From Attack to Defense: Toward Secure In-vehicle Networks

New security breaches in vehicles are emerging due to software-driven Electronic Control Units (ECUs) and wireless connectivity of modern vehicles. These trends have introduced more remote surfaces/endpoints that an adversary can exploit and, in the worst case, use to control the vehicle remotely. Researchers have demonstrated how vulnerabilities in remote endpoints can be exploited to compromise ECUs, access in-vehicle networks, and control vehicle maneuvers. To detect and prevent such vehicle cyber attacks, researchers have also developed and proposed numerous countermeasures (e.g., Intrusion Detection Systems and message authentication schemes). However, there still remain potentially critical attacks that existing defense schemes can neither detect/prevent nor consider. Moreover, existing defense schemes lack certain functionalities (e.g., identifying the message transmitter), thus not providing strong protection for safety-critical ECUs against in-vehicle network attacks. With all such unexplored and unresolved security issues, vehicles and drivers/passengers will remain insecure. This dissertation aims to fill this gap by 1) unveiling a new important and critical vulnerability applicable to several in-vehicle networks (including the Controller Area Network (CAN), the de-facto standard protocol), 2) proposing a new Intrusion Detection System (IDS) which can detect not only those attacks that have already been demonstrated or discussed in literature, but also those that are more acute and cannot be detected by state-of-the-art IDSes, 3) designing an attacker identification scheme that provides a swift pathway for forensic, isolation, security patch, etc., and 4) investigating what an adversary can achieve while the vehicle’s ignition is off. First, we unveil a new type of Denial-of-Service (DoS) attack called the bus-off attack that, ironically, exploits the error-handling scheme of in-vehicle networks. That is, their fault-confinement mechanism — which has been considered as one of their major advantages in providing fault-tolerance and robustness — is used as an attack vector. Next, we propose a new anomaly-based IDS that detects intrusions based on the extracted fingerprints of ECUs. Such a capability overcomes the deficiency of existing IDSes and thus detects a wide range of in-vehicle network attacks, including those existing schemes cannot. Then, we propose an attacker identification scheme that provides a swift pathway for forensic, isolation, and security patch. This is achieved by fingerprinting ECUs based on CAN voltage measurements. It takes advantage of the fact that voltage outputs of each ECU are slightly different from each other due to their differences in supply voltage, ground voltage, resistance values, etc. Lastly, we propose two new attack methods called the Battery-Drain and the Denial-of-Body-control attacks through which an adversary can disable parked vehicles with the ignition off. These attacks invalidate the conventional belief that vehicle cyber attacks are feasible and thus their defenses are required only when the vehicles ignition is on.PHDComputer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttps://deepblue.lib.umich.edu/bitstream/2027.42/144125/1/ktcho_1.pd

A NOVEL MESSAGE ROUTING LAYER FOR THE COMMUNICATION MANAGEMENT OF DISTRIBUTED EMBEDDED SYSTEMS

Fault tolerant and distributed embedded systems are research areas that have the interest of such entities as NASA, the Department of Defense, and various other government agencies, corporations, and universities. Taking a system and designing it to work in the presence of faults is appealing to these entities as it inherently increases the reliability of the deployed system. There are a few different fault tolerant techniques that can be implemented in a system design to handle faults as they occur. One such technique is the reconfiguration of a portion of the system to a redundant resource. This is a difficult task to manage within a distributed embedded system because of the distributed, directly addressed data producer and consumer dependencies that exist in common network infrastructures. It is the goal of this thesis work to develop a novel message routing layer for the communication management of distributed embedded systems that reduces the complexity of this problem. The resulting product of this thesis provides a robust approach to the design, implementation, integration, and deployment of a distributed embedded system

Construction kit for computationally enabled textiles

Thesis (S.M.)--Massachusetts Institute of Technology, School of Architecture and Planning, Program in Media Arts and Sciences, 2006.Includes bibliographical references (p. 87-89).As technology moves forward, electronics have enmeshed with every aspect of daily life. Some pioneers have also embraced electronics as a means of expression and exploration, creating the fields of wearable computing and electronic textiles. While wearable computing and electronic textiles seem superficially connected as fields of investigation, in fact they are currently widely separated. However, as the field of electronic textiles grows and matures, it has become apparent that better tools and techniques are necessary in order for artists and designers interested in using electronic textiles as a means of expression and function to be able to use the full capabilities of the available technology. It remains generally outside the reach of the average designer or artist to create e-textile experiences, thus preventing them from appropriating the technology, and in turn allowing the general public to accept and exploit the technology. There is clearly a need to facilitate this cross-pollination between the technical and design domains both in order to foster greater creativity and depth in the field of electronic textiles, and in order to bring greater social acceptability to wearable computing.(cont.) This thesis introduces behavioral textiles, the intersection of wearable computing and electronic textiles that brings the interactive capability of wearable electronics to electronic textiles. As a means of harnessing this capability, the thesis also presents subTextile, a powerful and novel visual programming language and development. Design guidelines for hardware that can be used with the development environment to create complete behavioral textile systems are also presented. Using a rich, goal-oriented interface, subTextile makes it possible for novices to explore electronic textiles without concern for technical details. This thesis presents the design considerations and motivations that drove the creation of subTextile. Also presented are the result of a preliminary evaluation of the language, done with a sample chosen to represent users with varying capabilities in both the technical and design domains.by Sajid H. Sadi.S.M

