Research And Implementation Of Telematics Box Security And Reinforcement Technology

With the rapid development of wireless network,vehicles have also developed rapidly as a branch of the Internet of Things.However,despite its ability to provide users with extremely rich personalized services and a good entertainment experience,intelligent connected vehicles are also very likely to lead to security problems,such as the illegal control of vehicles and the leakage of personal privacy.In addition,the security technology of the traditional network environment is not applicable to the automotive communication system,which has created a gap in the current vehicle security antique technology and provides the attacker with many opportunities.Nowadays,the bottleneck of the development of car networking technology is mainly how to ensure the security of vehicle information.Therefore,the security reinforcement of telematics box is very important.In view of the above situation,based on the study of AUTOSAR specifications,this thesis proposes a security reinforcement solution using trusted hardware and traditional security protection measures in telematics box.Aiming at the above security problems,the security reinforcement of the telematics box itself and the secure communication with the Internet of Vehicles application service platform is designed to provide a security service module of telematics box.Its purpose is to provide a unified security service interface for terminals and third-party applications to solve their security access and privacy protection issues under the Internet of Vehicles.The main work of the thesis includes the following points:(1)Analyzed the security status of telematics box under Internet of Vehicles environment,and summarized the security threat faced by current terminal,and determined the need of security reinforcement of telematics box.(2)Referring to the automotive software standard stipulated by AUTOSAR,the hardware architecture of T-Box security reinforcement was designed based on the security element,and the four layers framework including security service layer,interface layer,driver layer,and security hardware are abstracted from the software level to isolate the hardware and software environment,provide standardized and unified security service interface,while ensuring the hardware scalability.(3)Implemented the development of the SPI driver for the communication interface between the T-Box and the SE.Used SE to complete the application's access rights control,data security storage,and PKI certificate management to ensure the data storage and data communication security of the terminal in the IoV.To solve the security problem of TLS mutual authentication of T-Box in traditional HTTPS protocol,this thesis proposed a solution based on SE.(4)Studied the architecture of SE and its secure communication protocol with T-Box.According to the resource-constrained nature of SE,optimized the calculation process of certificate parsing and large number of data signatures.Designed a complete set of APDU instructions,and implemented an APDU command interaction mechanism between T-Box and SE.(5)In combination with the actual scenario of the update of the application of T-Box,performed functional verification of the security reinforcement technology implemented in this thesis,and analyzed its feasibility and security based on the verification results.In summary,aiming at AUTOSAR,this thesis studied,designed and implemented a security reinforcement technology for T-Box based on SE,and verified the feasibility of the technology from the aspects of secure storage and secure communication.