Contributions to in-vehicle networks: error injection and intrusion detection system for CAN, and audio video bridging synchronization

Detalhes bibliográficos
Ano de defesa: 2018
Autor(a) principal: ARAUJO FILHO, Paulo Freitas de
Orientador(a): CAMPELO, Divanilson Rodrigo de Sousa
Banca de defesa: Não Informado pela instituição
Tipo de documento: Dissertação
Tipo de acesso: Acesso aberto
Idioma: eng
Instituição de defesa: Universidade Federal de Pernambuco
Programa de Pós-Graduação: Programa de Pos Graduacao em Ciencia da Computacao
Departamento: Não Informado pela instituição
País: Brasil
Palavras-chave em Português:
Redes de computadores
Técnicas de injeção de erros
Link de acesso: https://repositorio.ufpe.br/handle/123456789/31916
Resumo: Vehicles are equipped with Electronic Control Units (ECUs) responsible for performing tasks as simple as lighting up brake lights or as complex as controlling the wheels of an electric car. The exchange of information between ECUs uses the Controller Area Network (CAN) and the Controller Area Network with Flexible Data Rate (CAN FD), which provides higher data rates and payloads, as the main and most used intra-vehicular networks, at least until today. Interconnected ECUs must work perfectly and interact with each other as well as with other car components in a reliable way, thus it is indispensable to test and predict the behavior of these units in error situations. For this, an error injection mechanism can be very advantageous for checking various error conditions in real-world scenarios that affect the safety of vehicles. Furthermore, nowadays, cars are also equipped with network technologies that provide connectivity to the external world. This offers numerous possibilities in terms of new applications and services to be provided, however makes the car a network node subject to cyber-attacks. It is then necessary to provide security mechanisms to prevent, or at least detect, attacks. Besides CAN and CAN FD networks, the advent of 100BASE-T1 Ethernet has feasible the outcome of many new automotive applications with higher bandwidth demands. In order to be use Ethernet in applications that require determinism, a series of IEEE standards, which together constitute the Audio Video Bridging (AVB), were developed and proposed. The IEEE 802.1AS, for instance, is the AVB standard that defines the generalized Precision Time Protocol (gPTP), responsible for node synchronization within AVB networks. In this context, this dissertation intends to make contributions for CAN/CAN FD networks as well as for the automotive Ethernet. For CAN networks, it proposes a novel Error Injection Technique to assist with system level validation tests and also an Intrusion Detection System based on machine learning algorithms. For automotive Ethernet, it designs and proposes a hardware implementation of the gPTP protocol that achieves the required nanoseconds precision, while also providing implementation details for future researches on that protocol.
id UFPE_b6d5fc0a9fafb3a9e66ff7eef4fa8945
oai_identifier_str oai:repositorio.ufpe.br:123456789/31916
network_acronym_str UFPE
network_name_str Repositório Institucional da UFPE
repository_id_str
