27322 IEEE INTERNET OF THINGS JOURNAL, VOL. 11, NO.

16, 15 AUGUST 2024

SISSA: Real-Time Monitoring of Hardware

Functional Safety and Cybersecurity With
In-Vehicle SOME/IP Ethernet Traffic
Qi Liu , Xingyu Li , Ke Sun , Member, IEEE, Yufeng Li , and Yanchen Liu

Abstract—Scalable service-oriented middleware over IP these functions, there is a growing demand for high and flexible
(SOME/IP) is an Ethernet communication standard protocol in communication bandwidths, often realized through Automotive
the automotive open system architecture (AUTOSAR), promoting Ethernet (e.g., BroadR-Reach) and IP-based communication [1].
electronic control unit (ECU)-to-ECU communication over the IP
stack. However, SOME/IP lacks a robust security architecture, scalable service-oriented middleware over IP (SOME/IP) has
making it susceptible to potential attacks. Besides, random been specifically designed to meet automotive requirements,
hardware failure of ECU will disrupt SOME/IP communication. including compatible with automotive open system architecture
In this article, we propose SISSA, a SOME/IP communication (AUTOSAR) and ensuring fast response times [2]. It supports
traffic-based approach for modeling and analyzing in-vehicle devices of various sizes and operating systems, effectively
functional safety and cyber security. Specifically, SISSA models
hardware failures with the Weibull distribution and addresses complementing traditional vehicle network technologies, such
five potential attacks on SOME/IP communication, including as control area network (CAN) bus, media-oriented systems
Distributed Denial-of-Services, man-in-the-middle, and abnormal transport (MOST), and FlexRay [3].
communication processes, assuming a malicious user accesses the Despite these advantages, ECUs relying on SOME/IP
in-vehicle network. Subsequently, SISSA designs a series of deep communication still encounter challenges during operation,
learning models with various backbones to extract features from
SOME/IP sessions among ECUs. We adopt residual self-attention including random functional failures (safety) and malicious
to accelerate the model’s convergence and enhance detection cyberattack (security). ECUs typically constitute entities
accuracy, determining whether an ECU is under attack, facing wherein hardware and software collaborate closely. Inevitably,
functional failure, or operating normally. Additionally, we have hardware components encounter random hardware failures
created and annotated a data set encompassing various classes, during their lifecycle, thereby impacting the normal func-
including indicators of attack, functionality, and normalcy. This
contribution is noteworthy due to the scarcity of publicly acces- tioning of the ECU. Furthermore, SOME/IP specifications
sible data sets with such characteristics. Extensive experimental are devoid of security measures directly integrated into
results show the effectiveness and efficiency of SISSA. the protocol [4]. As a result, security vulnerabilities in
Index Terms—Electronic control units (ECUs), safety, scalable SOME/IP deployments introduce novel attack vectors that
service-oriented middleware over IP (SOME/IP), security. can be exploited to target victim vehicle [5]. Research has
demonstrated that numerous commercial vehicles display vul-
I. I NTRODUCTION nerabilities in network stack implementations, particularly in
Bluetooth, Wi-Fi, and 4G. Consequently, this exposes the
ECENT years have witnessed rapid advancements in the
R connected and automated vehicles (CAVs), whose key
features include the increasing number of electronic control units
potential for malicious entities to remotely access the internal
systems of cars [6].
To analyze the random functional failures and malicious
(ECUs). ECUs play a pivotal role in managing various vehicle
cyberattacks of automated vehicle, existing countermeasures
functions, such as the throttle, brake, and steering. To fulfill
can be divided into two categories: 1) risk assessment and
Manuscript received 2 April 2024; revised 21 April 2024; accepted 3 May 2) feature analysis. Hazard analysis and risk assessment
2024. Date of publication 7 May 2024; date of current version 8 August 2024. (HARA) and threat analysis and risk assessment (TARA)
This work was supported in part by the Henan Science and Technology are fundamental elements of risk assessment in the context
Major Project under Grant 221100240100; in part by the Shanghai Pujiang
Program under Grant 23PJ1403000; in part by the National Key Research and of CAVs. These processes play pivotal roles as essential
Development Program of China under Grant 2023YFB2504800; in part by stages within the ISO 26262 [7] and ISO/SAE 21434 stan-
the Songshan Laboratory Pre-Research Project under Grant YYJC042022016; dard [8], respectively. Typically, HARA employs failure-based
and in part by the Natural Science Foundation of Jiangsu Province under
Grant BK20230134. (Corresponding authors: Yufeng Li; Yanchen Liu.) methods, such as Fault Tree [9] and Failure Modes and
Qi Liu, Xingyu Li, Ke Sun, and Yanchen Liu are with the Effects Analysis (FMEA) [10], focusing on potential faults
School of Computer Engineering and Science, Shanghai University, and their impact on system safety. Additionally, system-based
Shanghai 200444, China (e-mail: [email protected]; [email protected];
[email protected]; [email protected]). approaches like HAZOP [11] and System Theoretic Process
Yufeng Li is with the School of Computer Engineering and Science, Analysis [12] comprehensively assess the system’s structure,
Shanghai University, Shanghai 200444, China, and also with the Endogenous operation, and environmental factors to evaluate overall safety.
Security Department, Purple Mountain Laboratories, Nanjing 211111, China
(e-mail: [email protected]). TARA, including methods like FMVEA [13], STPA-sec [14],
Digital Object Identifier 10.1109/JIOT.2024.3397665
2327-4662 
c 2024 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission.
See https://www.ieee.org/publications/rights/index.html for more information.
Authorized licensed use limited to: University of Michigan Library. Downloaded on February 03,2025 at 01:05:12 UTC from IEEE Xplore. Restrictions apply.
LIU et al.: SISSA: REAL-TIME MONITORING OF HARDWARE FUNCTIONAL SAFETY AND CYBERSECURITY 27323

