Automotive Cyber-Physical Security Testbeds and

Applications

1

Tsutomu Matsumototsutomu@ynu.ac.jp

SIP-adus Workshop 2018, Tokyo, Nov. 13, 2018

The Session on Cyber Security

(C) Tsutomu Matsumoto

Faculty of Environment and Information Sciences and

Institute of Advanced Sciences

(C) Tsutomu Matsumoto 2

Acquiring

Processing

Controlling

Environmental

Communicated

In Vehicle

Instrumentation Security

Control Security

Communi-cationSecurity

Storage Security

ProcessingSecurity

AI Security

Major Automotive Cyber Physical Security Issues

(C) Tsutomu Matsumoto 3

In-Vehicle Network

Message Authentication Codes/ Digital Signatures

Cryptographic Key Management Anomaly Detection Security Supply Chain Management

(C) Tsutomu Matsumoto 4

Connected Architecture Message Authentication Codes/

Digital Signatures Cryptographic Key Management Trust Management

Medium forInstrumentation Environment

ESensor

(Sensing System)

S

Object

O

ZOutput

x to be sensed

(eg. Distance to O)

Attack

AAttack

A

Attack

A

Attack

A

(C) Tsutomu Matsumoto 5

Attack to1. Integrity2.Availability3.Confidentiality

Threats to Instrumentation

(C) Tsutomu Matsumoto 6

Automatic Driving

Control Mechanisms Algorithms Data

(C) Tsutomu Matsumoto 7

Acquiring

Processing

Controlling

Environmental

Communicated

InVehicle

Instrumentation Security

Control Security

Communi-cationSecurity

Storage Security

ProcessingSecurity

AI Security

Major Automotive Cyber Physical Security Issues

Needs for Developing

1. Evaluation Technologies

2. Security Enhancement Technologies

3. Security Assurance Schemes

• Certification

• Self Declaration

Superior Automotive Security Testbeds for

Responsible Examination and Development of Offence and Defense Technologies

Self Declaration

Certification

(C) Tsutomu Matsumoto 8

Automotive Cyber Physical Security

9(C) Tsutomu Matsumoto

Software vehicle simulator

CAN

PASTA(testbed)

CAN

Physical inputs

● Acceleration● Friction● Weight

white-box ECUs

Scale model of vehicle

PASTA in attaché case

Portable Automotive

Security Testbed with

Adaptability

PASTAA Joint Research by

and

Details: Black Hat Europe 2018

10(C) Tsutomu MatsumotoStructure of a Version of PASTA

Panels on upper side of PASTA displaying vehicle status

White-box ECUs

PASTAA Joint Research by

and

Details: Black Hat Europe 2018

Accelerating Security Research by Rich Adaptability and Portability

Providing Standard Development Platform

Visualization of CAN Communication Results

Educational Use Applied to Class

“Security Analysis” at YNU

11Figures and Pictures by Courtesy of JARI

Pseud In-Vehicle Network

Steering-ECU

OBD

CAN-Router

Brake-ECU

PowerTrain-ECU

CAN-FDCAN-FD

HMI-ECU

HILS

カメラレーダ

V2X

GNSS

ADAS(Fusion) Model

CAN-FDCAN-FD

Dummy Server

・Appli SW(OTA)(TCU, Gateway, ECU)

・Parameter Data(White list,etc)

・Map Data

HSM

CAN CAN CANCAN

C-Gateway

USB

Ether-CAN Converter

I V I

HILSSensor Generic Model

Ether

(WiFi)

(USB)

Ether

LAN Analyzer

Automotive Simulation Models（ASM）

FusionPass

Planning

TCU

HSM

Application

Processor

Modem(LTE,WiFi)

LoggingBehavior Monitoring

SＤ(log)

（FPGA）

Switch

White ListFilter

DDR(work)

（FPGA）

Ether

HSM

Ether

CAN

AOBA Security Testbed Being Developed by METI/JARI Project

Other Examples

2018/6/8dSPACE User Conference

2018/7/20CDNLive Japan 2018

Needs for Developing

1. Evaluation Technologies

2. Security Enhancement Technologies

3. Security Assurance Schemes

• Certification

• Self Declaration

Superior Automotive Security Testbeds for

Responsible Examination and Development of Offence and Defense Technologies

Self Declaration

Certification

(C) Tsutomu Matsumoto 12

Automotive Cyber Physical Security

13

Thank you! Tsutomu Matsumoto

URL: http://ipsr.ynu.ac.jp/

(C) Tsutomu Matsumoto