DOI QR코드

DOI QR Code

자동차 보안시스템에서 장치간 상호인증 및 정형검증

Inter-device Mutual Authentication and Formal Verification in Vehicular Security System

  • 이상준 (아주자동차대학 자동차디지털튜닝전공) ;
  • 배우식 (아주자동차대학)
  • Lee, Sang-Jun (Dept. of Automobile Digital Tuning, Ajou Motor College) ;
  • Bae, Woo-Sik (Dept. of AIS Center, Ajou Motor College)
  • 투고 : 2015.02.06
  • 심사 : 2015.04.20
  • 발행 : 2015.04.28

초록

자동차산업의 발전과 함께 M2M(Machine-to-Machine)통신이 자동차 산업분야에서 많은 관심이 되고 있다. M2M은 기상, 환경, 물류, 국방, 농.축산 등에서 사용하기 시작하여 장비들이 자동으로 상황에 맞추어 통신을 하고 상황에 맞는 동작을 함으로써 운영해가는 시스템이다. 자동차에서도 차량내부 장치 간, 차대 차, 차와 교통시설물, 차와 주변의 환경 등에 적용되고 있다. 그러나 통신시스템의 특성상 전송구간에서 공격자의 공격에 대한 문제가 있으며 자동차의 운행, 제어계통 및 엔진제어 등에 공격자의 공격이 진행되면 안전에 심각한 문제가 발생하게 된다. 따라서 디바이스 간 보안통신에 대한 연구가 활발히 진행되고 있다. 본 논문에서는 차량의 디바이스간 안전한 통신을 위해 해시함수 및 수학적 복잡한 공식을 이용하여 프로토콜을 설계하였으며 프로토콜 정형검증 도구인 Casper/FDR을 이용하여 실험하였으며 제안한 프로토콜이 각종 공격에 안전하게 동작되며 실제 적용할 때 효과적임을 확인하였다.

The auto industry has significantly evolved to the extent that much attention is paid to M2M (Machine-to-Machine) communication. In M2M communication which was first used in meteorology, environment, logistics, national defense, agriculture and stockbreeding, devices automatically communicate and operate in accordance with varying situations. M2M system is applied to vehicles, specifically to device-to-device communication inside cars, vehicle-to-vehicle communication, communication between vehicles and traffic facilities and that between vehicles and surroundings. However, communication systems are characterized by potential intruders' attacks in transmission sections, which may cause serious safety problems if vehicles' operating system, control system and engine control parts are attacked. Thus, device-to-device secure communication has been actively researched. With a view to secure communication between vehicular devices, the present study drew on hash functions and complex mathematical formulae to design a protocol, which was then tested with Casper/FDR, a tool for formal verification of protocols. In brief, the proposed protocol proved to operate safely against a range of attacks and be effective in practical application.

키워드

참고문헌

  1. V. Galetic et al., Basic principles of Machineto-Machine communication and its impact on telecommunications industry. in Pro. of 34th International Convention on Information and Communication Technology, Electronics and Microelectronics, pp. 89-94, 2011.
  2. G. Wu, S. Talwar, K. Johnsson, N. Himayat, and K. D. Johnson, M2M: from mobile to embedded internet. IEEE Communications Magazine, Vol. 49, No. 4, pp. 36-43, 2011. https://doi.org/10.1109/MCOM.2011.5741144
  3. G. Wu, S. Talwar, K. Johnsson, N. Himayat and K.D. Johnson, M2M: From mobile to embedded internet. IEEE Communications Magazine, Vol.49, No.4, pp. 36-43, 2011. https://doi.org/10.1109/MCOM.2011.5741144
  4. ETSI, Machine-to-Machine communications (M2M); M2M service requirements. TS 102 689 V1.1.2., 2011.
  5. Huy Hoang Ngo, XianpingWu, Phu Dung Le and Bala Srinivasan, An individual and group authentication model for wireless network services. Journal of Convergence Information Technology, Vol.5, No.1, pp. 82-94, 2010. https://doi.org/10.4156/jcit.vol5.issue1.10
  6. Chen C, He D, Chan S, Bu J, Gao Y, Fan R., Lightweight and provably secure user authentication with anonymity for the global mobility network. International Journal of Communication Systems 2010; 24:347-362. DOI:10.1002/dac.1158.
  7. Qi X. A new authenticated key agreement for session initiation protocol. International Journal of Communication Systems 2011; 25:47-54. DOI:10.1002/dac.1286.
  8. You I, Lee J-H, Kim B, Ilsun Y, Jong-Hyouk L, Bonam K. caTBUA: context-aware ticket-based binding update authentication protocol for trust-enabled mobile networks. International Journal of Communication Systems 2010;23:1382-1404. DOI: 10.1002/dac.1113
  9. ISO 26262, Road vehicles - Functional safety, Management of functional safety & Concept phase
  10. Aiash M, Mapp G, Lasebae A, Phan R, Loo J., A formally verified AKA protocol for vertical handover in heterogeneous environments using Casper/FDR. EURASIP Journal on Wireless Communications and Networking 2012.
  11. ETSI, Machine to Machine Communications (M2M); M2M functional architecture. ETSI, TS 102 690, DEC, 2011.
  12. G. Lowe. Casper: A compiler for the analysis of security protocols. User Manual and Tutorial. Version 1.12, 2009.
  13. Formal systems (Europe) Ltd.: Failures-Divergence Refinement. FDR2 User Manual. Available from: pdf [Accessed 19 August 2011]
  14. PRESERVE(PREparing SEcuRe VEhicle-to-X Communication Systems)Deliverable 1.1, Security Requirements of Vehicle Security Architecture. June. 2011.
  15. Ryan P, Schneider S, Goldsmith M, Lowe G, Roscoe AW., The Modelling and Analysis of ecurity Protocols. PEARSON Ltd.: Edinburgh Gate. UK, 2010
  16. M. S. Han, W. S. Bae, Security Verification of a Communication Authentication Protocol in Vehicular Security System. Journal of Digital Convergence, Vol. 12, No. 8, pp. 229-234, 2014. https://doi.org/10.14400/JDC.2014.12.8.229
  17. Weis, S. et al., Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems. First International Conference on Security in Pervasive Computing, 2003.