LAUSR

Smart vehicles and industrial control systems becoming increasingly complex. They are comprised of a large number of connected intelligence sensor devices. For such systems, Controller Area Network (CAN) bus offer high-integrity serial communication capabilities. It transformed the way how these systems are networked. Due to the lack of data security features on CAN-enabled systems, many of these systems are vulnerable to a wide range of cyber threats. This article proposed the development of a crypto-based subsystem that is capable of supporting CAN authenticated data encryption/decryption, crypto-provable data traceability, and replay attack detection capabilities. Data confidentiality was achieved via the deployment of a lightweight block cipher authenticated encryption scheme based on TinyJAMBU-128. Crypto-provable data traceability was accomplished through the utilization of a block-chaining approach. Meanwhile, an anti-replay attack mechanism that implements CAN message context awareness has been tested and validated under various data infection rates. Our CAN security subsystem was fully implemented and deployed on a testbed with multiple STM32 Nucleo development boards. System performance for our security schemes was analyzed and compared with traditional encryption schemes AES, ARIA, and Camellia with SHA-512 for supporting message authentication. Based on our performance results, the proposed security subsystem achieved the lowest CAN bus load and average message overhead compared to other encryption schemes. In the case of the anti-replay attack mechanism, we were able to reach a detection rate of 99.99% for data infection rate below 20%.