{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,2]],"date-time":"2026-05-02T12:04:53Z","timestamp":1777723493668,"version":"3.51.4"},"reference-count":37,"publisher":"MDPI AG","issue":"2","license":[{"start":{"date-parts":[[2022,1,14]],"date-time":"2022-01-14T00:00:00Z","timestamp":1642118400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Key-Area Research and Development Program of Guangdong Province","award":["2020B0909030002"],"award-info":[{"award-number":["2020B0909030002"]}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61901016"],"award-info":[{"award-number":["61901016"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>The rapid development of intelligent networked vehicles (ICVs) has brought many positive effects. Unfortunately, connecting to the outside exposes ICVs to security threats. Using secure protocols is an important approach to protect ICVs from hacker attacks and has become a hot research area for vehicle security. However, most of the previous studies were carried out on V2X networks, while those on in-vehicle networks (IVNs) did not involve Ethernet. To this end, oriented to the new IVNs based on Ethernet, we designed an efficient secure scheme, including an authentication scheme using the Scalable Service-Oriented Middleware over IP (SOME\/IP) protocol and a secure communication scheme modifying the payload field of the original SOME\/IP data frame. The security analysis shows that the designed authentication scheme can provide mutual identity authentication for communicating parties and ensure the confidentiality of the issued temporary session key; the designed authentication and secure communication scheme can resist the common malicious attacks conjointly. The performance experiments based on embedded devices show that the additional overhead introduced by the secure scheme is very limited. The secure scheme proposed in this article can promote the popularization of the SOME\/IP protocol in IVNs and contribute to the secure communication of IVNs.<\/jats:p>","DOI":"10.3390\/s22020647","type":"journal-article","created":{"date-parts":[[2022,1,16]],"date-time":"2022-01-16T20:45:21Z","timestamp":1642365921000},"page":"647","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":31,"title":["An Authentication and Secure Communication Scheme for In-Vehicle Networks Based on SOME\/IP"],"prefix":"10.3390","volume":"22","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-1159-4719","authenticated-orcid":false,"given":"Bin","family":"Ma","sequence":"first","affiliation":[{"name":"School of Transportation Science and Engineering, Beihang University, Beijing 102206, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Shichun","family":"Yang","sequence":"additional","affiliation":[{"name":"School of Transportation Science and Engineering, Beihang University, Beijing 102206, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zheng","family":"Zuo","sequence":"additional","affiliation":[{"name":"School of Transportation Science and Engineering, Beihang University, Beijing 102206, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Bosong","family":"Zou","sequence":"additional","affiliation":[{"name":"China Software Testing Center, Beijing 100038, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yaoguang","family":"Cao","sequence":"additional","affiliation":[{"name":"School of Transportation Science and Engineering, Beihang University, Beijing 102206, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1676-8204","authenticated-orcid":false,"given":"Xiaoyu","family":"Yan","sequence":"additional","affiliation":[{"name":"School of Transportation Science and Engineering, Beihang University, Beijing 102206, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sida","family":"Zhou","sequence":"additional","affiliation":[{"name":"School of Transportation Science and Engineering, Beihang University, Beijing 102206, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jichong","family":"Li","sequence":"additional","affiliation":[{"name":"School of Transportation Science and Engineering, Beihang University, Beijing 102206, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"1968","published-online":{"date-parts":[[2022,1,14]]},"reference":[{"key":"ref_1","unstructured":"Mundhenk, P. (2017). Security for Automotive Electrical\/Electronic (E\/E) Architectures, Technical University of Munich."},{"key":"ref_2","unstructured":"Lock, A. (2021, October 06). Trends of Future E\/E-Architectures. Available online: https:\/\/www.gsaglobal.org\/wp-content\/uploads\/2019\/05\/Trends-of-Future-EE-Architectures.pdf."},{"key":"ref_3","unstructured":"AUTOSAR (2019). Some\/Ip Protocol Specification. Autosar Foundation Release R19-11, 696, AUTOSAR."