TrinitySec: Trinity-Enabled and Lightweight Security Framework for CAN-FD Communication

Controller Area Network with Flexible Data-rate (CAN-FD) is a promising industrial embedded network because of its high bandwidth and long data field length. However, CAN-FD does not deploy any security protection mechanisms, leaving it vulnerable to network attacks. In recent years, authentication and authorization frameworks have often been deployed in industrial embedded networks (e.g., automotive networks) to provide secure CAN/CAN-FD communication. However, these frameworks cannot simultaneously enhance confidentiality, integrity, and availability; moreover, these frameworks are mainly based on a distributed security management mechanism, resulting in large computation, communication, and memory overhead. This paper proposes a trinity-enabled and lightweight security framework called TrinitySec based on cryptographic algorithms for CAN-FD communication. TrinitySec ensures the availability of ECU and CAN-FD messages through authentication and authorization, as well as the confidentiality and integrity of CAN-FD messages through a symmetric-key algorithm and Hash-based Message Authentication Code (HMAC) function. TrinitySec proposes a low-overhead centralized security management mechanism instead of the existing distributed management mechanism. We formally verify the security of TrinitySec using the ProVerif tool. We implement TrinitySec on STM32H743IIT Micro Controller Unit (MCU) with ARM Cortex M7 core and evaluate that TrinitySec outperforms other state-of-the-art security frameworks in terms of computation, communication, memory, and storage overhead.