and VeRA [15], involves the analysis of potential threats and

the formulation of appropriate mitigation strategies.
Automotive employs a variety of features, such
as the entropy of in-vehicle network [16], message
intervals [17], message correlation/consistency [18], ECU
fingerprints [19], vehicle voltage [20], communication
Fig. 1. SOME/IP packet.
characteristics [21], [22], [23], [24], etc., serving as crucial
indicators in identifying deviations from normal behavior
within the vehicle network. Statistical methods (such
as frequency statistics) and machine learning techniques malfunction identification and a flawless 99.86% average
[convolutional neural network (CNN) and long short-term F1-score for cyberattack detection.
memory (LSTM)] leverage these features to effectively detect The remainder of this article is organized as follows. The
and predict abnormal patterns. SOME/IP architecture and communication model are intro-
However, above functional failures and malicious cyber- duced in Section II. The state-of-the-art safety and security
attacks analyzing methods have the following limitations in monitoring methods of CAVs are reviewed in Section III.
the context of SOME/IP communication. First, risk assess- Section IV presents the specific design of our safety and
ment methods, such as HARA/TARA, are explored in the security monitoring model, while the performance evaluation
concept phase but focus on changes at the component and is presented in Section V. Finally, Section VII concludes this
system levels, and do not take into account variations in in- article.
vehicle communication protocol data packets. Second, feature
learning methods encounter practical challenges, suffering
II. P RELIMINARY
from time-consuming parameter adjustments, and demanding
considerable computation power. Third, SOME/IP’s network A. SOME/IP Protocol
traffic is considerably more dynamic and unpredictable than The SOME/IP protocol serves as a scalable and service-
classic automotive protocols like CAN. Establishing a baseline oriented middleware seamlessly integrated within the IP
for normal operation and detecting network flow anomalies architecture. It stands out as a distinctive member within the
becomes challenging. TCP/IP protocol suite. Initially proposed by BMW in 2011,
To overcome the above limitations, we propose a SOME/IP the protocol was subsequently integrated into the AUTOSAR
communication traffic-based approach for in-vehicle func- standard in 2013 [25], [26], [27]. As the SOME/IP speci-
tional safety and cyber security analysis (SISSA). First, fication lacks built-in security mechanisms, it is frequently
we model random hardware failures and classic attacks on employed alongside link layer security measures, like MACsec
ECUs while considering SOME/IP communication traffic. or AUTOSAR Secure Onboard Communication [3]. As one
We employ Weibull distribution to model random hardware of the protocols based on vehicular Ethernet, the SOME/IP
failures of ECUs. Given unauthorized access to the in- protocol differs from traditional in-vehicle communication
vehicle network, classic attacks on SOME/IP communication, protocols, such as CAN and LIN. It supports remote procedure
including Distributed Denial-of-Services (DDoS), man-in-the- calls (RPCs), event notifications, and the underlying serializa-
middle (MITM), and abnormal communication processes, are tion/wire format.
identified. Then, we propose three deep-learning-based models RPC facilitates the retrieval of information from an ECU
to extract features from SOME/IP packets. The adoption server by an ECU client. Notifications describe a gen-
of residual self-attention accelerates model convergence and eral Publish/Subscribe mechanism, which effectively manages
improves detection accuracy. To establish a baseline for normal the publish and subscribe relationship of a service [2].
communication evaluation, we create and annotate a data Serialization describes the representation of data in the form
set comprising diverse classes, encompassing indicators of of Protocol Data Units as payloads of UDP or TCP messages
attack, functionality, and normalcy. This contribution stands for transmission over IP-based vehicular networks. One of
out because there are very few data sets available to the public the most noteworthy features of SOME/IP is its service
that possess these particular characteristics. discovery (SD) functionality, which dynamically advertises the
The main contributions of this article can be summarized availability of various services, implements Publish/Subscribe
as follows. management, and operates exclusively over the UDP proto-
1) We propose a novel approach called SISSA to real-time col [28].
monitor in-vehicle safety and security using SOME/IP Fig. 1 shows the header frame format of SOME/IP protocol.
Ethernet traffic. According to AUTOSAR standard, SOME/IP header consists
2) We propose a SOME/IP data generation method for of the following fields.
establishing a baseline for normal communication eval- 1) Message ID (Service ID/Method ID) [32 Bits]: It is used
uation. It encompasses the classes of attack, functional to identify an RPC call or to identify an event.
failure and normal. Both code and data sets can be 2) Length [32 Bits]: It contains the length in bytes from the
accessed at https://github.com/jamesnulliu/SISSA. Request/Client ID to the end of the SOME/IP message.
3) We conducted extensive experimental assessments of 3) Request ID (Client ID/Session ID) [32 Bits]: It consists
SISSA, yielding an average F1-score of 99.2% for of a 16-bit Client ID and a 16-bit Session ID.

