In any distributed networks, integrity and/or confidentially of data communication is a core aspect when using such distributed networks in security and/or safety sensitive environments. Integrity of data communication comprises the integrity of the data communicated over the communication medium of a distributed network and the integrity of the network devices participating in the data communication. An illegitimate network device may compromise the data communication on the distributed network.
A Fieldbus CAN (Controller Area Network), which is the abbreviation of Controller Area Network, is an example of a typical distributed network, which interconnects several electronic control units (ECUs) via a shared wired communication medium. The fieldbus CAN is typically used for decentralized control functions in safety relevant environments. Compared to other field bus, the fieldbus CAN has a high reliability, low cost and other advantages, so it has been widely used. In particular, CAN bus plays an important role in intelligent control system and provides an open communications platform to allow for real-time exchange of data between the networked units.
The open nature of interconnection to distributed networks such as the fieldbus CAN communication system implies insecurity. Because broadcast packet mode communication, illegal access to the listeners can get the channel data. Moreover in case of open protocol standards, the data can easily be interpreted as meaningful information, illegitimate networked units can easily intercept bus messages, posing legal unit control, to bring great security risk, which for high safety requirements for intelligent system is unacceptable, and therefore need to consider the integrity and confidentiality of data communications. Integrity and confidentiality of data communications is typically obtained by using authentication and/or encryption based on shared secrets shared among legitimate networked units.