Conferences and supporting programme
Embedded Security with Controller Area Network (CAN)
Embedded network security is the hot topic of today. Every day there are news about security breaches. Until recently security was a topic for IT only. Embedded systems where considered not vulnerable, because of its nature as you need physical access to exploit. But that changed as more systems are connected together for remote monitoring and control. Controller Area Network (CAN) is not different. CAN is mostly associated with automotive, trucks, and buses. Almost everybody heard of the Jeep Chrysler hack with full control of the car from a remote location. It is the classic example of an embedded system hooked up to the Internet, but not designed for it. It all boiled down to: CAN is unsecure. The IT industry has gone through the same cycle: Ethernet is unsecure by design. But nobody considers Ethernet as unsecure today. Because there are ways to make Ethernet secure. That can be applied to CAN, and other embedded networks. At CAN in Automation (CiA) together with our members and experts in the field of security, we are developing protocols, methods, and principles to secure CAN-based embedded systems. The first idea is a version of the Diffie-Hellman-Key exchange, which makes use of the unique features of CAN that anybody could transmit any message, but nobody really does know who transmitted it. Actually, the CAN-based implementation of that initial key exchange is so unique, that no Man-in-the-Middle (MITM) attack is possible and still it is much more efficient than any existing implementation. It is the in bit-time response that makes that happen. The second idea is to use embedded TLS with reused session IDs to secure transmission and allow certificate-based authentication. It is based on the standardized and widely used TLS version 1.3. TLS supports a diverse range of options to make it multipurpose. At the University Offenbach security experts developed ideas on how to limit TLS to make an embedded TLS and how to use that in CAN. The third idea is to allow distributed, authenticated broadcast transmission for embedded control. While embedded TLS is great for point-to-point communication and as such setting up the communication, CAN is an embedded network for control systems. With CAN outputs, hydraulics, pneumatics, electrical drives, and a diverse range of actuators are controlled reliable and robustly. To extend that we need authenticated control. All of which are only pieces of a puzzle and only work, when secure system design and system integration is done. Because, the weakest link in security, even IT security, is the system integration. CAN in Automation (CiA) want to discuss all solutions publically, because Auguste Kerckhoffs published 1883 in its essay entitled La Cryptographie Militaire the principles of cryptography, which are still true today. One of is strongest is: A cryptosystem should be secure even if everything about the system, except the key, is public knowledge.
--- Date: 01.03.2018 Time: 2:30 PM - 3:00 PM Location: Conference Counter NCC Ost