},{"key":"ref_4","unstructured":"AUTOSAR (2019). Some\/Ip Service Discovery Protocol Specification. Autosar Foundation Release R19-11, 802, AUTOSAR."},{"key":"ref_5","unstructured":"GENIVI (2021, October 16). Vsomeip. Available online: https:\/\/github.com\/COVESA\/vsomeip."},{"key":"ref_6","unstructured":"Upstream (2021, October 16). Upstream Security Global Automotive Cybersecurity Report 2019. Available online: https:\/\/upstream.auto\/upstream-security-global-automotive-cybersecurity-report-2019\/."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Upstream (2021, October 16). Upstream Security\u2019s 2020 Global Automotive Cybersecurity Report. Available online: https:\/\/upstream.auto\/upstream-security-global-automotive-cybersecurity-report-2020\/.","DOI":"10.1016\/S1353-4858(20)30005-2"},{"key":"ref_8","unstructured":"Upstream (2021, October 16). Upstream Security\u2019s 2021 Global Automotive Cybersecurity Report. Available online: https:\/\/upstream.auto\/2021report\/."},{"key":"ref_9","first-page":"94","article-title":"A survey of remote automotive attack surfaces","volume":"2014","author":"Miller","year":"2014","journal-title":"Black Hat USA"},{"key":"ref_10","first-page":"91","article-title":"Remote exploitation of an unaltered passenger vehicle","volume":"2015","author":"Miller","year":"2015","journal-title":"Black Hat USA"},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Lu, Z., Wang, Q., Chen, X., Qu, G., Lyu, Y., and Liu, Z. (2019, January 27\u201330). LEAP: A lightweight encryption and authentication protocol for in-vehicle communications. Proceedings of the 2019 IEEE Intelligent Transportation Systems Conference (ITSC), Auckland, New Zeland.","DOI":"10.1109\/ITSC.2019.8917500"},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Agrawal, M., Huang, T., Zhou, J., and Chang, D. (2018). CAN-FD-Sec: Improving Security of CAN-FD Protocol. Proceedings of the Security and Safety Interplay of Intelligent Software Systems, Barcelona, Spain, 6\u20137 September 2018, Springer.","DOI":"10.1007\/978-3-030-16874-2_6"},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"4919","DOI":"10.3390\/s19224919","article-title":"Identity-Based Key Exchange on In-Vehicle Networks: CAN-FD & FlexRay","volume":"19","author":"Groza","year":"2019","journal-title":"Sensors"},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"2204","DOI":"10.1109\/TVT.2019.2961765","article-title":"MAuth-CAN: Masquerade-Attack-Proof authentication for in-vehicle networks","volume":"69","author":"Jo","year":"2019","journal-title":"IEEE Trans. Veh. Technol."},{"key":"ref_15","unstructured":"Bella, G., Biondi, P., Costantino, G., and Matteucci, I. (2019, January 27). TOUCAN: A protocol to secure Controller Area Network. Proceedings of the ACM Workshop on Automotive Cybersecurity, Richardson, TX, USA."},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Carel, G., Isshiki, R., Kusaka, T., Nogami, Y., and Araki, S. (2018, January 27\u201330). Design of a Message Authentication Protocol for CAN FD Based on Chaskey Lightweight MAC. Proceedings of the 2018 Sixth International Symposium on Computing and Networking Workshops (CANDARW), Takayama, Japan.","DOI":"10.1109\/CANDARW.2018.00057"},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Siddiqui, A.S., Gui, Y., Plusquellic, J., and Saqib, F. (2017, January 6\u20139). Secure communication over CANBus. Proceedings of the 2017 IEEE 60th International Midwest Symposium on Circuits and Systems (MWSCAS), Boston, MA, USA.","DOI":"10.1109\/MWSCAS.2017.8053160"},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"126388","DOI":"10.1109\/ACCESS.2021.3109952","article-title":"Triple ID Flexible MAC for Can Security Improvement","volume":"9","author":"Kim","year":"2021","journal-title":"IEEE Access"},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Lee, T., Liao, R., Lin, I., and Tsai, J. (2019, January 25\u201330). A Novel FlexRay\/Ethernet Gateway for In-Vehicle Networks. Proceedings of the 2019 8th International Conference on Innovation, Communication and Engineering (ICICE), Zhengzhou, China.","DOI":"10.1109\/ICICE49024.2019.9117469"},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Lee, T.-Y., Lin, I.-A., and Liao, R.-H. (2020). Design of a FlexRay\/Ethernet Gateway and Security Mechanism for In-Vehicle Networks. Sensors, 20.","DOI":"10.3390\/s20030641"},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"19","DOI":"10.1007\/s12239-021-0003-9","article-title":"Design and Implementation of Security Function According to Routing Method in Automotive Gateway","volume":"22","author":"Park","year":"2021","journal-title":"Int. J. Automot. Technol."