Zero Trust in Autonomous Vehicle Networks Utilizing Automotive Ethernet

dc.contributor.authorBlåberg Kristoffersson, John
dc.contributor.departmentChalmers tekniska högskola / Institutionen för data och informationstekniksv
dc.contributor.departmentChalmers University of Technology / Department of Computer Science and Engineeringen
dc.contributor.examinerOlovsson, Tomas
dc.contributor.supervisorSabelfeld, Andrei
dc.date.accessioned2022-11-30T14:38:26Z
dc.date.available2022-11-30T14:38:26Z
dc.date.issued2022
dc.date.submitted2020
dc.description.abstractIf fully autonomous vehicles are going to become a reality, there has to be a significant investment in proper security measures. One of the measures that should be taken is to move the internal network security model away from perimeter security to a zero trust model. With a perimeter security model, if a malicious actor were able to connect to the in-vehicle network, they would be able to send arbitrary data to the different ECUs. The zero trust model requires continuous authentication of all devices, removing any chance for a malicious third party to connect to the network. This has not been possible due to the low bandwidth of legacy bus protocols, but with the introduction of automotive Ethernet, the bandwidth is no longer a limitation. This thesis evaluates the viability of a zero trust network architecture in the internal network of an autonomous vehicle. This includes evaluating the performance impact of two different security protocols for guaranteeing message integrity, IPsec and MACsec, and the performance impact of retrofitting security protocol support with “Bump-in-the-Wire” devices. Lastly, a design for implementing key distribution and authentication is presented. The work found that adding message integrity did not substantially increase latency but did take up many CPU cycles. Thus, cryptographic hardware acceleration might be necessary to make a zero trust environment viable in a production setting.
dc.identifier.coursecodeDATX05
dc.identifier.urihttps://odr.chalmers.se/handle/20.500.12380/305856
dc.setspec.uppsokTechnology
dc.subjectautomotive security
dc.subjectMACsec
dc.subjectIPsec
dc.subjectautomotive ethernet
dc.subjectzero trust
dc.titleZero Trust in Autonomous Vehicle Networks Utilizing Automotive Ethernet
dc.type.degreeExamensarbete för masterexamensv
dc.type.degreeMaster's Thesisen
dc.type.uppsokH
local.programmeComputer systems and networks (MPCSN), MSc
Ladda ner
Original bundle
Visar 1 - 1 av 1
Hämtar...
Bild (thumbnail)
Namn:
CSE 22-95 Blåberg Kristoffersson.pdf
Storlek:
1.48 MB
Format:
Adobe Portable Document Format
Beskrivning:
License bundle
Visar 1 - 1 av 1
Hämtar...
Bild (thumbnail)
Namn:
license.txt
Storlek:
1.64 KB
Format:
Item-specific license agreed upon to submission
Beskrivning: