Routing and Security Mechanisms Design for Automotive TSN/CAN FD Security Gateway 2022-01-0113

With the explosion of in-vehicle data, Time Sensitive Network (TSN) is increasingly becoming the backbone of the in-vehicle network to ensure deterministic real-time communication and Quality of Service (QoS). However, legacy buses such as CAN FD and LIN will not disappear for a long time in the future. Many protocols are deployed in the gateway and it is an important component in the security and functional safety of the communication process. In this paper, the recommended Electrical/Electronic Architecture is first given and the use cases for the TSN/CAN FD gateway are illustrated. Then, a TSN/CAN FD routing mechanism is designed and security mechanisms are deployed. The routing mechanism includes the protocol conversion module, queue cache module, and forwarding scheduling module. The protocol conversion module unpacks or packs the TSN or CAN FD frames according to the routing table. Dynamic space of queue is utilized in the queue cache module to allocate the cached messages appropriately. Time Awareness Shaper and Credit-Based Shaper are used to guarantee the transmission of messages with different priorities. The security mechanism consists of a secure handshake protocol and encrypted secure communication. We negotiate and distribute session secret keys via pre-stored certificates and the RSA algorithm. The confidentiality, integrity, and availability of data are guaranteed via random numbers, MAC, and the AES algorithm. Detailed tests are finally carried out on a physical system and the results show that the designed mechanism in this paper has excellent performance and feasibility.