Vehicle Intrusion Resilience Systems in Action


Project Description

A modern vehicle is composed of around 100 Electronic Control Unit (ECU) connected via several types of networks. An ECU is an embedded device, similar to a RaspberryPI, running an operating system, e.g., Linux-based or real-time OS, on top of which different software and firmware may run, depending on the application. Due to the imperfection of humans, software can have faults and intrusions, which can lead to catastrophic failures that threatens human lives. A Fault and Intrusion Resilient System (FIRS) is a vehicle middleware that can mask the effect of a failure or intrusion. Contrary to Intrusion Detection and Protection Systems, FIRS ensures the continuation of the function despite intrusions. FIRS works as follows: it allows an application to run different replicas on different ECUs simultaneously. For each function executed by the application, an agreement is collected from a majority of ECUs through the (in-vehicle) network, and the corresponding output is returned. As long as the majority is not compromised, the integrity of the returned output is guaranteed despite the existence of faults or intrusions in the rest of ECUs. We have an implementation of a FIRS protocol that we are experimenting on Omnet++ simulator.
Program - Computer Science
Division - Computer, Electrical and Mathematical Sciences and Engineering
Center Affiliation - Resilient Computing and Cybersecurity Center
Field of Study - Intrusion Resilience, Intrusion detection and prevention, Vehicular networks, CAN, Byzantine Fault Tolerance

About the

Paulo Esteves-Verissimo

Professor, Computer Science and Director, Resilient Computing and Cybersecurity Center (Computer, Electrical and Mathematical Science and Engineering Division)

Paulo Esteves-Verissimo

Desired Project Deliverables

The goal of this project is to create a demo that validates the FIRS on a real hardware and software. The intern will build a small testbed of networked embedded devices, e.g., RaspberryPIs or ECUs. Two network types are of particular importance: (1) the widely used broadcast-based Control Area Network (CAN), can be built using RaspberryPIs and CAN transceivers; and (2) the more recent efficient Ethernet for Automotive that, as the name indicates, has similarities to the Ethernet protocols in IT networks. The objectives of the work are to understand how FIRS behaves empirically, build the small testbed for validation, and demonstrate the work in a sub-real environment.