UDS Security Access for Constrained ECUs
Legacy electronic control units are, nowadays, required to implement cybersecurity measures, but they often do not have all the elements that are necessary to realize industry-standard cybersecurity controls. For example, they may not have hardware cryptographic accelerators, segregated areas of memory for storing keys, or one-time programmable memory areas. Such systems must still be protected with a sufficient level of rigor against attackers who wish to modify their operation or extract confidential information from them. A critical interface to defend is the Unified Diagnostics Service (UDS) interface which is used in many areas across the whole vehicle lifecycle. While the UDS service $27 (Security Access) has a reputation for poor cybersecurity, there is nothing inherent in the way it operates which prevents a secure access-control from being implemented. This paper describes an approach to providing UDS Security Access within systems which have very constrained processors (in terms of processing power, memory size and, in particular, cybersecurity features) which can be applied to multiple vehicles across many manufacturers. It describes, in detail, methods for generating UDS-Seeds and UDS-Keys in the absence of a hardware security module (HSM) with a true-random number generator, and without use (by the user who is requesting access) of IT-infrastructure. In addition, the problem of key-management and distribution is tackled head-on and not left as an implementation detail. A threat analysis has been performed (according to ISO/SAE 21434) using model-based tools, the results of which are presented in this paper. The constraints (some of which make it difficult to properly secure certain key material) result in risks which become clear in the threat analysis. Potential future users of this scheme can use this analysis to assess the residual risks in their own applications.
- Record URL:
-
Availability:
- Find a library where document is available. Order URL: http://worldcat.org/issn/01487191
-
Supplemental Notes:
- Abstract reprinted with permission of SAE International.
-
Authors:
- Thompson, Martin
-
Conference:
- WCX SAE World Congress Experience
- Location: Detroit & Online Michigan, United States
- Date: 2022-4-5 to 2022-4-7
- Publication Date: 2022-3-29
Language
- English
Media Info
- Media Type: Web
- Features: References;
-
Serial:
- SAE Technical Paper
- Publisher: Society of Automotive Engineers (SAE)
- ISSN: 0148-7191
- EISSN: 2688-3627
- Serial URL: http://papers.sae.org/
Subject/Index Terms
- TRT Terms: Computer security; Diagnostic tests; Driver support systems; Electronic controllers
- Subject Areas: Highways; Security and Emergencies; Vehicles and Equipment;
Filing Info
- Accession Number: 01842973
- Record Type: Publication
- Source Agency: SAE International
- Report/Paper Numbers: 2022-01-0132
- Files: TRIS, SAE
- Created Date: Apr 22 2022 8:54AM