Towards designing secure in-vehicle network architectures using community detection algorithms

Efforts in securing the in-vehicle network have resulted in a number of proposed security mechanisms in recent years. However, so far little attention has been given to the actual architecture of the in-vehicle network. An approach within in-vehicle network design is to divide the network into domains, where each domain consists of a set of Electronic Control Units (ECUs) that handles some united functionality, e.g., body control, powertrain, and telematics. Still, this approach is based on “best engineering practice” and there is room for improvements. In this paper, we study real traffic from a modern car and we try to divide the in-vehicle network into domains using automated partitioning algorithms. To find the optimum division, we select four community detection algorithms, known from social network analysis, and we evaluate their ability to find these domains. We conclude that community detection algorithms can be used to identify in-vehicle domains based on the message types (signals) used in the in-vehicle network and we demonstrate this by applying the algorithms to real data. The approach is not limited to only message types, but domains can also be identified based on other criteria, such as frequency of messages, payload sizes, or Automotive Safety Integrity Levels (ASILs). We also conclude that the identification of good domains can facilitate the implementation of security measures. Therefore, we believe that the approach has great potential to help engineers in deriving secure in-vehicle network architectures during the design of a vehicle.