spelling ARAUJO FILHO, Paulo Freitas dehttp://lattes.cnpq.br/8618484705816309http://lattes.cnpq.br/9838400375894439CAMPELO, Divanilson Rodrigo de Sousa2019-08-19T18:34:27Z2019-08-19T18:34:27Z2018-07-04https://repositorio.ufpe.br/handle/123456789/31916Vehicles are equipped with Electronic Control Units (ECUs) responsible for performing tasks as simple as lighting up brake lights or as complex as controlling the wheels of an electric car. The exchange of information between ECUs uses the Controller Area Network (CAN) and the Controller Area Network with Flexible Data Rate (CAN FD), which provides higher data rates and payloads, as the main and most used intra-vehicular networks, at least until today. Interconnected ECUs must work perfectly and interact with each other as well as with other car components in a reliable way, thus it is indispensable to test and predict the behavior of these units in error situations. For this, an error injection mechanism can be very advantageous for checking various error conditions in real-world scenarios that affect the safety of vehicles. Furthermore, nowadays, cars are also equipped with network technologies that provide connectivity to the external world. This offers numerous possibilities in terms of new applications and services to be provided, however makes the car a network node subject to cyber-attacks. It is then necessary to provide security mechanisms to prevent, or at least detect, attacks. Besides CAN and CAN FD networks, the advent of 100BASE-T1 Ethernet has feasible the outcome of many new automotive applications with higher bandwidth demands. In order to be use Ethernet in applications that require determinism, a series of IEEE standards, which together constitute the Audio Video Bridging (AVB), were developed and proposed. The IEEE 802.1AS, for instance, is the AVB standard that defines the generalized Precision Time Protocol (gPTP), responsible for node synchronization within AVB networks. In this context, this dissertation intends to make contributions for CAN/CAN FD networks as well as for the automotive Ethernet. For CAN networks, it proposes a novel Error Injection Technique to assist with system level validation tests and also an Intrusion Detection System based on machine learning algorithms. For automotive Ethernet, it designs and proposes a hardware implementation of the gPTP protocol that achieves the required nanoseconds precision, while also providing implementation details for future researches on that protocol.CNPqVeículos são equipados com unidades de controle eletrônico (ECUs) responsáveis por executar tarefas tão simples quanto acender as luzes de freio, ou tão complexas quanto controlar as rodas de um carro elétrico. A troca de informações entre ECUs utiliza a Controller Area Network (CAN) e a Controller Area Network with Flexible Data Rate (CAN FD), com maior taxa de transmissão e carga útil, como principais e mais utilizadas redes intra-veiculares, pelo menos por enquanto. ECUs interconectadas devem trabalhar perfeitamente e interagir umas com as outras, bem como com outros componentes veiculares, de forma confiável, sendo então imprescindível testar e prever o comportamento dessas unidades em situações de erro. Para isso, um mecanismo de injeção de erro pode ser muito vantajoso para verificar várias situações de erro em cenários reais, que possam afetar a segurança do veículo. Além disso, atualmente, os carros também são equipados com tecnologias de redes que proveem conectitividade com o meio exterior. Essa conectividade oferece inúmeras possibilidades em termos de novas aplicações e serviços a serem oferecidos, contudo, torna os carros sujeitos a ataques cibernéticos. É necessário então prover