Isolating System Faults on Vehicular Network Gateways Using Virtualization

The traditional vehicular network gateway takes charge of communication between different internal networks and helping the electric control units in vehicle to collaborate each other. Due to the increasing requirements on innovative applications such as infotainment systems and cyber-physical systems, there are significant efforts to have an external wireless network connection on the vehicles. Accordingly, the secure architecture of the network gateway that can avoid or isolate the malicious behavior of external nodes is very critical for the next-generation vehicles. In this paper, we design a safe vehicular network gateway by exploiting full virtualization technology. Since the virtualization adds additional overheads, we try to minimize this side effect while considering the security by carefully choosing the communication mechanisms in the virtualized gateway. In our preliminary implementation, we use Virtual Box to run Linux and QNX as guest operating systems, which handles external (Wi-Fi) and internal (CAN) networks, respectively. The performance measurement results show that the virtualization-based gateway adds only 10% overhead compared with non-virtualized gateway while improving the security. We also show that the multi-core processor can leverage performance improvement.