Rising complexity of in-vehicle electronics is enabling new capabilities like autonomous driving and active safety. However, rising automation also increases risk of security threats which is compounded by lack of in-built security measures in legacy networks like CAN, allowing attackers to observe, tamper and modify information shared over such broadcast networks. Various intrusion detection approaches have been proposed to detect and tackle such threats, with machine learning models proving highly effective. However, deploying machine learning models will require high processing power through high-end processors or GPUs to perform them close to line rate. In this paper, we propose a hybrid FPGA-based ECU approach that can transparently integrate IDS functionality through a dedicated off-the-shelf hardware accelerator that implements a deep-CNN intrusion detection model. Our results show that the proposed approach provides an average accuracy of over 99% across multiple attack datasets with 0.64% false detection rates while consuming 94% less energy and achieving 51.8% reduction in per-message processing latency when compared to IDS implementations on GPUs.

翻译：车载电子系统日益复杂，正在赋能自动驾驶、主动安全等新功能。然而，自动化程度的提升也增加了安全威胁的风险，而传统网络（如CAN）缺乏内置安全机制，使得攻击者能够观察、篡改和修改在广播网络上共享的信息。针对此类威胁，研究人员已提出多种入侵检测方法，其中机器学习模型被证明非常有效。然而，部署机器学习模型需要借助高端处理器或GPU提供强大算力，才能以接近线路速率运行。本文提出一种基于FPGA的混合ECU方案，通过专用的现成硬件加速器透明地集成入侵检测系统功能，该加速器实现了深度CNN入侵检测模型。实验结果表明，与GPU上的入侵检测系统实现相比，该方案在多个攻击数据集上的平均准确率超过99%，误检率为0.64%，能耗降低94%，每条消息处理延迟减少51.8%。