- T. Haugg, M. F. Soltani, Timo H\u00e4ckel, P. Meyer, F. Korf, and T. C. Schmidt, “Simulation-based Evaluation of a Synchronous Transaction Model for Time-Sensitive Software-Defined Networks,” in Proceedings of the 8th International OMNeT++ Community Summit 2021<\/span>, 2021.
@InProceedings{ hshmk-ssttn-21,\nauthor = {Tobias Haugg and Mohammad Fazel Soltani and Timo\nH{\\\"a}ckel and Philipp Meyer and Franz Korf and Thomas C.\nSchmidt},\ntitle = {{Simulation-based Evaluation of a Synchronous Transaction\nModel for Time-Sensitive Software-Defined Networks}},\nbooktitle = {Proceedings of the 8th International OMNeT++ Community\nSummit 2021},\nmonth = oct,\nyear = 2021,\nurl = {https:\/\/arxiv.org\/abs\/2110.00236},\neprinttype = {arxiv},\neprint = {2110.00236},\nabstract = {Real-time networks based on Ethernet require robust\nquality-of-service for time-critical traffic. The\nTime-Sensitive Networking (TSN) collection of standards\nenables this in real-time environments like vehicle\non-board networks. Runtime reconfigurations in TSN must\nrespect the deadlines of real-time traffic.\nSoftware-Defined Networking (SDN) moves the control plane\nof network devices to the SDN controller, making these\nnetworks programmable. This allows reconfigurations from a\ncentral point in the network. In this work, we present a\ntransactional model for network reconfigurations that are\nsynchronously executed in all network devices. We evaluate\nits performance in a case study against non-transactional\nreconfigurations and show that synchronous transactions\nenable consistency for reconfigurations in TSN without\nincreased latencies for real-time frames. },\nlangid = {english},\narchiveprefix = {arXiv},\nprimaryclass = {cs.NI}\n}<\/code><\/pre><\/div>Real-time networks based on Ethernet require robust quality-of-service for time-critical traffic. The Time-Sensitive Networking (TSN) collection of standards enables this in real-time environments like vehicle on-board networks. Runtime reconfigurations in TSN must respect the deadlines of real-time traffic. Software-Defined Networking (SDN) moves the control plane of network devices to the SDN controller, making these networks programmable. This allows reconfigurations from a central point in the network. In this work, we present a transactional model for network reconfigurations that are synchronously executed in all network devices. We evaluate its performance in a case study against non-transactional reconfigurations and show that synchronous transactions enable consistency for reconfigurations in TSN without increased latencies for real-time frames.<\/blockquote> <\/li>
![[DOI]](https:\/\/secvi.inet.haw-hamburg.de\/wp-content\/plugins\/papercite\/img\/external.png)
<\/a> S. Reider, P. Meyer, T. H\u00e4ckel, F. Korf, and T. C. Schmidt, “Integration realer Angriffe in simulierte Echtzeit- Ethernet-Netzwerke,” in Echtzeit 2020<\/span>, Wiesbaden, 2021, p. 51\u201360. @InProceedings{ rmhks-irasn-21,\nauthor = {Sandra Reider AND Philipp Meyer AND Timo H{\\\"a}ckel AND\nFranz Korf AND Thomas C. Schmidt},\ntitle = {{Integration realer Angriffe in simulierte Echtzeit-\nEthernet-Netzwerke}},\nbooktitle = {Echtzeit 2020},\nmonth = jan,\nyear = 2021,\npages = {51--60},\npublisher = {Springer Vieweg},\naddress = {Wiesbaden},\nisbn = {978-3-658-32818-4},\ndoi = {10.1007\/978-3-658-32818-4_6},\nabstract = {Ethernet wird zunehmend Bestandteil moderner Fahrzeugnetze\nund bildet die aussichtsreichste Technologie f{\\\"u}r\nk{\\\"u}nftige Hochgeschwindigkeits-Backbones im Auto.\n\"Connected Vehicles\" {\\\"o}ffnen gleichzeitig ihre internen\nFahrzeugnetzwerke nach au{\\ss}en und erm{\\\"o}glichen so\neine Vielzahl neuer Angriffe, f{\\\"u}r die neue\nSicherheitskonzepte entwickelt werden m{\\\"u}ssen.\nSicherheitskonzepte und -mechanismen vor ihrer\nEinf{\\\"u}hrung in einer Simulationsumgebungen zu testen,\nist flexibel, schnell und kosteng{\\\"u}nstig. In dieser\nArbeit stellen wir ein Konzept vor, mit dem realer\nAngriffsverkehr aufgezeichnet und in eine\nSimulationsumgebung eingespielt werden kann. Dieses\nevaluieren wir am Beispiel eines DoS-Angriffs und\nk{\\\"o}nnen zeigen, dass die erwarteten Auswirkungen des\nabgespielten Angriffs in der Simulation wiedergegeben werden.},\nbooksubtitle = {Kommunikationssicherheit im Internet der Dinge (IoT)},\nseries = {Informatik aktuell},\nlangid = {ngerman}\n}<\/code><\/pre><\/div>Ethernet wird zunehmend Bestandteil moderner Fahrzeugnetze und bildet die aussichtsreichste Technologie f\u00fcr k\u00fcnftige Hochgeschwindigkeits-Backbones im Auto. “Connected Vehicles” \u00f6ffnen gleichzeitig ihre internen Fahrzeugnetzwerke nach au\u00dfen und erm\u00f6glichen so eine Vielzahl neuer Angriffe, f\u00fcr die neue Sicherheitskonzepte entwickelt werden m\u00fcssen. Sicherheitskonzepte und -mechanismen vor ihrer Einf\u00fchrung in einer Simulationsumgebungen zu testen, ist flexibel, schnell und kosteng\u00fcnstig. In dieser Arbeit stellen wir ein Konzept vor, mit dem realer Angriffsverkehr aufgezeichnet und in eine Simulationsumgebung eingespielt werden kann. Dieses evaluieren wir am Beispiel eines DoS-Angriffs und k\u00f6nnen zeigen, dass die erwarteten Auswirkungen des abgespielten Angriffs in der Simulation wiedergegeben werden.<\/blockquote> <\/li> <\/ul>
2020<\/h3>
-
![\"[PDF]\"\/](https:\/\/secvi.inet.haw-hamburg.de\/wp-content\/plugins\/papercite\/img\/pdf.png)
<\/a> <\/a> P. Meyer, T. H\u00e4ckel, F. Langer, L. Stahlbock, J. Decker, S. A. Eckhardt, F. Korf, T. C. Schmidt, and F. Sch\u00fcppel, “Demo: A Security Infrastructure for Vehicular Information Using SDN, Intrusion Detection, and a Defense Center in the Cloud,” in 2020 IEEE Vehicular Networking Conference (VNC) (IEEE VNC 2020)<\/span>, Piscataway, NJ, USA, 2020. @InProceedings{mhlsd-dsivi-20,\nauthor = {Philipp Meyer and Timo H{\\\"a}ckel and Falk Langer and Lukas Stahlbock and Jochen Decker and Sebastian A. Eckhardt and Franz Korf and Thomas C. Schmidt and Fabian Sch{\\\"u}ppel},\nbooktitle = {2020 IEEE Vehicular Networking Conference (VNC) (IEEE VNC 2020)},\ntitle = {{Demo: A Security Infrastructure for Vehicular Information Using {SDN,} Intrusion Detection, and a Defense Center in the Cloud}},\nyear = {2020},\npublisher = {IEEE Press},\naddress = {Piscataway, NJ, USA},\nlocation = {Online},\nmonth = dec,\nabstract = {Vehicular on-board communication is the basis for advanced driver\nassistance, autonomous driving, over-the-air updates, and many more. If\nunprotected, this infrastructure is vulnerable to manipulation and various\nattacks. As any networked system, future connected cars require robust\nprotection, monitoring, and incidence management against cyber-attacks\nduring their lifetime. We demonstrate an infrastructure that secures the\nin-vehicle communication system and enables the security management of an\nentire vehicle fleet. Our prototype - a real-world production car - uses an\nEthernet backbone network. It implements protective measures using\nsoftware-defined networking, anomaly detection technologies, and is\nconnected to a cyber defense center in the cloud. We demonstrate how this\ncombination can reliably detect and mitigate common attacks on the vehicle\n- including its legacy components.