Hardware limitations to secure C-ITS: experimental evaluation and solutions

Cooperative Intelligent Transportation Systems (C-ITS) improve driving experience and safety through secure Vehicular Ad-hoc NETworks (VANETs) that satisfy strict security and performance constraints. Relevant standards, such as the IEEE 1609.2, prescribe network-efficient cryptographic protocols to reduce communication latencies through a combination of the Elliptic Curve Qu-Vanstone (ECQV) implicit certificate scheme and the Elliptic Curve Digital Signature Algorithm (ECDSA). However, literature lacks open implementations and performance evaluations for vehicular systems. This paper assesses the applicability of IEEE 1609.2 and of ECQV and ECDSA schemes to C-ITSs. We release an open implementation of the standard ECQV scheme to benchmark its execution time on automotive-grade hardware. Moreover, we evaluate its performance in real road and traffic scenarios and show that compliance with strict latency requirements defined for C-ITS requires computational resources that are not met by many automotive-grade embedded hardware platforms. As a final contribution, we propose and evaluate novel heuristics to reduce the number of signatures to be verified in real C-ITS scenarios

Sabella spallanzanii mucus contain a galactose-binding lectin able to agglutinate bacteria. Purification and characterization

Lectins are present in almost all living organisms and are involved in several biological processes, including immune responses. In the present study, a calcium dependent galactose-binding lectin exhibiting an apparent MW of 43 kDa has been characterized and purified from the mucus of the polychaete Sabella spallanzanii by using both affinity chromatography and high-pressure liquid chromatographic methods. Its agglutinating activity towards rabbit erythrocytes was significantly modified by the addition of calcium or EDTA. The activity was optimal at temperature values comprised between 4 and 18 \ub0C, maintain a 50% of activity between 20 and 37 \ub0C, was significant deleted after exposure at 50 \ub0C, and was depleted at 90 \ub0C. The S. spallanzanii Galactose-Binding Lectin (SsGBL) was able to agglutinate bacteria and to preferentially recognize Gram-negative bacteria. The strongest agglutinating activity was observed towards Vibrio alginolyticus and Escherichia coli, by contrast mucus agglutinated in a lesser extent both Aeromonas hydrophyla and the Gram-positive Micrococcus lysodeikticus thus suggesting its involvement in host pathogen interactions

Cnidarian immunity and the repertoire of defense mechanisms in anthozoans

Anthozoa is the most specious class of the phylum Cnidaria that is phylogenetically basal within the Metazoa. It is an interesting group for studying the evolution of mutualisms and immunity, for despite their morphological simplicity, Anthozoans are unexpectedly immunologically complex, with large genomes and gene families similar to those of the Bilateria. Evidence indicates that the Anthozoan innate immune system is not only involved in the disruption of harmful microorganisms, but is also crucial in structuring tissue-associated microbial communities that are essential components of the cnidarian holobiont and useful to the animal\u2019s health for several functions including metabolism, immune defense, development, and behavior. Here, we report on the current state of the art of Anthozoan immunity. Like other invertebrates, Anthozoans possess immune mechanisms based on self/non-self-recognition. Although lacking adaptive immunity, they use a diverse repertoire of immune receptor signaling pathways (PRRs) to recognize a broad array of conserved microorganism-associated molecular patterns (MAMP). The intracellular signaling cascades lead to gene transcription up to endpoints of release of molecules that kill the pathogens, defend the self by maintaining homeostasis, and modulate the wound repair process. The cells play a fundamental role in immunity, as they display phagocytic activities and secrete mucus, which acts as a physicochemical barrier preventing or slowing down the proliferation of potential invaders. Finally, we describe the current state of knowledge of some immune effectors in Anthozoan species, including the potential role of toxins and the inflammatory response in the Mediterranean Anthozoan Anemonia viridis following injection of various foreign particles differing in type and dimensions, including pathogenetic bacteria

