CINNAMON: A Module for AUTOSAR Secure Onboard Communication

TL;DR

CINNAMON is a new AUTOSAR module that enhances onboard communication security by adding confidentiality through encryption, complementing existing integrity and authenticity features, and demonstrating practical feasibility on resource-limited hardware.

Contribution

It introduces CINNAMON, a resource-efficient module that extends AUTOSAR SecOC to include data confidentiality via encryption, addressing information gathering attacks.

Findings

CINNAMON effectively provides confidentiality, integrity, and authenticity.

Prototype implementation shows feasibility on inexpensive hardware.

The module is easily extensible with additional security profiles.

Abstract

This paper introduces CINNAMON, a software module that extends and seamlessly integrates with the AUTOSAR "Secure Onboard Communication" (SecOC) module to also account for confidentiality of data in transit. It stands for Confidential, INtegral aNd Authentic on board coMunicatiON (CINNAMON). It takes a resource-efficient and practical approach to ensure, at the same time, confidentiality, integrity and authenticity of frames. The main new requirement that CINNAMON puts forward is the use of encryption and thus, as a result, CINNAMON exceeds SecOC against information gathering attacks. This paper sets forth the essential requirements and specification of the new module by detailing where and how to position it within AUTOSAR and by emphasizing the relevant upgrades with respect to SecOC. The presentation continues with the definition of a Security Profile and a summary of a prototype implementation of ours. While CINNAMON is easily extensible, for example through the definition of additional profiles, the current performances obtained on inexpensive boards support the claim that the approach is feasible.