},\ndoi={10.1109\/VNC51378.2020.9318351},\n}<\/code><\/pre><\/div>Vehicular on-board communication is the basis for advanced driver assistance, autonomous driving, over-the-air updates, and many more. If unprotected, this infrastructure is vulnerable to manipulation and various attacks. As any networked system, future connected cars require robust protection, monitoring, and incidence management against cyber-attacks during their lifetime. We demonstrate an infrastructure that secures the in-vehicle communication system and enables the security management of an entire vehicle fleet. Our prototype – a real-world production car – uses an Ethernet backbone network. It implements protective measures using software-defined networking, anomaly detection technologies, and is connected to a cyber defense center in the cloud. We demonstrate how this combination can reliably detect and mitigate common attacks on the vehicle – including its legacy components.<\/blockquote> <\/li>
<\/a> <\/a> T. H\u00e4ckel, A. Schmidt, P. Meyer, F. Korf, and T. C. Schmidt, “Strategies for Integrating Controls Flows in Software-Defined In-Vehicle Networks and Their Impact on Network Security,” in 2020 IEEE Vehicular Networking Conference (VNC) (IEEE VNC 2020)<\/span>, Piscataway, NJ, USA, 2020. @InProceedings{hsmks-sicfs-20,\nauthor = {Timo H{\\\"a}ckel and Anja Schmidt and Philipp Meyer and Franz Korf and Thomas C. Schmidt},\nbooktitle = {2020 IEEE Vehicular Networking Conference (VNC) (IEEE VNC 2020)},\ntitle = {{Strategies for Integrating Controls Flows in Software-Defined In-Vehicle Networks and Their Impact on Network Security}},\nyear = {2020},\npublisher = {IEEE Press},\naddress = {Piscataway, NJ, USA},\nlocation = {Online},\nmonth = dec,\nabstract = {Current In-Vehicle Networks (IVNs) connect Electronic Control Units (ECUs)\nvia domain busses. A gateway forwards messages between these domains.\nAutomotive Ethernet emerges as a flat, high-speed backbone technology for\nIVNs that carries the various control flows within Ethernet frames.\nRecently, Software-Defined Networking (SDN) has been identified as a useful\nbuilding block of the vehicular domain, as it allows the differentiation of\npackets based on all header fields and thus can isolate unrelated control\nflows.\nIn this work, we systematically explore the different strategies for\nintegrating automotive control flows in switched Ether-networks and analyze\ntheir security impact for a software-defined IVN. We discuss how control\nflow identifiers can be embedded on different layers resulting in a range\nof solutions from fully exposed embedding to deep encapsulation. We\nevaluate these strategies in a realistic IVN based on the communication\nmatrix of a production grade vehicle, which we map into a modern Ethernet\ntopology. We find that visibility of automotive control flows within packet\nheaders is essential for the network infrastructure to enable isolation and\naccess control. With an exposed embedding, the SDN backbone can establish\nand survey trust zones within the IVN and largely reduce the attack surface\nof connected cars. An exposed embedding strategy also minimizes\ncommunication expenses.},\ndoi={10.1109\/VNC51378.2020.9318372},\n}<\/code><\/pre><\/div>Current In-Vehicle Networks (IVNs) connect Electronic Control Units (ECUs) via domain busses. A gateway forwards messages between these domains. Automotive Ethernet emerges as a flat, high-speed backbone technology for IVNs that carries the various control flows within Ethernet frames. Recently, Software-Defined Networking (SDN) has been identified as a useful building block of the vehicular domain, as it allows the differentiation of packets based on all header fields and thus can isolate unrelated control flows. In this work, we systematically explore the different strategies for integrating automotive control flows in switched Ether-networks and analyze their security impact for a software-defined IVN. We discuss how control flow identifiers can be embedded on different layers resulting in a range of solutions from fully exposed embedding to deep encapsulation. We evaluate these strategies in a realistic IVN based on the communication matrix of a production grade vehicle, which we map into a modern Ethernet topology. We find that visibility of automotive control flows within packet headers is essential for the network infrastructure to enable isolation and access control. With an exposed embedding, the SDN backbone can establish and survey trust zones within the IVN and largely reduce the attack surface of connected cars. An exposed embedding strategy also minimizes communication expenses.<\/blockquote> <\/li>
<\/a> <\/a> R. Rotermund, T. H\u00e4ckel, P. Meyer, F. Korf, and T. C. Schmidt, “Requirements Analysis and Performance Evaluation of SDN Controllers for Automotive Use Cases,” in 2020 IEEE Vehicular Networking Conference (VNC) (IEEE VNC 2020)<\/span>, Piscataway, NJ, USA, 2020. @InProceedings{rhmks-rapesc-20,\nauthor = {Randolf Rotermund and Timo H{\\\"a}ckel and Philipp Meyer and Franz Korf and Thomas C. Schmidt},\nbooktitle = {2020 IEEE Vehicular Networking Conference (VNC) (IEEE VNC 2020)},\ntitle = {{Requirements Analysis and Performance Evaluation of {SDN} Controllers for Automotive Use Cases}},\nyear = {2020},\npublisher = {IEEE Press},\naddress = {Piscataway, NJ, USA},\nlocation = {Online},\nmonth = dec,\nabstract = {Future vehicles will be more connected than ever leading to increased dynamics in vehicle on-board networks.\nSoftware-Defined Networking (SDN) is a promising technology to meet the emerging needs for flexibility and security in future automotive use cases.