Traditionally, fieldbus networks are operated in closed environments, where all communication nodes are assumed to be trustworthy. Therefore, the corresponding standards do not consider any security requirements. New technology trends, such as the upcoming Internet of Things (IoT), demand an interconnection between all components of an industrial infrastructure. As a consequence of this, there is a need for tools enabling security assessments and the simulation of protocolbased security improvements. In this paper we introduce Logboat, a flexible Python and Linux based simulation framework for security assessments on Controller Area Network (CAN) networks and make some architectural and technology-selection proposals. Subsequently, the different modules of Logboat and their capabilities are explained and a use case scenario is presented. The paper concludes with an outlook on upcoming research activities on CAN bus security where the presented framework can be of help.
With the growing availability and prevalence of internet-capable devices, the complexity of networks and associated connection management increases. Depending on the use case, different approaches in handling connectivity have emerged over the years, tackling diverse challenges in each distinct area. Exposing centralized web-services facilitates reachability; distributing information in a peer-to-peer fashion offers availability; and segregating virtual private sub-networks promotes confidentiality. A common challenge herein lies in connection establishment, particularly in discovering, and securely connecting to peers. However, unifying different aspects, including the usability, scalability, and security of this process in a single framework, remains a challenge. In this paper, we present the Stream Exchange Protocol (SEP) collection, which provides a set of building blocks for secure, lightweight, and decentralized connection establishment. These building blocks use unique identities that enable both the identification and authentication of single communication partners. By utilizing federated directories as decentralized databases, peers are able to reliably share authentic data, such as current network locations and available endpoints. Overall, this collection of building blocks is universally applicable, easy to use, and protected by state-of-the-art security mechanisms by design. We demonstrate the capabilities and versatility of the SEP collection by providing three tools that utilize our building blocks: a decentralized file sharing application, a point-to-point network tunnel using the SEP trust model, and an application that utilizes our decentralized discovery mechanism for authentic and asynchronous data distribution.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.