Performance Evaluation of a Hardware Security Module in Vehicles

Abstract

With the rapidly increasing computerization of vehicles, cyber security has more and more become a very important aspect of modern automobiles. A vehicle consists of a large number of electronic control units (ECUs), all connected by a network. The ECUs and the communication between them need to be protected from illegal use by vehicle owners as well as cyber attacks from malicious actors. This protection is provided through the use of cryptographic techniques such as message encryption and authentication. The operations and calculations related to cryptography can be performed by the processor in the ECU itself, but that puts an additional strain on the limited computational capabilities of the ECU. A hardware security module (HSM) is a device that has hardware acceleration for cryptographic operations. Using an HSM alongside an ECU to perform cryptographic operations could thus offload the ECU, which means the computational power of the ECU can be used to perform its regular duties. In this thesis, we have evaluated the use of HSMs in a vehicle environment with regards to performance. This included comparing the performance of an HSM versus a cryptographic solution implemented purely in software, as well as investigating security and performance trade-offs of different HSM configurations. It was found that using an HSM considerably improves performance of using cryptography, both in terms of increasing the speed of cryptographic operations as well as offloading the ECU CPU. Furthermore, it was also found that adding a message authetication code (MAC) to messages in the Controller Area Network (CAN) protocol results in a relatively large amount of overhead data, which consequently contributes significantly to the bus load. This makes it an infeasible method to use in many cases. However, according to our work using CAN-FD alleviates this problem considerably.