\nAlthough SDN controllers have been evaluated in data center networks, to the best of our knowledge there is a lack of an analysis and performance evaluation of SDN controllers for automotive use cases.\nIn this work we provide a detailed requirements analysis for the use of SDN controllers in cars.\nBased on this requirements analysis we choose existing controller implementations for a performance analysis.\nFinally, we analyze automotive specific use cases for SDN controllers with controller application examples and show how these can fulfill additional requirements.\nOur evaluation provides a helpful basis for the design and development of SDN controllers that can be used in vehicles.},\ndoi={10.1109\/VNC51378.2020.9318378},\n}<\/code><\/pre><\/div>Future vehicles will be more connected than ever leading to increased dynamics in vehicle on-board networks. Software-Defined Networking (SDN) is a promising technology to meet the emerging needs for flexibility and security in future automotive use cases. Although SDN controllers have been evaluated in data center networks, to the best of our knowledge there is a lack of an analysis and performance evaluation of SDN controllers for automotive use cases. In this work we provide a detailed requirements analysis for the use of SDN controllers in cars. Based on this requirements analysis we choose existing controller implementations for a performance analysis. Finally, we analyze automotive specific use cases for SDN controllers with controller application examples and show how these can fulfill additional requirements. Our evaluation provides a helpful basis for the design and development of SDN controllers that can be used in vehicles.<\/blockquote> <\/li>
<\/a> F. Langer, F. Sch\u00fcppel, and L. Stahlbock, “Incident Response for Vehicular Systems \u2013 More than online Updates,” in 18th escar Europe : The World’s Leading Automotive Cyber Security Conference<\/span>, , 2020. @incollection{LangerSchueppelStahlbock2020,\nauthor = {Falk Langer and Fabian Sch{\\\"u}ppel and Lukas Stahlbock},\ntitle = {{Incident Response for Vehicular Systems \u2013 More than online Updates}},\nbooktitle = {18th escar Europe : The World's Leading Automotive Cyber Security Conference},\nyear = {2020},\nurl = {https:\/\/hss-opus.ub.ruhr-unibochum.de\/opus4\/frontdoor\/index\/index\/searchtype\/collection\/id\/16901\/docId\/7553\/start\/0\/rows\/10},\nabstract = {Cybersecurity incidence response is an important building block for the safe operation of vehicles over their lifetime. The systems in need of protection within the vehicle are vulnerable to attacks over the internet. The strict safety requirements, complexity and large number of vehicle variants on the other hand lead to the issue, that in the case of a discovered vulnerability, developing an update fixing said vulnerability will take a long time \u2013 most likely making damage by attacks a certainty.\nWithin this paper, we show mechanisms to speed up the incidence response. For this reason two new levels of responses are proposed, which allow a reaction within minutes without impairing the requirement of safe and reliable operation.},\n}<\/code><\/pre><\/div>Cybersecurity incidence response is an important building block for the safe operation of vehicles over their lifetime. The systems in need of protection within the vehicle are vulnerable to attacks over the internet. The strict safety requirements, complexity and large number of vehicle variants on the other hand lead to the issue, that in the case of a discovered vulnerability, developing an update fixing said vulnerability will take a long time \u2013 most likely making damage by attacks a certainty. Within this paper, we show mechanisms to speed up the incidence response. For this reason two new levels of responses are proposed, which allow a reaction within minutes without impairing the requirement of safe and reliable operation.<\/blockquote> <\/li>
<\/a> <\/a> P. Meyer, T. H\u00e4ckel, F. Korf, and T. C. Schmidt, “Network Anomaly Detection in Cars based on Time-Sensitive Ingress Control,” in 2020 IEEE 92nd Vehicular Technology Conference (VTC2020-Fall)<\/span>, Piscataway, NJ, USA, 2020, p. 1\u20135. @InProceedings{ mhks-nadci-20,\nauthor = {Philipp Meyer and Timo H{\\\"a}ckel and Franz Korf and\nThomas C. Schmidt},\ntitle = {{Network Anomaly Detection in Cars based on Time-Sensitive\nIngress Control}},\nbooktitle = {2020 IEEE 92nd Vehicular Technology Conference\n(VTC2020-Fall)},\nlocation = {Online},\nmonth = nov,\nyear = 2020,\npages = {1--5},\npublisher = {IEEE Press},\naddress = {Piscataway, NJ, USA},\ndoi = {10.1109\/VTC2020-Fall49728.2020.9348746},\nabstract = {Connected cars need robust protection against network\nattacks. Network anomaly detection and prevention on board\nwill be particularly fast and reliable when situated on the\nlowest possible layer. Blocking traffic on a low layer,\nhowever, causes severe harm if triggered erroneously by\nfalsely positive alarms. In this paper, we introduce and\nevaluate a concept for detecting anomalous traffic using\nthe ingress control of Time-Sensitive Networking (TSN). We\nbuild on the idea that already defined TSN traffic\ndescriptors for in-car network configurations are rigorous,\nand hence any observed violation should not be a false\npositive. Also, we use Software-Defined Networking (SDN)\ntechnologies to collect and evaluate ingress anomaly\nreports, to identify the generating flows, and to ban them\nfrom the network. We evaluate our concept by simulating a\nreal-world zonal network topology of a future car. Our\nfindings confirm that abnormally behaving individual flows\ncan indeed be reliably segregated with zero false\npositives.},\nlangid = {english}\n}<\/code><\/pre><\/div>Connected cars need robust protection against network attacks. Network anomaly detection and prevention on board will be particularly fast and reliable when situated on the lowest possible layer. Blocking traffic on a low layer, however, causes severe harm if triggered erroneously by falsely positive alarms. In this paper, we introduce and evaluate a concept for detecting anomalous traffic using the ingress control of Time-Sensitive Networking (TSN). We build on the idea that already defined TSN traffic descriptors for in-car network configurations are rigorous, and hence any observed violation should not be a false positive. Also, we use Software-Defined Networking (SDN) technologies to collect and evaluate ingress anomaly reports, to identify the generating flows, and to ban them from the network. We evaluate our concept by simulating a real-world zonal network topology of a future car. Our findings confirm that abnormally behaving individual flows can indeed be reliably segregated with zero false positives.<\/blockquote> <\/li> <\/ul>
2019<\/h3>
- <\/a> T. H\u00e4ckel, P. Meyer, F. Korf, and T. C. Schmidt, “SDN4CoRE: A Simulation Model for Software-Defined Networking for Communication over Real-Time Ethernet,” in Proceedings of the 6th International OMNeT++ Community Summit 2019<\/span>, 2019, p. 24\u201331.
@InProceedings{ hmks-smsdn-19,\nauthor = {Timo H{\\\"a}ckel and Philipp Meyer and Franz Korf and\nThomas C. Schmidt},\neditor = {Meyo Zongo and Antonio Virdis and Vladimir Vesely and\nZeynep Vatandas and Asanga Udugama and Koojana Kuladinithi\nand Michael Kirsche and Anna F{\\\"o}rster},\ntitle = {{SDN4CoRE: A Simulation Model for Software-Defined\nNetworking for Communication over Real-Time Ethernet}},\nbooktitle = {Proceedings of the 6th International OMNeT++ Community\nSummit 2019},\nmonth = dec,\nyear = 2019,\npages = {24--31},\nvolume = {66},\npublisher = {EasyChair},\nurl = {https:\/\/easychair.org\/publications\/paper\/1TnZ},\nissn = {2398-7340},\ndoi = {10.29007\/w71t},\neprinttype = {arxiv},\neprint = {1908.09649},\nabstract = {Ethernet has become the next standard for automotive and\nindustrial automation networks. Standard extensions such as\nIEEE 802.1Q Time-Sensitive Networking (TSN) have been\nproven to meet the real-time and robustness requirements of\nthese environments. Augmenting the TSN switching by\nSoftware- Defined Networking functions promises additional\nbenefits: A programming option for TSN devices can add much\nvalue to the resilience, security, and adaptivity of the\nenvironment. Network simulation allows to model highly\ncomplex networks before assembly and is an essential\nprocess for the design and validation of future networks.\nStill, a simulation environment that supports programmable\nreal-time networks is missing. This paper fills the gap by\nsharing our simulation model for Software-Defined\nNetworking for Communication over Real-Time Ethernet\n(SDN4CoRE) and present initial results in modeling\nprogrammable real-time networks. In a case study, we show\nthat SDN4CoRE can simulate complex programmable real-time\nnetworks and allows for testing and verifying the\nprogramming of real-time devices.},\nseries = {EPiC Series in Computing},\nbibsource = {EasyChair, https:\/\/easychair.org},\nlangid = {english}\n}<\/code><\/pre><\/div>Ethernet has become the next standard for automotive and industrial automation networks. Standard extensions such as IEEE 802.1Q Time-Sensitive Networking (TSN) have been proven to meet the real-time and robustness requirements of these environments. Augmenting the TSN switching by Software- Defined Networking functions promises additional benefits: A programming option for TSN devices can add much value to the resilience, security, and adaptivity of the environment. Network simulation allows to model highly complex networks before assembly and is an essential process for the design and validation of future networks. Still, a simulation environment that supports programmable real-time networks is missing. This paper fills the gap by sharing our simulation model for Software-Defined Networking for Communication over Real-Time Ethernet (SDN4CoRE) and present initial results in modeling programmable real-time networks. In a case study, we show that SDN4CoRE can simulate complex programmable real-time networks and allows for testing and verifying the programming of real-time devices.<\/blockquote> <\/li>
<\/a> <\/a> M. Cakir, T. H\u00e4ckel, S. Reider, P. Meyer, F. Korf, and T. C. Schmidt, “A QoS Aware Approach to Service-Oriented Communication in Future Automotive Networks,” in 2019 IEEE Vehicular Networking Conference (VNC)<\/span>, Piscataway, NJ, USA, 2019. @InProceedings{chrmk-qosso-19,\nauthor = {Mehmet Cakir AND Timo H{\\\"a}ckel AND Sandra Reider AND Philipp Meyer AND Franz Korf AND Thomas C. Schmidt},\nbooktitle = {2019 IEEE Vehicular Networking Conference (VNC)},\ntitle = {{A QoS Aware Approach to Service-Oriented Communication in Future Automotive Networks}},\nyear = {2019},\naddress = {Piscataway, NJ, USA},\nmonth = dec,\npublisher = {IEEE Press},\nabstract = {Service-Oriented Architecture (SOA) is about to enter\nautomotive networks based on the SOME\/IP middleware and an\nEthernet high-bandwidth communication layer. It promises to\nmeet the growing demands on connectivity and flexibility\nfor software components in modern cars. Largely\nheterogeneous service requirements and time-sensitive\nnetwork functions make Quality-of-Service (QoS) agreements\na vital building block within future automobiles. Existing\nmiddleware solutions, however, do not allow for a dynamic\nselection of QoS. This paper presents a service-oriented\nmiddleware for QoS aware communication in future cars. We\ncontribute a protocol for dynamic QoS negotiation along\nwith a multi-protocol stack, which supports the different\ncommunication classes as derived from a thorough\nrequirements analysis. We validate the feasibility of our\napproach in a case study and evaluate its performance in a\nsimulation model of a realistic in-car network. Our\nfindings indicate that QoS aware communication can indeed\nmeet the requirements, while the impact of the service\nnegotiations and setup times of the network remain\nacceptable provided the cross-traffic during negotiations\nstays below 70\\% of the available bandwidth.},\ndoi = {10.1109\/VNC48660.2019.9062794},\neprint = {1911.01805},\neprinttype = {arxiv},\nlangid = {english},\nlocation = {Los Angeles, California, USA},\nurl = {https:\/\/ieeexplore.ieee.org\/document\/9062794},\n}<\/code><\/pre><\/div>Service-Oriented Architecture (SOA) is about to enter automotive networks based on the SOME\/IP middleware and an Ethernet high-bandwidth communication layer. It promises to meet the growing demands on connectivity and flexibility for software components in modern cars. Largely heterogeneous service requirements and time-sensitive network functions make Quality-of-Service (QoS) agreements a vital building block within future automobiles. Existing middleware solutions, however, do not allow for a dynamic selection of QoS. This paper presents a service-oriented middleware for QoS aware communication in future cars. We contribute a protocol for dynamic QoS negotiation along with a multi-protocol stack, which supports the different communication classes as derived from a thorough requirements analysis. We validate the feasibility of our approach in a case study and evaluate its performance in a simulation model of a realistic in-car network. Our findings indicate that QoS aware communication can indeed meet the requirements, while the impact of the service negotiations and setup times of the network remain acceptable provided the cross-traffic during negotiations stays below 70\\% of the available bandwidth.<\/blockquote> <\/li>