mecanismos de segurança para prevenir, ou ao menos detectar, ataques. Além das redes CAN e CAN FD, o advento da Ethernet 100BASE-T1 tem viabilizado uma grande gama de aplicações automotivas com maiores demandas de banda. A fim de usar a Ethernet para aplicações com requisitos temporais e determinísticos, uma série de padrões do IEEE, os quais juntos compõem o Audio Video Bridging (AVB), foi desenvolvida e proposta. O IEEE 802.1AS, por exemplo, é o padrão do AVB que define o generalized Precision Time Protocol (gPTP), responsável pela sincronização de nós em redes AVB. Esta dissertação propõe contribuições tanto para as redes CAN/CAN FD, como também para a Ethernet automotiva. Para redes CAN, são propostos uma nova técnica de injeção de erros, para auxiliar em testes de validação em nível de sistema, e um sistema de detecção de intrusão baseado em algoritmos de aprendizagem de máquina. Para a Ethernet automotiva, é proposta uma implementação em hardware do protocolo gPTP que atinge os requisitos de precisão de nano-segundos, enquanto que também oferecendo detalhes de implementação necessários para futuras pesquisas sobre o protocolo em questão.engUniversidade Federal de PernambucoPrograma de Pos Graduacao em Ciencia da ComputacaoUFPEBrasilAttribution-NonCommercial-NoDerivs 3.0 Brazilhttp://creativecommons.org/licenses/by-nc-nd/3.0/br/info:eu-repo/semantics/openAccessRedes de computadoresTécnicas de injeção de errosContributions to in-vehicle networks: error injection and intrusion detection system for CAN, and audio video bridging synchronizationinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesismestradoreponame:Repositório Institucional da UFPEinstname:Universidade Federal de Pernambuco (UFPE)instacron:UFPETHUMBNAILDISSERTAÇÃO Paulo Freitas de Araújo Filho.pdf.jpgDISSERTAÇÃO Paulo Freitas de Araújo Filho.pdf.jpgGenerated Thumbnailimage/jpeg1242https://repositorio.ufpe.br/bitstream/123456789/31916/6/DISSERTA%c3%87%c3%83O%20Paulo%20Freitas%20de%20Ara%c3%bajo%20Filho.pdf.jpg297001dad3113a7a9f13a8054da4f258MD56ORIGINALDISSERTAÇÃO Paulo Freitas de Araújo Filho.pdfDISSERTAÇÃO Paulo Freitas de Araújo Filho.pdfapplication/pdf4379557https://repositorio.ufpe.br/bitstream/123456789/31916/1/DISSERTA%c3%87%c3%83O%20Paulo%20Freitas%20de%20Ara%c3%bajo%20Filho.pdf6a3862c5b2867c163b1f0ba67e87bfbfMD51LICENSElicense.txtlicense.txttext/plain; charset=utf-82311https://repositorio.ufpe.br/bitstream/123456789/31916/3/license.txt4b8a02c7f2818eaf00dcf2260dd5eb08MD53CC-LICENSElicense_rdflicense_rdfapplication/rdf+xml; charset=utf-8811https://repositorio.ufpe.br/bitstream/123456789/31916/4/license_rdfe39d27027a6cc9cb039ad269a5db8e34MD54TEXTDISSERTAÇÃO Paulo Freitas de Araújo Filho.pdf.txtDISSERTAÇÃO Paulo Freitas de Araújo Filho.pdf.txtExtracted texttext/plain201011https://repositorio.ufpe.br/bitstream/123456789/31916/5/DISSERTA%c3%87%c3%83O%20Paulo%20Freitas%20de%20Ara%c3%bajo%20Filho.pdf.txt3f796f5a911aefe2479294e94883731eMD55123456789/319162019-10-26 