},{"key":"ref_22","unstructured":"Park, J.S., Heurtefeux, K., Eom, S., and Kim, D. (2020, January 21\u201323). Routing Methods Considering Security and Real-Time of Vehicle Gateway System. Proceedings of the WCX SAE World Congress Experience, Detroit, MI, USA."},{"key":"ref_23","unstructured":"Forouzan, B.A., and Mukhopadhyay, D. (2015). Cryptography and Network Security, Mc Graw Hill Education (India) Private Limited."},{"key":"ref_24","unstructured":"(2018). ISO\/EC\/IEEE International Standard\u2014Part 3: Standard for Ethernet\u2014Amendment 1: Physical Layer Specifications and Management Parameters for 100 Mb\/S Operation over a Single Balanced Twisted Pair Cable (100base-T1). Standard No. ISO\/IEC\/IEEE 8802-3:2017\/Amd 1:2017(E)."},{"key":"ref_25","unstructured":"(2011). Road Vehicles\u2014Diagnostic Communication over Internet Protocol (Doip)\u2014Part 1: General Information and Use Case Definition. Standard No. ISO 13400-1:2011."},{"key":"ref_26","unstructured":"(2012). Road Vehicles\u2014Diagnostic Communication over Internet Protocol (Doip)\u2014Part 2: Transport Protocol and Network Layer Services. Standard No. ISO 13400-2:2012."},{"key":"ref_27","unstructured":"Patzer, A., and Zaiser, R. (2016). Xcp\u2013the Standard Protocol for Ecu Development, Vector Informatik Gmbh."},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"2248","DOI":"10.1109\/TITS.2016.2519464","article-title":"A practical security architecture for in-vehicle CAN-FD","volume":"17","author":"Woo","year":"2016","journal-title":"IEEE Trans. Intell. Transp. Syst."},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Cho, K.-T., and Shin, K.G. (2016, January 24\u201328). Error handling of in-vehicle networks makes them vulnerable. Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria.","DOI":"10.1145\/2976749.2978302"},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Khan, J. (2017, January 4\u20135). Vehicle network security testing. Proceedings of the 2017 Third International Conference on Sensing, Signal Processing and Security (ICSSS), Chennai, India.","DOI":"10.1109\/SSPS.2017.8071577"},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Marchetti, M., and Stabili, D. (2017, January 11\u201314). Anomaly detection of CAN bus messages through analysis of ID sequences. Proceedings of the 2017 IEEE Intelligent Vehicles Symposium (IV), Los Angeles, CA, USA.","DOI":"10.1109\/IVS.2017.7995934"},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Iehira, K., Inoue, H., and Ishida, K. (2018, January 12\u201315). Spoofing attack using bus-off attacks against a specific ECU of the CAN bus. Proceedings of the 2018 15th IEEE Annual Consumer Communications & Networking Conference (CCNC), Las Vegas, NV, USA.","DOI":"10.1109\/CCNC.2018.8319180"},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Zuo, Z., Yang, S., Ma, B., Zou, B., Cao, Y., Li, Q., Zhou, S., and Li, J. (2021). Design of a CANFD to SOME\/IP Gateway Considering Security for In-Vehicle Networks. Sensors, 21.","DOI":"10.3390\/s21237917"},{"key":"ref_34","doi-asserted-by":"crossref","unstructured":"Dworkin, M. (2021, October 07). Recommendation for Block Cipher Modes of Operation: Galois\/Counter Mode (GCM) for Confidentiality and Authentication. Available online: https:\/\/doi.org\/10.6028\/NIST.SP.800-38D.","DOI":"10.6028\/NIST.SP.800-38d"},{"key":"ref_35","unstructured":"Langley, A., Chang, W., Mavrogiannopoulos, N., Strombergson, J., and Josefsson, S. (2021, October 06). ChaCha20-Poly1305 Cipher Suites for Transport Layer Security (TLS). Available online: https:\/\/www.hjp.at\/doc\/rfc\/rfc7905.html."},{"key":"ref_36","unstructured":"Blanchet, B. (2021, October 16). ProVerif: Cryptographic Protocol Verifier in the Formal Model. Available online: https:\/\/bblanche.gitlabpages.inria.fr\/proverif\/."},{"key":"ref_37","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1561\/3300000004","article-title":"Modeling and verifying security protocols with the applied pi calculus and ProVerif","volume":"1","author":"Blanchet","year":"2016","journal-title":"Found. Trends\u00ae Priv. Secur."}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/22\/2\/647\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,13]],"date-time":"2025-10-13T13:27:25Z","timestamp":1760362045000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/22\/2\/647"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,1,14]]},"references-count":37,"journal-issue":{"issue":"2","published-online":{"date-parts":[[2022,1]]}},"alternative-id":["s22020647"],"URL":"https:\/\/doi.org\/10.3390\/s22020647","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,1,14]]}}}