NXP CAN Transceiver family secures CAN-based communications without cryptography

By Published: 31 January 2018Posted in: Communications, Cybersecurity

NXP Semiconductors has announced a new secure CAN transceiver family that offers a solution for secure CAN communications – and does not require software or cryptography.

NXP has developed a pure transceiver based solution for the CAN network which is designed to secure efficiently – no bandwidth overhead, no delays and no processor load. This novel approach complements crypto-based security solutions with an additional layer in a Defense-in-Depth (DiD) concept, or as a standalone option.

Security features of the secure CAN transceiver

Spoofing prevention on transmit side: Designed to protect the CAN bus from a compromised ECU by filtering messages based on CAN message IDs in the transmit path. If the ECU tries to send a message with an ID that is originally not assigned to it, the secure CAN transceiver can refuse to transmit it to the bus.

Spoofing prevention on receive side: A complementary protection is used to invalidate messages on the bus with a CAN message ID assigned for transmission. This method means each ECU has the ability to protect its own IDs in the eventuality that a rogue ECU manages to send a message with the same ID.

Tamper protection: Invalidating messages on the CAN bus can be used to prevent tampering, offering a clear sign of a compromised ECU has stepped into the transmission.

Flooding prevention and rate limit control: Limiting the number of transmitted messages per ECU from the sender side at any time, helps prevent flooding the bus but leaves the busload open for certain types of critical tasks.

Since CAN is a robust multi-point connection network, and up to now, most data communication within the vehicle is unsecured, a single compromised ECU has direct access to connected ECUs. Security solutions on the market today protect CAN communication with message authentication code (MAC) based on cryptography and complex key management, but they require increased CAN bus load, message latency and computing power consumption.

Existing ECU designs cannot be easily upgraded to support secure CAN messages if the processors do not have sufficient compute power. With secure CAN transceivers, however, automakers can secure messages from the ECUs already used in the design, offering a simpler, faster rollout of security than it would take to transition the existing ECUs to secure ones.

Source: NXP


Article by channel:

Read more articles tagged: Cryptography