03:21:43.716oai:repositorio.ufpe.br:123456789/31916TGljZW7Dp2EgZGUgRGlzdHJpYnVpw6fDo28gTsOjbyBFeGNsdXNpdmEKClRvZG8gZGVwb3NpdGFudGUgZGUgbWF0ZXJpYWwgbm8gUmVwb3NpdMOzcmlvIEluc3RpdHVjaW9uYWwgKFJJKSBkZXZlIGNvbmNlZGVyLCDDoCBVbml2ZXJzaWRhZGUgRmVkZXJhbCBkZSBQZXJuYW1idWNvIChVRlBFKSwgdW1hIExpY2Vuw6dhIGRlIERpc3RyaWJ1acOnw6NvIE7Do28gRXhjbHVzaXZhIHBhcmEgbWFudGVyIGUgdG9ybmFyIGFjZXNzw612ZWlzIG9zIHNldXMgZG9jdW1lbnRvcywgZW0gZm9ybWF0byBkaWdpdGFsLCBuZXN0ZSByZXBvc2l0w7NyaW8uCgpDb20gYSBjb25jZXNzw6NvIGRlc3RhIGxpY2Vuw6dhIG7Do28gZXhjbHVzaXZhLCBvIGRlcG9zaXRhbnRlIG1hbnTDqW0gdG9kb3Mgb3MgZGlyZWl0b3MgZGUgYXV0b3IuCl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXwoKTGljZW7Dp2EgZGUgRGlzdHJpYnVpw6fDo28gTsOjbyBFeGNsdXNpdmEKCkFvIGNvbmNvcmRhciBjb20gZXN0YSBsaWNlbsOnYSBlIGFjZWl0w6EtbGEsIHZvY8OqIChhdXRvciBvdSBkZXRlbnRvciBkb3MgZGlyZWl0b3MgYXV0b3JhaXMpOgoKYSkgRGVjbGFyYSBxdWUgY29uaGVjZSBhIHBvbMOtdGljYSBkZSBjb3B5cmlnaHQgZGEgZWRpdG9yYSBkbyBzZXUgZG9jdW1lbnRvOwpiKSBEZWNsYXJhIHF1ZSBjb25oZWNlIGUgYWNlaXRhIGFzIERpcmV0cml6ZXMgcGFyYSBvIFJlcG9zaXTDs3JpbyBJbnN0aXR1Y2lvbmFsIGRhIFVGUEU7CmMpIENvbmNlZGUgw6AgVUZQRSBvIGRpcmVpdG8gbsOjbyBleGNsdXNpdm8gZGUgYXJxdWl2YXIsIHJlcHJvZHV6aXIsIGNvbnZlcnRlciAoY29tbyBkZWZpbmlkbyBhIHNlZ3VpciksIGNvbXVuaWNhciBlL291IGRpc3RyaWJ1aXIsIG5vIFJJLCBvIGRvY3VtZW50byBlbnRyZWd1ZSAoaW5jbHVpbmRvIG8gcmVzdW1vL2Fic3RyYWN0KSBlbSBmb3JtYXRvIGRpZ2l0YWwgb3UgcG9yIG91dHJvIG1laW87CmQpIERlY2xhcmEgcXVlIGF1dG9yaXphIGEgVUZQRSBhIGFycXVpdmFyIG1haXMgZGUgdW1hIGPDs3BpYSBkZXN0ZSBkb2N1bWVudG8gZSBjb252ZXJ0w6otbG8sIHNlbSBhbHRlcmFyIG8gc2V1IGNvbnRlw7pkbywgcGFyYSBxdWFscXVlciBmb3JtYXRvIGRlIGZpY2hlaXJvLCBtZWlvIG91IHN1cG9ydGUsIHBhcmEgZWZlaXRvcyBkZSBzZWd1cmFuw6dhLCBwcmVzZXJ2YcOnw6NvIChiYWNrdXApIGUgYWNlc3NvOwplKSBEZWNsYXJhIHF1ZSBvIGRvY3VtZW50byBzdWJtZXRpZG8gw6kgbyBzZXUgdHJhYmFsaG8gb3JpZ2luYWwgZSBxdWUgZGV0w6ltIG8gZGlyZWl0byBkZSBjb25jZWRlciBhIHRlcmNlaXJvcyBvcyBkaXJlaXRvcyBjb250aWRvcyBuZXN0YSBsaWNlbsOnYS4gRGVjbGFyYSB0YW1iw6ltIHF1ZSBhIGVudHJlZ2EgZG8gZG9jdW1lbnRvIG7Do28gaW5mcmluZ2Ugb3MgZGlyZWl0b3MgZGUgb3V0cmEgcGVzc29hIG91IGVudGlkYWRlOwpmKSBEZWNsYXJhIHF1ZSwgbm8gY2FzbyBkbyBkb2N1bWVudG8gc3VibWV0aWRvIGNvbnRlciBtYXRlcmlhbCBkbyBxdWFsIG7Do28gZGV0w6ltIG9zIGRpcmVpdG9zIGRlCmF1dG9yLCBvYnRldmUgYSBhdXRvcml6YcOnw6NvIGlycmVzdHJpdGEgZG8gcmVzcGVjdGl2byBkZXRlbnRvciBkZXNzZXMgZGlyZWl0b3MgcGFyYSBjZWRlciDDoApVRlBFIG9zIGRpcmVpdG9zIHJlcXVlcmlkb3MgcG9yIGVzdGEgTGljZW7Dp2EgZSBhdXRvcml6YXIgYSB1bml2ZXJzaWRhZGUgYSB1dGlsaXrDoS1sb3MgbGVnYWxtZW50ZS4gRGVjbGFyYSB0YW1iw6ltIHF1ZSBlc3NlIG1hdGVyaWFsIGN1am9zIGRpcmVpdG9zIHPDo28gZGUgdGVyY2Vpcm9zIGVzdMOhIGNsYXJhbWVudGUgaWRlbnRpZmljYWRvIGUgcmVjb25oZWNpZG8gbm8gdGV4dG8gb3UgY29udGXDumRvIGRvIGRvY3VtZW50byBlbnRyZWd1ZTsKZykgU2UgbyBkb2N1bWVudG8gZW50cmVndWUgw6kgYmFzZWFkbyBlbSB0cmFiYWxobyBmaW5hbmNpYWRvIG91IGFwb2lhZG8gcG9yIG91dHJhIGluc3RpdHVpw6fDo28gcXVlIG7Do28gYSBVRlBFLMKgZGVjbGFyYSBxdWUgY3VtcHJpdSBxdWFpc3F1ZXIgb2JyaWdhw6fDtWVzIGV4aWdpZGFzIHBlbG8gcmVzcGVjdGl2byBjb250cmF0byBvdSBhY29yZG8uCgpBIFVGUEUgaWRlbnRpZmljYXLDoSBjbGFyYW1lbnRlIG8ocykgbm9tZShzKSBkbyhzKSBhdXRvciAoZXMpIGRvcyBkaXJlaXRvcyBkbyBkb2N1bWVudG8gZW50cmVndWUgZSBuw6NvIGZhcsOhIHF1YWxxdWVyIGFsdGVyYcOnw6NvLCBwYXJhIGFsw6ltIGRvIHByZXZpc3RvIG5hIGFsw61uZWEgYykuCg==Repositório InstitucionalPUBhttps://repositorio.ufpe.br/oai/requestattena@ufpe.bropendoar:22212019-10-26T06:21:43Repositório Institucional da UFPE - Universidade Federal de Pernambuco (UFPE)false
dc.title.pt_BR.fl_str_mv Contributions to in-vehicle networks: error injection and intrusion detection system for CAN, and audio video bridging synchronization
title Contributions to in-vehicle networks: error injection and intrusion detection system for CAN, and audio video bridging synchronization
spellingShingle Contributions to in-vehicle networks: error injection and intrusion detection system for CAN, and audio video bridging synchronization
ARAUJO FILHO, Paulo Freitas de
Redes de computadores
Técnicas de injeção de erros
title_short Contributions to in-vehicle networks: error injection and intrusion detection system for CAN, and audio video bridging synchronization