<\/a> P. Meyer, F. Korf, T. Steinbach, and T. C. Schmidt, “Simulation of Mixed Critical In-vehicular Networks,” in Recent Advances in Network Simulation<\/span>, Springer, 2019, p. 317\u2013345. @incollection{mkss-smcin-19,\ntitle={Simulation of Mixed Critical In-vehicular Networks},\nauthor={Meyer, Philipp and Korf, Franz and Steinbach, Till and Schmidt, Thomas C},\nbooktitle={Recent Advances in Network Simulation},\npages={317--345},\nyear={2019},\npublisher={Springer},\nisbn = {978-3-030-12842-5},\ndoi = {10.1007\/978-3-030-12842-5_10},\neprinttype = {arxiv},\neprint = {1808.03081},\nurl = {https:\/\/link.springer.com\/chapter\/10.1007\/978-3-030-12842-5_10},\nabstract = {Future automotive applications ranging from advanced driver assistance to autonomous driving will largely increase demands on in-vehicular networks. Data flows of high bandwidth or low latency requirements, but in particular many additional communication relations will introduce a new level of complexity to the in-car communication system. It is expected that future communication backbones which interconnect sensors and actuators with Electronic Control Units (ECUs) in cars will be built on Ethernet technologies. However, signaling from different application domains demands for network services of tailored attributes, including real-time transmission protocols as defined in the Time-Sensitive Networking (TSN) Ethernet extensions. These Quality of Service (QoS) constraints will increase network complexity even further. Event-based simulation is a key technology to master the challenges of an in-car network design. This chapter introduces the domain-specific aspects and simulation models for in-vehicular networks and presents an overview of the car-centric network design process. Starting from a domain-specific description language, we cover the corresponding simulation models with their workflows and apply our approach to a related case study for an in-car network of a premium car.}\n}<\/code><\/pre><\/div>Future automotive applications ranging from advanced driver assistance to autonomous driving will largely increase demands on in-vehicular networks. Data flows of high bandwidth or low latency requirements, but in particular many additional communication relations will introduce a new level of complexity to the in-car communication system. It is expected that future communication backbones which interconnect sensors and actuators with Electronic Control Units (ECUs) in cars will be built on Ethernet technologies. However, signaling from different application domains demands for network services of tailored attributes, including real-time transmission protocols as defined in the Time-Sensitive Networking (TSN) Ethernet extensions. These Quality of Service (QoS) constraints will increase network complexity even further. Event-based simulation is a key technology to master the challenges of an in-car network design. This chapter introduces the domain-specific aspects and simulation models for in-vehicular networks and presents an overview of the car-centric network design process. Starting from a domain-specific description language, we cover the corresponding simulation models with their workflows and apply our approach to a related case study for an in-car network of a premium car.<\/blockquote> <\/li>
<\/a> <\/a> T. H\u00e4ckel, P. Meyer, F. Korf, and T. C. Schmidt, “Software-Defined Networks Supporting Time-Sensitive In-Vehicular Communication,” in Proc. of the IEEE 89th Vehicular Technology Conference: VTC2019-Spring<\/span>, Piscataway, NJ, USA, 2019. @InProceedings{ hmks-snsti-19,\nauthor = {Timo H{\\\"a}ckel and Philipp Meyer and Franz Korf and\nThomas C. Schmidt},\ntitle = {{Software-Defined Networks Supporting Time-Sensitive\nIn-Vehicular Communication}},\nbooktitle = {Proc. of the IEEE 89th Vehicular Technology Conference:\nVTC2019-Spring},\nlocation = {Kuala Lumpur, Malaysia},\nmonth = apr,\nyear = 2019,\npublisher = {IEEE Press},\naddress = {Piscataway, NJ, USA},\nissn = {1090-3038},\ndoi = {10.1109\/VTCSpring.2019.8746473},\nurl = {https:\/\/ieeexplore.ieee.org\/document\/8746473},\neprinttype = {arxiv},\neprint = {1903.08039},\nabstract = {Future in-vehicular networks will be based on Ethernet.\nThe IEEE Time-Sensitive Networking (TSN) is a promising\ncandidate to satisfy real-time requirements in future car\ncommunication. Software-Defined Networking (SDN) extends\nthe Ethernet control plane with a programming option that\ncan add much value to the resilience, security, and\nadaptivity of the automotive environment. In this work, we\nderive a first concept for combining Software-Defined\nNetworking with Time-Sensitive Networking along with an\ninitial evaluation. Our measurements are performed via a\nsimulation that investigates whether an SDN architecture is\nsuitable for time-critical applications in the car. Our\nfindings indicate that the advanced control overhead of SDN\ncan be added without a delay penalty for the TSN traffic\nwhen protocols are mapped properly.},\nlangid = {english}\n}<\/code><\/pre><\/div>Future in-vehicular networks will be based on Ethernet. The IEEE Time-Sensitive Networking (TSN) is a promising candidate to satisfy real-time requirements in future car communication. Software-Defined Networking (SDN) extends the Ethernet control plane with a programming option that can add much value to the resilience, security, and adaptivity of the automotive environment. In this work, we derive a first concept for combining Software-Defined Networking with Time-Sensitive Networking along with an initial evaluation. Our measurements are performed via a simulation that investigates whether an SDN architecture is suitable for time-critical applications in the car. Our findings indicate that the advanced control overhead of SDN can be added without a delay penalty for the TSN traffic when protocols are mapped properly.<\/blockquote> <\/li>
