This year’s ESORICS was held in Crete, Greece, and was sponsored by Shield Lab, a Huawei department focused on key security technology research for future ICT. At the conference, Dr. Tieyan Li and Dr. Guilin Wang, two Shield Lab security experts, were invited to speak on the security of connected cars.
Dr. Tieyan Li said: "To mitigate external and internal threats to vehicles and better protect the vehicle network, a new layered vehicle security architecture is needed. The outer defense layer utilizes V2X authentication techniques to defer unauthorized network access to the vehicle. The inner defense layer uses firewall and learning-based detection techniques to isolate HMI system and in-vehicle network, enforce access control and detect anomalies. Existing architecture lacks the necessary security mechanisms to defend against attacks penetrating the external and internal vehicle network. Thus, we need a layered approach to protect safety-critical CAN bus and ECUs."
Dr. Guilin Wang shared recent research results achieved by Shield Lab in developing two key technologies to support the layered vehicle security architecture. The first one is a neat and efficient solution for authenticated CAN Bus messages, which is based on international standard ISO/IEC 9798-2, and which can be integrated into vehicles without additional hardware. The other one is an anonymous authentication scheme for V2X, based on a mechanism called extended dynamic accumulator, that guarantees the authenticity of communications between two vehicles (or a vehicle and a road side unit), but does not reveal the sender’s identity, which satisfies the requirements of security, privacy, efficiency and dynamic group member management given by the Society of Automotive Engineers (SAE J2945/1).
In summary, Huawei’s Shield Lab believes that to address the challenging security threats vehicles face, academia and industry should collaborate tightly to explore interdisciplinary security topics and then develop international vehicular security standards.