Modern vehicles such as cars, trucks, planes and trains typically use tens to over a hundred networked electronic devices ranging from simple sensors generating various feedback signal messages to more complicated Electronic Control Units (ECUs) consisting of microcontrollers and microcomputers for control of vehicle systems and operations, to support communication between the vehicle and systems external to the vehicle, and to provide applications to users. The originally installed devices on a vehicle are authenticated or assumed to be authentic during the device or vehicle manufacturing process. Accordingly, no provisions are made for further device authentication to be performed after the vehicle leaves the vehicle manufacturing plant. Consequently, without an authorization protocol in place, unauthorized devices can be easily installed into the in-vehicle network or used to replace existing devices on a vehicle. Unauthorized aftermarket devices can also be attached to the in-vehicle network to provide user services and communicate with other in-vehicle devices. Similar problems exist in industrial floor, home automation, and other networked device systems.
In-vehicle device authentication systems that support widely diverse in-vehicle devices over heterogeneous networks are unavailable. For example, since Controller Area Network (CAN) buses do not provide device authentication mechanisms, application-layer authentication mechanisms such as the seed-key method have been used to control access to ECU firmware from external diagnostic tools for ECU firmware updates. These application-layer authentication mechanisms, however, cannot support authentication of all types of in-vehicle networks, especially devices that only send but not receive data (e.g., sensors) and devices that are incapable of performing sophisticated cryptographic operations. Various authentication tools for in-vehicle Ethernet networks are limited to supporting device authentication at the Ethernet MAC layer. Therefore, the application layer and network-specific authentication protocols are unable to provide for authentication of in-vehicle electronic devices having varying different communication and processing capabilities.