Testing of Security-Protected ECUs and Networks With the Security Manager
The principle of the Security Manager - with and without access to OEM-specific backends
Security mechanisms prevent unauthorized access to vehicles and ECUs. This means that vehicle communication cannot be accessed at first, even during development. The Security Manager offers valuable services for testing ECUs anyway.
The Security Manager is the link between the Vector tools and the OEM-specific security implementations. With it, security functions can be used uniformly in the tools. No matter for which OEM you develop your control unit, you save time by only having to familiarize yourself once and then use the same "look and feel" also for different security concepts of the OEMs.
The connection to the OEM security implementations is made via add-ons, which are managed in the Security Manager. In tests and simulations, the Security Manager carries out the security-relevant operations and provides the tool with the results.
Time savings through reuse: You create the security profiles only once and use them multiple times in the different Vector tools.
Support of OEM-specific concepts such as configuration, algorithms, backend connection, etc. through specific Security Add-ons
Consistent use of security functions in all Vector tools through the same neutral interface to the add-on, which centrally manages the security implementations and the detailed knowledge
Vector Security Manager for Secure Diagnostics
Vector Automotive Cybersecurity Symposium 2019: UDS service 29 with PKI certificate exchange and authentication with the Vector Security Manager and CANoe.
Lecture at the Vector Automotive Cybersecurity Symposium 2017 about the reasons why test tools have to manage a huge variety of security implementations. Based on this, the concept of the Vector Security Manager was presented.
To simulate and test SecOC-secured communication, the Security Manager generates (left) and validates (right) the Message Authentication Codes (MACs).
SecOC secures and authenticates communication between ECUs based on Message Authentication Codes (MACs). Only based on valid MACs, simulation and test tools can communicate with the ECUs. For the Vector tools, the Security Manager, together with the OEM Security add-ons*, generates and validates the MACs. The necessary input values such as secret key and freshness values are stored in the Security Manager.
(*) OEM Security add-ons are available free of charge from Vector for some OEMs. These contain the OEM-specific Security algorithms and procedures. They simplify the application of general Security functions in the tools, since the OEM-specific behavior is outsourced in the add-ons.
Secure Diagnostics Through Authentication
The Security Manager enables authentication for Secure Diagnostics.
Diagnostic services may only be performed by trustworthy testers. With successful authentication, diagnostic services and critical operations such as flashing or variant coding can be enabled. The Security Manager executes the necessary processes together with the respective OEM Security add-ons.
Transport Layer Security (TLS/DTLS)
Sequence of TLS communication with original commands
For a secure client-server communication on TCP/UDP-level, the TLS protocol (Transport Layer Security) is used. The Security Manager provides the TLS protocol stack for Ethernet communication. This allows tools to conveniently use the protocol, including parameterization, to test communication that is secured by TLS.
In addition to the required certificate hierarchy, the cipher suites to be used can also be configured. These contain the algorithms and parameters that are to be used to establish a secure data connection.
Internet Protocol Security (IPsec)
CANoe enables testing of ECUs and networks that communicate in an IPsec-protected manner.
The goal of IPsec is to secure communication based on the IP protocol. In this way, you implement the classic protection goals such as confidentiality, authenticity, and integrity. By protecting the IP layer, the protection goals of all layers above are achieved. The use of the IPsec protocol enables the transparent protection of higher layer protocols such as SOME/IP, DoIP, TLS and HTTP.
The Security Manager provides an IPsec stack with the most important elements of the IPsec protocol:
Comprehensive protection of Ethernet communication by using the "Authentication Header" security method in Transport Mode
Implementation of the IKEv2 protocol (Internet Key Exchange v2) for flexible and secure generation of key material for a certificate-based session.
In addition to providing the protocol stack, the Security Manager also enables comprehensive configuration of the IPsec protocol. Security profiles are used for this purpose, which combine all the necessary configuration parameters. These include cipher suites, certificates, and security policies. Likewise, you can easily adopt existing configurations from StrongSwan descriptions to set up VPNs via IPsec.
Management and Configuration of Security Parameters
The Security Manager offers the possibility to conveniently manage parameters of security services in profiles. The profiles are used at runtime in the Security Manager to configure the algorithms used:
Symmetric Key Management Symmetric keys must be provided for secure on-board communication. The keys can be imported directly, in containers or in OEM-specific formats.
Certificate Management Certificate hierarchies are managed using PKI profiles (Public Key Infrastructure). File- and folder-based imports allow certificates to be used in TLS and diagnostic contexts.
Communication with a Security Backend For security reasons, many vehicle manufacturers do not pass on certificates and instead manage them in a backend. Development tools request the certificate-based functions (e.g. for signing) there at runtime. For the Vector tools, the Security Manager takes over the communication with the backend. In this way, complex processes can be considerably simplified for the user.
Start a Conversation
Are you interested to get more information about testing security-protected ECUs and networks with the Security Manager or would you like to try it out? Then let’s talk!
... is helping you to simplify ECU testing despite of Security.