We have developed an open distributed embedded platform prototype that targets automotive traffic monitoring across multiple CAN bus networks. This ecosystem interconnects multiple Raspberry Pi devices (e.g., RPI1, RPI2) to an Odroid XU3 which serves as a gateway node. CAN interconnection is based a) for Raspberry Pi, on IndustrialBerry's CANberry Dual V2.1 device, and b) for Odroid XU3, on two (incoming/outgoing) USB-to-CAN interfaces based on Scantool’s OBD Dev Kit (with STN2120 chipset). Our embedded software toolchain uses a) for RPI, Linux can-utils tools, and b) for Odroid XU3, an extended serial terminal code that uses multiple POSIX threads to manage incoming and outgoing CAN connections; gateway configuration and packet send/receive functions are based on USB-to-serial STN2120’s ELM327 AT and ST commands. During normal operation, RPI2 (CAN2) carries actual engine traffic (based on Korean dataset -- http://ocslab.hksecurity.net/Dataset/CAN-intrusion-dataset), while at the same time RPI1 requests, related to on-screen display depart from RPI1 (CAN1), are received from RPI2 (CAN2) via the Gateway, and then, answered back to RPI1 (closing a round trip). In our threat model, we carry out a denial-of-service (DoS) attack on the CAN1 gateway interface and examine different metrics that can possibly be used in order to detect the attack. At gateway-level, three non-intrusive DoS attack metrics considered are related to a) the frequency of CAN packets per ID, b) energy consumption of the Cortex-A15 cores (available via I2C from integrated INA231 sensors), and c) temperature gradients related to the four thermal zones (available via I2C from integrated sensors). In addition, variations of round-trip times (RTT) for packets that flow from RPI1 to RPI2 (via Odroid XU3), and back to RPI1 can be measured. Our results indicate significant tradeoffs related to the accuracy of the four proposed detection metrics, with the energy metric appearing to provide the highest assurance, i.e., the lowest false-positive/negative ratio for a given attacker injection rate. Prediction of an attack effectively triggers throttling down, shutting down, or sleeping the outgoing interface, thus safeguarding engine ECU nodes. Our open source software code will become available soon in sourceforge.net
Prof. (Hellenic Mediterranean University)
Miltos D. Grammatikakis received MSc (1985) and PhD (1991) in Computer Science from the University of Oklahoma. After holding a number of positions with Academia, research and industry in France, Germany and Greece, he is now a professor at TEI of Crete. He has participated in 22 European projects (H2020, FP7, FP6, IST, ARTEMIS, ENIAC, MEDEA+, ESPRIT, TEN TELECOM, TMR, EURESCOM), and national R&D projects dealing with embedded and real-time systems, parallel and multicore architectures, EDA, high-level power estimation, reliability, security, and distributed systems for telecom and satellite networks. He has collaborated externally with ST Microelectronics for twenty years, e.g. on the IPSIM environment for system-level SoC modeling, the award-winning open source on-chip communication network framework (OCCN) available from http://occn.sourceforge.net) and Spidergon STNoC design. He has published more than 70 technical articles in edited books, international journals and conference proceedings, and is a co-author of two scientific books published by CRC Press (Taylor & Francis): “Parallel Systems: Communications and Interconnects” in 2001 and “Design of Cost-Efficient Interconnect Processing Units: Spidergon STNoC” in 2008.