Zero Trust in Autonomous Vehicle Networks Utilizing Automotive Ethernet
dc.contributor.author | Blåberg Kristoffersson, John | |
dc.contributor.department | Chalmers tekniska högskola / Institutionen för data och informationsteknik | sv |
dc.contributor.department | Chalmers University of Technology / Department of Computer Science and Engineering | en |
dc.contributor.examiner | Olovsson, Tomas | |
dc.contributor.supervisor | Sabelfeld, Andrei | |
dc.date.accessioned | 2022-11-30T14:38:26Z | |
dc.date.available | 2022-11-30T14:38:26Z | |
dc.date.issued | 2022 | |
dc.date.submitted | 2020 | |
dc.description.abstract | If fully autonomous vehicles are going to become a reality, there has to be a significant investment in proper security measures. One of the measures that should be taken is to move the internal network security model away from perimeter security to a zero trust model. With a perimeter security model, if a malicious actor were able to connect to the in-vehicle network, they would be able to send arbitrary data to the different ECUs. The zero trust model requires continuous authentication of all devices, removing any chance for a malicious third party to connect to the network. This has not been possible due to the low bandwidth of legacy bus protocols, but with the introduction of automotive Ethernet, the bandwidth is no longer a limitation. This thesis evaluates the viability of a zero trust network architecture in the internal network of an autonomous vehicle. This includes evaluating the performance impact of two different security protocols for guaranteeing message integrity, IPsec and MACsec, and the performance impact of retrofitting security protocol support with “Bump-in-the-Wire” devices. Lastly, a design for implementing key distribution and authentication is presented. The work found that adding message integrity did not substantially increase latency but did take up many CPU cycles. Thus, cryptographic hardware acceleration might be necessary to make a zero trust environment viable in a production setting. | |
dc.identifier.coursecode | DATX05 | |
dc.identifier.uri | https://odr.chalmers.se/handle/20.500.12380/305856 | |
dc.setspec.uppsok | Technology | |
dc.subject | automotive security | |
dc.subject | MACsec | |
dc.subject | IPsec | |
dc.subject | automotive ethernet | |
dc.subject | zero trust | |
dc.title | Zero Trust in Autonomous Vehicle Networks Utilizing Automotive Ethernet | |
dc.type.degree | Examensarbete för masterexamen | sv |
dc.type.degree | Master's Thesis | en |
dc.type.uppsok | H | |
local.programme | Computer systems and networks (MPCSN), MSc |