<\/a> P. Meyer, T. H\u00e4ckel, F. Korf, and T. C. Schmidt, “DoS Protection through Credit Based Metering – Simulation-Based Evaluation for Time-Sensitive Networking in Cars,” in Proceedings of the 6th International OMNeT++ Community Summit 2019<\/span>, 2019, p. 52\u201359. @InProceedings{ mhks-dpcbm-19,\nauthor = {Philipp Meyer and Timo H{\\\"a}ckel and Franz Korf and\nThomas C. Schmidt},\neditor = {Meyo Zongo and Antonio Virdis and Vladimir Vesely and\nZeynep Vatandas and Asanga Udugama and Koojana Kuladinithi\nand Michael Kirsche and Anna F{\\\"o}rster},\ntitle = {DoS Protection through Credit Based Metering -\nSimulation-Based Evaluation for Time-Sensitive Networking\nin Cars},\nbooktitle = {Proceedings of the 6th International OMNeT++ Community\nSummit 2019},\nmonth = dec,\nyear = 2019,\npages = {52--59},\nvolume = {66},\npublisher = {EasyChair},\nurl = {https:\/\/easychair.org\/publications\/paper\/BtKC},\nissn = {2398-7340},\ndoi = {10.29007\/pxrk},\neprinttype = {arxiv},\neprint = {1908.09646},\nabstract = {Ethernet is the most promising solution to reduce\ncomplexity and enhance the bandwidth in the next generation\nin-car networks. Dedicated Ethernet protocols enable the\nreal-time aspects in such networks. One promising candidate\nis the IEEE 802.1Q Time-Sensitive Networking protocol\nsuite. Common Ethernet technologies, however, increases the\nvulnerability of the car infrastructure as they widen the\nattack surface for many components. In this paper proposes\nan IEEE 802.1Qci based algorithm that on the one hand,\nprotects against DoS attacks by metering incoming Ethernet\nframes. On the other hand, it adapts to the behavior of the\nCredit Based Shaping algorithm, which was standardized for\nAudio\/Video Bridging, the predecessor of Time-Sensitive\nNetworking. A simulation of this proposed Credit Based\nMetering algorithm evaluates the concept.},\nseries = {EPiC Series in Computing},\nbibsource = {EasyChair, https:\/\/easychair.org},\nlangid = {english}\n}<\/code><\/pre><\/div>Ethernet is the most promising solution to reduce complexity and enhance the bandwidth in the next generation in-car networks. Dedicated Ethernet protocols enable the real-time aspects in such networks. One promising candidate is the IEEE 802.1Q Time-Sensitive Networking protocol suite. Common Ethernet technologies, however, increases the vulnerability of the car infrastructure as they widen the attack surface for many components. In this paper proposes an IEEE 802.1Qci based algorithm that on the one hand, protects against DoS attacks by metering incoming Ethernet frames. On the other hand, it adapts to the behavior of the Credit Based Shaping algorithm, which was standardized for Audio\/Video Bridging, the predecessor of Time-Sensitive Networking. A simulation of this proposed Credit Based Metering algorithm evaluates the concept.<\/blockquote> <\/li>
<\/a> F. Langer, F. Sch\u00fcppel, and L. Stahlbock, “Establishing an Automotive Cyber Defense Center,” in 17th escar Europe : embedded security in cars<\/span>, , 2019. @incollection{lss-eacdc-19,\nauthor = {Falk Langer and Fabian Sch{\\\"u}ppel and Lukas Stahlbock},\ntitle = {{Establishing an Automotive Cyber Defense Center}},\nbooktitle = {17th escar Europe : embedded security in cars},\ndoi = {10.13154\/294-6652},\nyear = {2019},\nurl = {http:\/\/hss-opus.ub.ruhr-unibochum.de\/opus4\/frontdoor\/index\/index\/docId\/6652},\nabstract = {As vehicles turn into human-transporting computers, more specific attention to the issue of long-term secure operation is needed. In order to prevent cyber-attacks on the fleet, monitoring the internal state of the individual vehicles\u2019 IT-infrastructure is required.\nIn this paper we provide a suggestion on how vehicles could be managed over the course of their lifetime. Establishment of an Automotive Cyber Defense Center is a key factor of ensuring the secure operation of the vehicle fleet by an OEM. Within this paper we demonstrate why establishing such a center is necessary, what kind of security operations it needs to perform and what stakeholders are involved in ensuring secure operation of public road transport.\nSince Cyber Defense Centers and the required technology are well-established in classical IT-infrastructure, we propose an architecture for the automotive domain which uses these technologies, highlighting the gaps in transitioning from operating a network to operation of a vehicle fleet.\nThe most important difference being the distributed, inhomogeneous and nomadic nature of a vehicle fleet. In order to overcome this gap we provide an exemplary implementation, which aims to make security relevant information available for usage within a Cyber Defense Center, using IoT-technology.},\nlangid = {english}\n}<\/code><\/pre><\/div>As vehicles turn into human-transporting computers, more specific attention to the issue of long-term secure operation is needed. In order to prevent cyber-attacks on the fleet, monitoring the internal state of the individual vehicles\u2019 IT-infrastructure is required. In this paper we provide a suggestion on how vehicles could be managed over the course of their lifetime. Establishment of an Automotive Cyber Defense Center is a key factor of ensuring the secure operation of the vehicle fleet by an OEM. Within this paper we demonstrate why establishing such a center is necessary, what kind of security operations it needs to perform and what stakeholders are involved in ensuring secure operation of public road transport. Since Cyber Defense Centers and the required technology are well-established in classical IT-infrastructure, we propose an architecture for the automotive domain which uses these technologies, highlighting the gaps in transitioning from operating a network to operation of a vehicle fleet. The most important difference being the distributed, inhomogeneous and nomadic nature of a vehicle fleet. In order to overcome this gap we provide an exemplary implementation, which aims to make security relevant information available for usage within a Cyber Defense Center, using IoT-technology.<\/blockquote> <\/li> <\/ul>
2018<\/h3>
- <\/a> T. Steinbach, Ethernet-basierte Fahrzeugnetzwerkarchitekturen f\u00fcr zuk\u00fcnftige Echtzeitsysteme im Automobil<\/span>, Wiesbaden: Springer Vieweg, 2018.