title_full Contributions to in-vehicle networks: error injection and intrusion detection system for CAN, and audio video bridging synchronization
title_fullStr Contributions to in-vehicle networks: error injection and intrusion detection system for CAN, and audio video bridging synchronization
title_full_unstemmed Contributions to in-vehicle networks: error injection and intrusion detection system for CAN, and audio video bridging synchronization
title_sort Contributions to in-vehicle networks: error injection and intrusion detection system for CAN, and audio video bridging synchronization
author ARAUJO FILHO, Paulo Freitas de
author_facet ARAUJO FILHO, Paulo Freitas de
author_role author
dc.contributor.authorLattes.pt_BR.fl_str_mv http://lattes.cnpq.br/8618484705816309
dc.contributor.advisorLattes.pt_BR.fl_str_mv http://lattes.cnpq.br/9838400375894439
dc.contributor.author.fl_str_mv ARAUJO FILHO, Paulo Freitas de
dc.contributor.advisor1.fl_str_mv CAMPELO, Divanilson Rodrigo de Sousa
contributor_str_mv CAMPELO, Divanilson Rodrigo de Sousa
dc.subject.por.fl_str_mv Redes de computadores
Técnicas de injeção de erros
topic Redes de computadores
Técnicas de injeção de erros
description Vehicles are equipped with Electronic Control Units (ECUs) responsible for performing tasks as simple as lighting up brake lights or as complex as controlling the wheels of an electric car. The exchange of information between ECUs uses the Controller Area Network (CAN) and the Controller Area Network with Flexible Data Rate (CAN FD), which provides higher data rates and payloads, as the main and most used intra-vehicular networks, at least until today. Interconnected ECUs must work perfectly and interact with each other as well as with other car components in a reliable way, thus it is indispensable to test and predict the behavior of these units in error situations. For this, an error injection mechanism can be very advantageous for checking various error conditions in real-world scenarios that affect the safety of vehicles. Furthermore, nowadays, cars are also equipped with network technologies that provide connectivity to the external world. This offers numerous possibilities in terms of new applications and services to be provided, however makes the car a network node subject to cyber-attacks. It is then necessary to provide security mechanisms to prevent, or at least detect, attacks. Besides CAN and CAN FD networks, the advent of 100BASE-T1 Ethernet has feasible the outcome of many new automotive applications with higher bandwidth demands. In order to be use Ethernet in applications that require determinism, a series of IEEE standards, which together constitute the Audio Video Bridging (AVB), were developed and proposed. The IEEE 802.1AS, for instance, is the AVB standard that defines the generalized Precision Time Protocol (gPTP), responsible for node synchronization within AVB networks. In this context, this dissertation intends to make contributions for CAN/CAN FD networks as well as for the automotive Ethernet. For CAN networks, it proposes a novel Error Injection Technique to assist with system level validation tests and also an Intrusion Detection System based on machine learning algorithms. For automotive Ethernet, it designs and proposes a hardware implementation of the gPTP protocol that achieves the required nanoseconds precision, while also providing implementation details for future researches on that protocol.
