Designed using vehicle requirements, Scalable service-Oriented MiddlewarE over IP (SOME/IP) has been adopted and used as one of the Ethernet communication standard protocols in the AUTomotive Open System Architecture (AUTOSAR). However, SOME/IP was designed without considering security, and its vulnerabilities have been demonstrated through research. In this paper, we propose a SOME/IP communication protection method using an authentication server (AS) and tickets to mitigate the infamous SOME/IP man-in-the-middle (MITM) attack. Reliable communication between the service-providing node and the node using SOME/IP communication is possible through the ticket issued from the authentication server. This method is relatively light in operation at each node, has good scalability for changes such as node addition, guarantees freshness, and provides interoperability with the existing SOME/IP protocol.
Keywords: SOME/IP; authentication ticket; automotive Ethernet; in-vehicle network; security.