Physical Security for Fleet Management Systems

Fleet Management (FM) deals with the management of transport, distribution, and logistics of national and international goods exchange, in which many operators worldwide are involved. Fleet management involves many security-relevant participating entities, such as vehicles, FM mobile clients, smart trackers with goods, drivers, etc. Existing automated fleet management systems are basically vulnerable to physical replacement attacks when managed by mass-produced electronic identities. Analog Physical Unclonable Functions (PUFs) failed to serve as unclonable electronic identities due to being costly, unstable and inefficient for such mass-usage. We propose in this paper to deploy the Secret Unknown Ciphers (SUCs) techniques introduced a decade ago as digital low-cost clone-resistant identities to be embedded in selected participating electronic Fleet Management System (FMS) units. SUCs, as stable self-created digital modules to be embedded in future smart non-volatile (NV)-FPGA devices, are expected to cover all emerging FMS physical security requirements. Such information-retaining units (when switched-off) are emerging to become widely used as ultra-low-power mass-products in automotive environment. We propose a new FMS security architecture based on embedding SUC modules in each security-relevant entity in the FMS such as vehicles, mobile clients, smart trackers and goods. This paper investigates the expected technical impacts when using SUCs technology as physical security anchors in a standard FMS configuration. Several SUC-related generic security protocols adapted to the FM environment show how to securely-link tracing of goods, tracks routing, and personnel in such FM system. It is also shown how to combine other biometric fingerprints to simplify personal liability and enhance the security management in such globally-operating automated procedures. The presented security analysis of the resulting FMS shows that the major security concerns in existing FMSs can be resolved. One major advantage of SUC technique, is that device-manufacturers can be largely-excluded as security players. The FPGA technology required for the SUC solution is currently not available and is thought for future use. The concept is ultimately applicable if the future electronic mass products would deploy self-reconfiguring non-volatile (flash-based) System on Chip smart units. Such units are expected to dominate future Internet of Things (IoT) ultra-low-energy applications, as power-off does not lose any information. The proposed SUC strategy is highly flexible, scalable, and applicable to cover a large class of globally operating protection mechanisms similar to those of the addressed FMS scenarios.