publishDate 2018
dc.date.issued.fl_str_mv 2018-07-04
dc.date.accessioned.fl_str_mv 2019-08-19T18:34:27Z
dc.date.available.fl_str_mv 2019-08-19T18:34:27Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/masterThesis
format masterThesis
status_str publishedVersion
dc.identifier.uri.fl_str_mv https://repositorio.ufpe.br/handle/123456789/31916
url https://repositorio.ufpe.br/handle/123456789/31916
dc.language.iso.fl_str_mv eng
language eng
dc.rights.driver.fl_str_mv Attribution-NonCommercial-NoDerivs 3.0 Brazil
http://creativecommons.org/licenses/by-nc-nd/3.0/br/
info:eu-repo/semantics/openAccess
rights_invalid_str_mv Attribution-NonCommercial-NoDerivs 3.0 Brazil
http://creativecommons.org/licenses/by-nc-nd/3.0/br/
eu_rights_str_mv openAccess
dc.publisher.none.fl_str_mv Universidade Federal de Pernambuco
dc.publisher.program.fl_str_mv Programa de Pos Graduacao em Ciencia da Computacao
dc.publisher.initials.fl_str_mv UFPE
dc.publisher.country.fl_str_mv Brasil
publisher.none.fl_str_mv Universidade Federal de Pernambuco
dc.source.none.fl_str_mv reponame:Repositório Institucional da UFPE
instname:Universidade Federal de Pernambuco (UFPE)
instacron:UFPE
instname_str Universidade Federal de Pernambuco (UFPE)
instacron_str UFPE
institution UFPE
reponame_str Repositório Institucional da UFPE
collection Repositório Institucional da UFPE
bitstream.url.fl_str_mv https://repositorio.ufpe.br/bitstream/123456789/31916/6/DISSERTA%c3%87%c3%83O%20Paulo%20Freitas%20de%20Ara%c3%bajo%20Filho.pdf.jpg
https://repositorio.ufpe.br/bitstream/123456789/31916/1/DISSERTA%c3%87%c3%83O%20Paulo%20Freitas%20de%20Ara%c3%bajo%20Filho.pdf
https://repositorio.ufpe.br/bitstream/123456789/31916/3/license.txt
https://repositorio.ufpe.br/bitstream/123456789/31916/4/license_rdf
https://repositorio.ufpe.br/bitstream/123456789/31916/5/DISSERTA%c3%87%c3%83O%20Paulo%20Freitas%20de%20Ara%c3%bajo%20Filho.pdf.txt
bitstream.checksum.fl_str_mv 297001dad3113a7a9f13a8054da4f258
6a3862c5b2867c163b1f0ba67e87bfbf
4b8a02c7f2818eaf00dcf2260dd5eb08
e39d27027a6cc9cb039ad269a5db8e34
3f796f5a911aefe2479294e94883731e
bitstream.checksumAlgorithm.fl_str_mv MD5
MD5
MD5
MD5
MD5
repository.name.fl_str_mv Repositório Institucional da UFPE - Universidade Federal de Pernambuco (UFPE)
repository.mail.fl_str_mv attena@ufpe.br
_version_ 1862741995008557056

Registros relacionados