READ: Reverse engineering of automotive data frames

Security analytics and forensics applied to in-vehicle networks are growing research areas that gained relevance after recent reports of cyber-attacks against unmodified licensed vehicles. However, the application of security analytics algorithms and tools to the automotive domain is hindered by the lack of public specifications about proprietary data exchanged over in-vehicle networks. Since the controller area network (CAN) bus is the de-facto standard for the interconnection of automotive electronic control units, the lack of public specifications for CAN messages is a key issue. This paper strives to solve this problem by proposing READ: A novel algorithm for the automatic Reverse Engineering of Automotive Data frames. READ has been designed to analyze traffic traces containing unknown CAN bus messages in order to automatically identify and label different types of signals encoded in the payload of their data frames. Experimental results based on CAN traffic gathered from a licensed unmodified vehicle and validated against its complete formal specifications demonstrate that the proposed algorithm can extract and classify more than twice the signals with respect to the previous related work. Moreover, the execution time of signal extraction and classification is reduced by two orders of magnitude. Applications of READ to CAN messages generated by real vehicles demonstrate its usefulness in the analysis of CAN traffic

Detection of missing CAN messages through inter-arrival time analysis

Recent cyber-attacks to real vehicles demonstrated the risks related to connected vehicles, and spawned several research effort aimed at proposing algorithms and architectural solutions to improve the security of these vehicles. Most of the documented attacks to the connected vehicles require the injection of maliciously forged messages to subvert the normal behaviour of the electronic microcontrollers. More recently, researchers discovered that by abusing error isolation mechanisms of the Controller Area Network (CAN), one of the protocols deployed for in-vehicle networking, it is possible to isolate a microcontroller from the vehicle internal network (namely bus-off attack), with possible severe implication on both safety and security. This vulnerability has already been exploited for gaining remote control of a vehicle, by driving a targeted microcontroller in bus-off and impersonating it through the injection of malicious messages on the CAN bus. This paper strives to counter bus-off attacks by proposing an algorithm for the detection of missing messages from the in- vehicle CAN bus. Bus-off attacks to in-vehicle network are simulated by removing messages from valid CAN traces recorded from an unmodified licensed vehicle. Experimental evaluations of our proposal and comparisons with previous work demonstrate that the proposed algorithms outperforms other detection algorithms, achieving almost perfect detection (F-score equal or near to 1.0) across different tests

Analyses of secure automotive communication protocols and their impact on vehicles life-cycle

Modern vehicles are complex cyber physical systems where communication protocols designed for physically isolated networks are now employed to connect Internet-enabled devices. This unforeseen increase in connectivity creates novel attack surfaces, and exposes safety-critical functions of the vehicle to cyber attacks. As standard security solutions are not applicable to vehicles due to resource constraints and compatibility issues, research is proposing tailored approaches to cope with existing systems and to design next generations vehicles. In this paper we focus on solutions based on cryptographic protocols to protect in-vehicle communications and prevent unauthorized manipulation of the vehicle behaviors. Existing proposals consider vehicles as monolithic systems and evaluate performance and costs of the proposed solutions without considering the complex life-cycle of automotive components and the multifaceted automotive ecosystem that includes a large number of actors. The main contribution of this paper is a study of the impact of security solutions by considering vehicles life-cycle. We model existing proposals and highlight their impacts on vehicles production and maintenance operations by taking into consideration interactions among multiple players. Finally, we give insights on the requirements of architectures for secure intra-vehicular protocols

Are VANETs pseudonyms effective? An experimental evaluation of pseudonym tracking in adversarial scenario

With the increasing adoption of Vehicular Ad Hoc Networks (VANETs) for the development of Cooperative Intelligent Transportation Systems (C-ITS) many concerns regarding privacy and anonymity in VANETs have been raised by security researchers and practitioners, highlighting the need for effective mechanisms to protect sensitive information exchanged by connected vehicles. One of the first concerns is related to the vehicle's identifier, a field contained in the messages sent from the vehicle and that can be used to track the vehicle across the infrastructure, with consequent severe implications on the privacy of the driver. Consequently, VANET communications leverage short-lived pseudonyms instead of persistent vehicle's identifiers, aiming to enhance the privacy of the vehicle. Pseudonym change schemes proposed in the literature are effective in masking the real sender of a given message, but they do not guarantee privacy against attackers that can monitor and correlate multiple messages among themselves. This paper evaluates 5 different pseudonym change mechanisms against a realistic threat model. Our results demonstrate that it is possible for a realistic attacker to reliably track multiple vehicles, with minor differences across different pseudonym change schemes