Copy protection for automotive electronic control units using authenticity heartbeat signals

Protection of intellectual property rights is a vital aspect for the future automotive supplier market, in particular for the aftersales market for ECUs. Computer security can deliver the required protection mechanisms and sustain the according business models. We propose an approach to facilitate the rigorous checking of components for originality in a vehicle. In our system model, a security controller receives special messages (i.e., the authenticity heartbeat signal) from relevant ECUs and it performs subsequent authentication and plausibility checks. As a result, the security controller can tell, if the current setup of components in the vehicle is original. We evaluate our authentication architecture for the Battery Management System (BMS) of a hybrid car. Here, the security controller detects reliably, if the BMS is an original component, and whether an attacker has modified the operational limits of the battery. In this paper, we reason that an effective copy protection scheme needs to fuse relevant information from different sources. Therefore, various security techniques have to be combined in a sound architectural approach. The distinctive feature of our architecture is that it takes into account application-specific knowledge of the real-time entities under control.