cast-inc.com, Oct. 22, 2024 –
1. Zonal E/E Architecture and Implications for Automotive Cybersecurity
Vehicle electrical/electronic architecture (E/E architecture) is currently undergoing a change from a domain-based to a zonal architecture, breaking through the clear separation into functional domains, such as infotainment, chassis control, or powertrain. In the zonal approach, end devices are not distributed and networked according to their function but by their optimal location within the vehicle, which should significantly reduce the length and weight of the wiring harness. This change leads to significantly greater flexibility because previous concepts required a separate electronic control unit (ECU) for each vehicle function.
Functions can now be combined in fewer ECUs, which will also increase the interoperability and performance of the individual devices in the car. The use of middleware, which serves as a software-based overlay across ECUs, is expected to facilitate cross-functional communication, a concept also known as the software-defined vehicle. Domain-specific data paths are replaced by an infrastructure in which data packets can be forwarded to any other point in the network. The architecture offers many advantages in terms of cost and weight savings but also holds potential for new security vulnerabilities, such as in well-established signal-based communication protocols like the CAN bus.
The CAN bus has been a central element in vehicle E/E architecture for more than 20 years, enabling real-time serial transmission of data between ECUs and sensors. Although it is present in many vehicles, it is vulnerable to security threats.
Developed for the first time in the 1980s, the protocol did not consider cyber threats at that time because networking and connectivity were not yet relevant topics. Later, when the need for secure solutions became apparent, the Automotive Open System Architecture (AUTOSAR) established a solution for signal-based communication in vehicles. However, the Secure-Onboard-Communication (SecOC) module operates on the higher layers of the OSI model and thus entails a lot of software overhead for the individual tasks, which can lead to high CPU utilization.
Security protocols that operate on the lower layers and guarantee real-time protection are, therefore, a useful addition to the vehicle security concept. One solution for securing CAN communication is CANsec. CANsec is part of the third CAN bus generation CAN XL and allows authentication, encryption, and integrity checking of CAN frames.
2. The third generation of the CAN Bus – CAN XL
CAN XL is based on the concepts specified in ISO 11898-1:2015 – Road Vehicles – Controller Area Network (CAN). The characteristics of the CAN XL protocol have been defined by the CAN in Automation Special Interest Group (CiA SIG) since 2018 and are not yet complete. One of the main motivations for the development is to close the bit rate gap between CAN/CAN FD and Ethernet 100 Base-T1 in future vehicle E/E architectures.
Since December 2018, the CiA SIG (Special Interest Group) specifies the features of the CAN XL protocol in the following documents...