockchain core monitors • Modifications to system executables • OTA Software and firmware updates

  7. Proposed work TBD Functional core Blockchain core Hypervisor or Container Service Shared File system Read only File system • Monitors: • Shared FS • IO plugin Sensors Device I/O NIC Debug connection Network access, controlled by blockchain core CAN BUS

  8. Blockchain messages

  9. Attack scenario • Hackers plug into tire ECU debug port • Tire ECU blockchain core notice new connection • Computes hash, sends message to all other ECUS • Other ECUs blockchain cores validate hash • Discrepancy Found • Mitigation Strategy is enacted

  10. Blockchain computation • Make hash computing easy • Miners could be on all ECUs or just a subset • Ledger will be created before vehicle is sold

  11. OTA updates • ECU updates will only be distributed and installed if the majority votes to allow the update • Prevents unauthorized updates from being sent • Updates will utilize a X509 certificate chain model • Manufacturer acts as root certificate authority • 1st and 3rd party manufactures are granted a certificates from manufacturer CA • Updates are signed by 1st and 3rd party • Vehicle performs X509 certificate attestation • All updates must be originally signed by manufacturer CA and is cryptographically secure • Must consider possibility manufacturer root CA is leaked

  12. What this doesn’t solve • Asus ShadowHammer (3/25/2019) • Hackers created virus • Hackers signed virus with ASUS private CA, then delivered using Asus updater • Command and Control (C2) server on all Asus computers • Blockchain take over • More than 50% of ECU cores would need to be compromised • Attacks have been shown with less • Virtualization breakout • If the functional core could breakout of sandbox and priv-esc

  13. Proof of Concept • Virtual network • Throttle to act like CAN • Virtual machine for each ECU • Containerized functional process on each VM • Simulate attack detection

  14. Mandrita Banerjee, Junghee Lee, Qian Chen, and Kim-Kwang Raymond Choo. Blockchain-based security layer for identification and isolation of malicious things in iot: A conceptual design. In2018 27th International Conference on Computer Communication and Networks (ICCCN), pages1–6. IEEE, 2018 • Alexander Yohan, Nai-Wei Lo, and SuttaweeAchawapong. Blockchain-based firmware update framework for internet-of-things environment. In Proceedings of the International Conference on Information and Knowledge Engineering (IKE), pages 151–155. The Steering Committee of The World Congress in Computer Science, Computer . . . , 2018 • https://www.pcworld.com/article/3383248/shadowhammer-infects-asus-pcs-through-its-asus-live-update-utility.html

More Related