Design and Validation of Network-on-Chip Architectures for the Next Generation of Multi-synchronous, Reliable, and Reconfigurable Embedded Systems

NETWORK-ON-CHIP (NoC) design is today at a crossroad. On one hand, the design principles to efficiently implement interconnection networks in the resource-constrained on-chip setting have stabilized. On the other hand, the requirements on embedded system design are far from stabilizing. Embedded systems are composed by assembling together heterogeneous components featuring differentiated operating speeds and ad-hoc counter measures must be adopted to bridge frequency domains. Moreover, an unmistakable trend toward enhanced reconfigurability is clearly underway due to the increasing complexity of applications. At the same time, the technology effect is manyfold since it provides unprecedented levels of system integration but it also brings new severe constraints to the forefront: power budget restrictions, overheating concerns, circuit delay and power variability, permanent fault, increased probability of transient faults. Supporting different degrees of reconfigurability and flexibility in the parallel hardware platform cannot be however achieved with the incremental evolution of current design techniques, but requires a disruptive approach and a major increase in complexity. In addition, new reliability challenges cannot be solved by using traditional fault tolerance techniques alone but the reliability approach must be also part of the overall reconfiguration methodology. In this thesis we take on the challenge of engineering a NoC architectures for the next generation systems and we provide design methods able to overcome the conventional way of implementing multi-synchronous, reliable and reconfigurable NoC. Our analysis is not only limited to research novel approaches to the specific challenges of the NoC architecture but we also co-design the solutions in a single integrated framework. Interdependencies between different NoC features are detected ahead of time and we finally avoid the engineering of highly optimized solutions to specific problems that however coexist inefficiently together in the final NoC architecture. To conclude, a silicon implementation by means of a testchip tape-out and a prototype on a FPGA board validate the feasibility and effectivenes

A hardware-embedded, delay-based PUF engine designed for use in cryptographic and authentication applications

Cryptographic and authentication applications in application-specific integrated circuits (ASICs) and field-programmable gate arrays (FPGAs), as well as codes for the activation of on-chip features, require the use of embedded secret information. The generation of secret bitstrings using physical unclonable functions, or PUFs, provides several distinct advantages over conventional methods, including the elimination of costly non-volatile memory, and the potential to increase the random bits available to applications. In this dissertation, a Hardware-Embedded Delay PUF (HELP) is proposed that is designed to leverage path delay variations that occur in the core logic macros of a chip to create random bitstrings. A thorough discussion is provided of the operational details of an embedded path timing structure called REBEL that is used by HELP to provide the timing functionality upon which HELP relies for the entropy source for the cryptographic quality of the bitstrings. Further details of the FPGA-based implementation used to prove the viability of the HELP PUF concept are included, along with a discussion of the evolution of the techniques employed in realizing the final PUF engine design. The bitstrings produced by a set of 30 FPGA boards are evaluated with regard to several statistical quality metrics including uniqueness, randomness, and stability. The stability characteristics of the bitstrings are evaluated by subjecting the FPGAs to commercial-grade temperature and power supply voltage variations. In particular, this work evaluates the reproducibility of the bitstrings generated at 0C, 25C, and 70C, and 10% of the rated supply voltage. A pair of error avoidance schemes are proposed and presented that provide significant improvements to the HELP PUF\u27s resiliency against bit-flip errors in the bitstrings

CROSS-LAYER DESIGN, OPTIMIZATION AND PROTOTYPING OF NoCs FOR THE NEXT GENERATION OF HOMOGENEOUS MANY-CORE SYSTEMS

This thesis provides a whole set of design methods to enable and manage the runtime heterogeneity of features-rich industry-ready Tile-Based Networkon- Chips at different abstraction layers (Architecture Design, Network Assembling, Testing of NoC, Runtime Operation). The key idea is to maintain the functionalities of the original layers, and to improve the performance of architectures by allowing, joint optimization and layer coordinations. In general purpose systems, we address the microarchitectural challenges by codesigning and co-optimizing feature-rich architectures. In application-specific NoCs, we emphasize the event notification, so that the platform is continuously under control. At the network assembly level, this thesis proposes a Hold Time Robustness technique, to tackle the hold time issue in synchronous NoCs. At the network architectural level, the choice of a suitable synchronization paradigm requires a boost of synthesis flow as well as the coexistence with the DVFS. On one hand this implies the coexistence of mesochronous synchronizers in the network with dual-clock FIFOs at network boundaries. On the other hand, dual-clock FIFOs may be placed across inter-switch links hence removing the need for mesochronous synchronizers. This thesis will study the implications of the above approaches both on the design flow and on the performance and power quality metrics of the network. Once the manycore system is composed together, the issue of testing it arises. This thesis takes on this challenge and engineers various testing infrastructures. At the upper abstraction layer, the thesis addresses the issue of managing the fully operational system and proposes a congestion management technique named HACS. Moreover, some of the ideas of this thesis will undergo an FPGA prototyping. Finally, we provide some features for emerging technology by characterizing the power consumption of Optical NoC Interfaces