A Name-Based Secure Communications Architecture for Vehicular Networks


Forthcoming automotive cybersecurity standards such as ISO 21434 and regulations such as WP.29 make it imperative that automakers establish cybersecurity-by-design practices. Vehicle communication cybersecurity (both in- and out-of-vehicle) is crucial in achieving this goal. With the adoption of automotive Ethernet, automakers are turning to the Internet protocol suite (IP) to achieve the desired cybersecurity properties. However, security was always an add-on to Internet protocols, resulting in well-known security weaknesses such as spoofing, denial of service attacks, lack of authentication and more. Such weaknesses may unwittingly be brought to the automotive space.In this position paper we take the position that the automotive industry should investigate other networking architectures besides IP as they move away from existing architectures such as CAN. Specifically, we propose Named Data Networking (NDN), an architecture that incorporates unified security-by-design from the network to the application layers. While NDN has not yet been used for in-vehicle communication, our position is that its superiority to IP, especially in security, makes it a strong candidate. Unlike IP, which secures the communication channel between two entities, NDN secures the content through digital signatures that cryptographically bind a name to the content, ensuring both authentication and integrity of the data. NDN is analogous to a pub-sub model and can be implemented directly over L2 or L3 layers.

Publication Title

IEEE Vehicular Networking Conference, VNC