Routing Methods Considering Security and Real-Time of Vehicle Gateway System 2020-01-1294
Recently, vehicle networks have increased complexity due to the demand for autonomous driving or connected devices. This increasing complexity requires high bandwidth. As a result, vehicle manufacturers have begun using Ethernet-based communication for high-speed links. In order to deal with the heterogeneity of such networks where legacy automotive buses have to coexist with high-speed Ethernet links vehicle manufacturers introduced a vehicle gateway system. The system uses Ethernet as a backbone between domain controllers and CAN buses for communication between internal controllers.
As a central point in the vehicle, the gateway is constantly exchanging vehicle data in a heterogeneous communication environment between the existing CAN and Ethernet networks. In an in-vehicle network context where the communications are strictly time-constrained, it is necessary to measure the delay for such routing task. In addition, due to the cyber-security risk, the security functions to ensure the integrity of the message has to be considered.
This paper investigate the delay impact of the gateway routing of CAN frames considering security. In case of security, the CMAC is used to guarantee the integrity of CAN network messages and Ethernet messages. The generation and verification of the CMAC uses the Hardware Security Module (HSM) included in the Aurix 2G microcontroller . We study 2 routing methods: a direct method without security check and an indirect method ensuring message integrity. To that end, our implementation uses an Infineon MCU, the AURIX TC397 and a FESCARO HSM software platform to apply security features.