Publications

Publications in 2022 of type Article (English)

Filter by Year: All, 2022, 2021, 2020, 2019, 2018, 2017, 2016, 2015, 2014, 2013, 2012, 2011, 2010, 2009, 2008,
Filter by Type: All, Book, Article, Chapter, Conference Proceedings, Edited Conference Proceedings, Master Thesis, Bachelor Thesis, Technical Report, Miscellaneous,
Filter by Language: All, English, German,

    2022

    • Timo H├Ąckel, Philipp Meyer, Franz Korf, and Thomas C. Schmidt. Secure Time-Sensitive Software-Defined Networking in Vehicles. In: . Jan. 2022,
      [Abstract], [DOI], [ArXiv], [Bibtex]

      Current designs of future In-Vehicle Networks (IVN) prepare for switched Ethernet backbones, which can host advanced LAN technologies such as IEEE Time-Sensitive Networking (TSN) and Software-Defined Networking (SDN). In this work, we present an integrated Time-Sensitive Software-Defined Networking (TSSDN) architecture that simultaneously enables control of synchronous and asynchronous real-time and best-effort traffic for all IVN traffic classes using a central SDN controller. We validate that the control overhead of SDN can be added without a delay penalty for TSN traffic, provided protocols are properly mapped. Based on our TSSDN concept, we demonstrate adaptable and reliable network security mechanisms for in-vehicle communication. We systematically investigate different strategies for integrating in-vehicle control flows with switched Ether-networks and analyze their security implications for a software-defined IVN. We discuss embeddings of control flow identifiers on different layers, covering a range from a fully exposed mapping to deep encapsulations. We experimentally evaluate these strategies in a production vehicle which we map to a modern Ethernet topology. Our findings indicate that visibility of automotive control flows on lower network layers is essential for providing isolation and access control throughout the network infrastructure. Such a TSSDN backbone can establish and survey trust zones within the IVN and reduce the attack surface of connected cars in various attack scenarios.

      @Article{         hmks-stsdn-22,
        author        = {Timo H{\"a}ckel AND Philipp Meyer AND Franz Korf AND
                        Thomas C. Schmidt},
        title         = {{Secure Time-Sensitive Software-Defined Networking in
                        Vehicles}},
        month         = jan,
        year          = 2022,
        doi           = {https://doi.org/10.48550/arXiv.2201.00589},
        eprinttype    = {arxiv},
        eprint        = {2201.00589},
        abstract      = {Current designs of future In-Vehicle Networks (IVN)
                        prepare for switched Ethernet backbones, which can host
                        advanced LAN technologies such as IEEE Time-Sensitive
                        Networking (TSN) and Software-Defined Networking (SDN). In
                        this work, we present an integrated Time-Sensitive
                        Software-Defined Networking (TSSDN) architecture that
                        simultaneously enables control of synchronous and
                        asynchronous real-time and best-effort traffic for all IVN
                        traffic classes using a central SDN controller. We validate
                        that the control overhead of SDN can be added without a
                        delay penalty for TSN traffic, provided protocols are
                        properly mapped. Based on our TSSDN concept, we demonstrate
                        adaptable and reliable network security mechanisms for
                        in-vehicle communication. We systematically investigate
                        different strategies for integrating in-vehicle control
                        flows with switched Ether-networks and analyze their
                        security implications for a software-defined IVN. We
                        discuss embeddings of control flow identifiers on different
                        layers, covering a range from a fully exposed mapping to
                        deep encapsulations. We experimentally evaluate these
                        strategies in a production vehicle which we map to a modern
                        Ethernet topology. Our findings indicate that visibility of
                        automotive control flows on lower network layers is
                        essential for providing isolation and access control
                        throughout the network infrastructure. Such a TSSDN
                        backbone can establish and survey trust zones within the
                        IVN and reduce the attack surface of connected cars in
                        various attack scenarios.},
        groups        = {own, publications, simulation, tsn, security, sdn},
        langid        = {english}
      }