@Book{ s-ebfze-18,\nauthor = {Till Steinbach},\ntitle = {{Ethernet-basierte Fahrzeugnetzwerkarchitekturen f{\\\"u}r\nzuk{\\\"u}nftige Echtzeitsysteme im Automobil}},\nmonth = oct,\nyear = 2018,\npublisher = {Springer Vieweg},\naddress = {Wiesbaden},\nisbn = {978-3-658-23499-7},\ndoi = {10.1007\/978-3-658-23500-0},\nabstract = {Das Fahrzeugkommunikationsnetzwerk von Automobilen\nbefindet sich derzeit in einem starken Wandel. Neue\nAnwendungen aus den Bereichen der Fahrerassistenzsysteme\nund des Infotainments sowie insbesondere das automatisierte\nund autonome Fahren haben einen weit h{\\\"o}heren Bedarf an\nleistungsf{\\\"a}higen Kommunikationsverbindungen, als die\nbisher im Automobil eingesetzten Technologien garantieren\nk{\\\"o}nnen. Dies gilt insbesondere f{\\\"u}r neue Sensorik\nwie beispielsweise Kameras, Radar und Laser-Scanner, welche\ndie Umwelt mit einem hohen Detailgrad aufzeichnen und\ndaf{\\\"u}r h{\\\"o}here Bandbreiten als bisherige Systeme\n{\\\"u}bertragen m{\\\"u}ssen. Echtzeit-Ethernet ist die\nfavorisierte L{\\\"o}sung f{\\\"u}r die Herausforderungen\nzuk{\\\"u}nftiger Fahrzeugnetzwerke; es wurden jedoch, trotz\ndes Bekenntnisses gro{\\ss}er Automobilhersteller zu\nAutomotive-Ethernet, bisher keine umfassenden und auf\nrealistischen Datenverkehrsmodellen basierenden\nArchitekturanalysen durchgef{\\\"u}hrt. Die vorliegende\nArbeit leistet einen Beitrag zum Design und zur Bewertung\nneuer Ethernet-basierter Fahrzeugnetzwerkarchitekturen. Sie\nliefert Werkzeuge f{\\\"u}r die simulationsbasierte Analyse\nund Beurteilung von Netzwerkarchitekturen und evaluiert\nanhand konkreter Anwendungen, beispielsweise aus dem\nBereich der Sensorfusion, und realistischer auf realen\nVerkehrsdaten aufbauender Szenarien m{\\\"o}gliche\nNetzwerkdesigns und Konfigurationen. Dabei wird auch der\nschrittweiser {\\\"U}bergang von Legacy-Technologien hin zu\neinem rein Echtzeit-Ethernet-basierten Fahrzeugnetzwerk\nber{\\\"u}cksichtigt. Ein schrittweise Migrationspfad ist\neine wichtige Anforderung f{\\\"u}r einen erfolgreichen\nEinsatz im Automobil. Auf Basis der hierbei aus\nanalytischen Modellen sowie Simulationsstudien und einem\nrealen Fahrzeugprototyp gewonnenen Erkenntnisse werden\nDesignempfehlungen f{\\\"u}r die Entwicklung zuk{\\\"u}nftiger\nEthernet-basierter Fahrzeugnetzwerke ausgesprochen.\nMethodisch kommt in der vorliegenden Arbeit insbesondere\ndie Netzwerksimulation zum Einsatz. F{\\\"u}r die Bewertung\nneuer Fahrzeugnetzwerkarchitekturen werden Werkzeuge zur\nSimulation und Analyse zuk{\\\"u}nftiger heterogener\nEchtzeit-Ethernet-Backbones entwickelt. Damit stellt die\nArbeit eine leistungsf{\\\"a}hige\nOpen-Source-Simulationsumgebung f{\\\"u}r die Analyse\nzuk{\\\"u}nftiger Fahrzeugnetzwerke bereit, welche in\nForschung und Entwicklung frei verwendet und\nweiterentwickelt werden kann. Mithilfe eines\nPrototypfahrzeugs werden die in der Simulation sowie in\nanalytischen Modellen untersuchten Aspekte in einer realen\nFahrzeugumgebung {\\\"u}berpr{\\\"u}ft. Die Untersuchung im\nPrototyp weist die Realisierbarkeit der entwickelten\nAns{\\\"a}tze nach und zeigt auf, an welcher Stelle\nHerausforderungen und Handlungsbedarfe bei der\nImplementierung der entwickelten Konzepte bestehen. Die\nErgebnisse der Untersuchung f{\\\"u}hren zu\nDesignempfehlungen und Best Practices f{\\\"u}r\nzuk{\\\"u}nftige Backbone-Netzwerke im Automobil. Diese\numfassen unter anderem das Kommunikationsdesign, den\nEinsatz von Echtzeitverkehrsklassen, die Optimierung von\nHintergrunddatenverkehr und die Entwicklung geeigneter\nNetzwerktopologien. Es wird gezeigt, dass sich die im\nBackbone-Netzwerk erreichbaren Kennzahlen unter Einhaltung\nder Designempfehlungen um ein Vielfaches verbessern lassen.