Sensor authentication
Sensor data integrity and identity protection were shown to be primary security objectives to ensure the correctness of the vehicle control functions. With the rise of ADAS use cases, the need for trusted sensors experienced a sharp rise. A secure sensor needs to support one or more of the following security controls:
- Identity authentication
- Cryptographic data integrity and confidentiality
- Physical attack mitigation
The first control ensures that before accepting any communication from a sensor, a secure session is established, where the sensor can prove the authenticity of its identity. This can be done using a pre-provisioned sensor root public key in the ECU communicating with the sensor. Then, the sensor can be challenged to prove possession of the private key by submitting a random challenge that the sensor must sign. This step can involve exchanging an ephemeral session key (for example, using ECDH(E)) to protect further communication...
