Blockchain Authentication Framework for Autonomous Vehicle System Integrity

Blockchain Authentication Framework for Autonomous Vehicle System Integrity Matt Pasco pascomat@msu. edu Matt Pasco

Why blockchain? • Mostly a buzzword • Hundreds of ECUs on a given car • ECUs come from variety of manufacturers • CAN has no real hierarchy • No routers, no DHCP • Block chain is designed for decentralized networks Matt Pasco

Blockchain-Based Security Layer for Identification and Isolation of Malicious Things in Io. T: A Conceptual Design • Banerjee et al. (2018) • Adds authentication layer • Periodically check device firmware • Hash device firmware • Corelate firmware signature against blockchain • Hardware based add-on Matt Pasco

Blockchain-based firmware update framework for internet-of-things environment • Yohan et al. (2018) • Ledger based approach • Ensures firmware updates are properly installed • Ensures firmware updates are trusted Matt Pasco

Electronic Control Units (ECUs) • Often run a form a Linux, GENIVI • Have unutilized CPU Cores Matt Pasco

Proposed work • Utilize a sandbox approach • 1 core for functional usage • Runs as root in container/VM, user to system • Only runs whitelisted applications • 1 core for blockchain • Runs as root • Minimize cost • Blockchain core monitors • Modifications to system executables • OTA Software and firmware updates Matt Pasco

Proposed work TBD Functional core Blockchain core Hypervisor or Container Service Sensors Shared File system Read only File system Monitors: - Shared FS - IO plugin Device I/O Debug connection NIC Network access, controlled by blockchain core CAN BUS Matt Pasco

Blockchain messages Firmware version Hash ID of whitelisted binaries Connection information (e. g. , ) Debug port connection added System information (e. g. , ) Boot Timestamp encrypted with private key from ECU Matt Pasco

Attack scenario 1. Hackers plug into tire ECU debug port 2. Tire ECU blockchain core notice new connection 1. Computes hash, sends message to all other ECUS 3. Other ECUs blockchain cores validate hash 1. Discrepancy Found 4. Mitigation Strategy is enacted Matt Pasco

Blockchain computation • Make hash computing easy • Miners could be on all ECUs or just a subset • Ledger will be created before vehicle is sold Matt Pasco

OTA updates • ECU updates will only be distributed and installed if the majority votes to allow the update • Prevents unauthorized updates from being sent • Updates will utilize a X 509 certificate chain model 1. Manufacturer acts as root certificate authority 2. 1 st and 3 rd party manufactures are granted a certificates from manufacturer CA 3. Updates are signed by 1 st and 3 rd party 4. Vehicle performs X 509 certificate attestation 1. All updates must be originally signed by manufacturer CA and is cryptographically secure 2. Must consider possibility manufacturer root CA is leaked Matt Pasco

What this doesn’t solve • Asus Shadow. Hammer (3/25/2019) • Hackers created virus • Hackers signed virus with ASUS private CA, then delivered using Asus updater • Command Control (C 2) server on all Asus computers • Blockchain take over • More than 50% of ECU cores would need to be compromised • Attacks have been shown with less • Virtualization breakout • If the functional core could breakout of sandbox and priv-esc Matt Pasco

Proof of Concept • Virtual network • Throttle to act like CAN • Virtual machine for each ECU • Containerized functional process on each VM • Simulate attack detection Matt Pasco

• Mandrita Banerjee, Junghee Lee, Qian Chen, and Kim-Kwang Raymond Choo. Blockchain-based security layer for identification and isolation of malicious things in iot: A conceptual design. In 2018 27 th International Conference on Computer Communication and Networks (ICCCN), pages 1– 6. IEEE, 2018 • Alexander Yohan, Nai-Wei Lo, and Suttawee Achawapong. Blockchain-based firmware update framework for internet-of-things environment. In Proceedings of the International Conference on Information and Knowledge Engineering (IKE), pages 151– 155. The Steering Committee of The World Congress in Computer Science, Computer. . . , 2018 • https: //www. pcworld. com/article/3383248/shadowhammer-infects-asus-pcs-through-its-asuslive-update-utility. html Matt Pasco