},\nlangid = {ngerman}\n}<\/code><\/pre><\/div>Das Fahrzeugkommunikationsnetzwerk von Automobilen befindet sich derzeit in einem starken Wandel. Neue Anwendungen aus den Bereichen der Fahrerassistenzsysteme und des Infotainments sowie insbesondere das automatisierte und autonome Fahren haben einen weit h\u00f6heren Bedarf an leistungsf\u00e4higen Kommunikationsverbindungen, als die bisher im Automobil eingesetzten Technologien garantieren k\u00f6nnen. Dies gilt insbesondere f\u00fcr neue Sensorik wie beispielsweise Kameras, Radar und Laser-Scanner, welche die Umwelt mit einem hohen Detailgrad aufzeichnen und daf\u00fcr h\u00f6here Bandbreiten als bisherige Systeme \u00fcbertragen m\u00fcssen. Echtzeit-Ethernet ist die favorisierte L\u00f6sung f\u00fcr die Herausforderungen zuk\u00fcnftiger Fahrzeugnetzwerke; es wurden jedoch, trotz des Bekenntnisses gro\u00dfer Automobilhersteller zu Automotive-Ethernet, bisher keine umfassenden und auf realistischen Datenverkehrsmodellen basierenden Architekturanalysen durchgef\u00fchrt. Die vorliegende Arbeit leistet einen Beitrag zum Design und zur Bewertung neuer Ethernet-basierter Fahrzeugnetzwerkarchitekturen. Sie liefert Werkzeuge f\u00fcr die simulationsbasierte Analyse und Beurteilung von Netzwerkarchitekturen und evaluiert anhand konkreter Anwendungen, beispielsweise aus dem Bereich der Sensorfusion, und realistischer auf realen Verkehrsdaten aufbauender Szenarien m\u00f6gliche Netzwerkdesigns und Konfigurationen. Dabei wird auch der schrittweiser \u00dcbergang von Legacy-Technologien hin zu einem rein Echtzeit-Ethernet-basierten Fahrzeugnetzwerk ber\u00fccksichtigt. Ein schrittweise Migrationspfad ist eine wichtige Anforderung f\u00fcr einen erfolgreichen Einsatz im Automobil. Auf Basis der hierbei aus analytischen Modellen sowie Simulationsstudien und einem realen Fahrzeugprototyp gewonnenen Erkenntnisse werden Designempfehlungen f\u00fcr die Entwicklung zuk\u00fcnftiger Ethernet-basierter Fahrzeugnetzwerke ausgesprochen. Methodisch kommt in der vorliegenden Arbeit insbesondere die Netzwerksimulation zum Einsatz. F\u00fcr die Bewertung neuer Fahrzeugnetzwerkarchitekturen werden Werkzeuge zur Simulation und Analyse zuk\u00fcnftiger heterogener Echtzeit-Ethernet-Backbones entwickelt. Damit stellt die Arbeit eine leistungsf\u00e4hige Open-Source-Simulationsumgebung f\u00fcr die Analyse zuk\u00fcnftiger Fahrzeugnetzwerke bereit, welche in Forschung und Entwicklung frei verwendet und weiterentwickelt werden kann. Mithilfe eines Prototypfahrzeugs werden die in der Simulation sowie in analytischen Modellen untersuchten Aspekte in einer realen Fahrzeugumgebung \u00fcberpr\u00fcft. Die Untersuchung im Prototyp weist die Realisierbarkeit der entwickelten Ans\u00e4tze nach und zeigt auf, an welcher Stelle Herausforderungen und Handlungsbedarfe bei der Implementierung der entwickelten Konzepte bestehen. Die Ergebnisse der Untersuchung f\u00fchren zu Designempfehlungen und Best Practices f\u00fcr zuk\u00fcnftige Backbone-Netzwerke im Automobil. Diese umfassen unter anderem das Kommunikationsdesign, den Einsatz von Echtzeitverkehrsklassen, die Optimierung von Hintergrunddatenverkehr und die Entwicklung geeigneter Netzwerktopologien. Es wird gezeigt, dass sich die im Backbone-Netzwerk erreichbaren Kennzahlen unter Einhaltung der Designempfehlungen um ein Vielfaches verbessern lassen.<\/blockquote> <\/li> <\/ul><\/p>\n\n\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
2021 T. Haugg, M. F. Soltani, Timo H\u00e4ckel, P. Meyer, F. Korf, and T. C. Schmidt, “Simulation-based Evaluation of a Synchronous Transaction Model for Time-Sensitive Software-Defined Networks,” in Proceedings of the 8th International OMNeT++ Community Summit 2021, 2021. [Bibtex] [Abstract] [Slides] [External Link] @InProceedings{ hshmk-ssttn-21, author = {Tobias Haugg and Mohammad Fazel Soltani and Timo […]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"ngg_post_thumbnail":0},"_links":{"self":[{"href":"https:\/\/secvi.inet.haw-hamburg.de\/index.php\/wp-json\/wp\/v2\/pages\/54"}],"collection":[{"href":"https:\/\/secvi.inet.haw-hamburg.de\/index.php\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/secvi.inet.haw-hamburg.de\/index.php\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/secvi.inet.haw-hamburg.de\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/secvi.inet.haw-hamburg.de\/index.php\/wp-json\/wp\/v2\/comments?post=54"}],"version-history":[{"count":48,"href":"https:\/\/secvi.inet.haw-hamburg.de\/index.php\/wp-json\/wp\/v2\/pages\/54\/revisions"}],"predecessor-version":[{"id":913,"href":"https:\/\/secvi.inet.haw-hamburg.de\/index.php\/wp-json\/wp\/v2\/pages\/54\/revisions\/913"}],"wp:attachment":[{"href":"https:\/\/secvi.inet.haw-hamburg.de\/index.php\/wp-json\/wp\/v2\/media?parent=54"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}