Authorized licensed use limited to: University of Michigan Library. Downloaded on February 03,2025 at 01:05:12 UTC from IEEE Xplore. Restrictions apply.
27324 IEEE INTERNET OF THINGS JOURNAL, VOL. 11, NO. 16, 15 AUGUST 2024

III. R ELATED W ORKS

In this section, we classify the state-of-the-art safety and
security analyzing methods of CAVs from three perspectives:
1) component-based; 2) system-based; and 3) communication
packet-based. This classification ensures a comprehensive
review, covering individual elements, their integrated func-
tionality, and the safe/secure data exchange. It is noted that
HARA/TARA is explored to analyze the safety and security of
components and systems, respectively. Conventional features
within the in-vehicle communication network are designed
to identify abnormal behavior. Subsequently, we delve into a
detailed review of risk assessment-based and feature learning-
Fig. 2. Three communication models in SOME/IP. (a) Request/response. based analysis methods as follows.
(b) Fire and forget. (c) Events.

A. Risk Assessment-Based
4) Protocol Version [8 Bits]: It identifies the used SOME/IP HARA is a pivotal part developed within functional safety
header format (excluding the payload format). standard ISO 26262. It systematically identifies and assesses
5) Interface Version [8 Bits]: It represents the main field potential hazards and risks within Electrical/Electronic
interface version. systems, offering guidance during the design and development
6) Message Type [8 Bits]: It is used to distinguish between phases to ensure that vehicles comply with rigorous func-
different types of packets. Normally, there are ten tional safety requirements throughout their entire lifecycle.
different message types for SOME/IP protocols. HARA employs failure-based and system-based methods. For
7) Return Code [8 Bits]: It is used to indicate whether a instance, Fault Tree [9] analyzes and represents the logical
request is successfully been processed. relationships among various potential faults and their con-
8) Payload [Variable Size]: It represents the information tributing events within a system. FMEA [10] evaluate sand
content to be delivered. prioritizes potential failure modes in a system, identifying their
causes and effects, and implementing preventive measures
to enhance safety. Besides, HAZOP (Hazard and Operability
B. Communication Model Study) [11] systematically identifies and assesses potential
In this section, we consider the communication model of hazards and operability issues by examining deviations from
SOME/IP. The SOME/IP protocol defines three main commu- the intended design conditions. STPA [12] mitigates hazardous
nication models as shown in Fig. 2. states and their corresponding causal factors within complex
Request/Response: The Request/Response pattern is one of systems by employing system theory principles.
the most common communication patterns, where a request is Aligned with vehicle cybersecurity standard ISO/SAE
initiated by one communication partner (client) and responded 21434, TARA ensures effective defense mechanisms and sig-
by another communication partner (server). Request/Response nificant cost savings in the early stages of vehicle development.
communication is essentially an RPC that consists of a request It systematically analyzes potential threats to vehicle systems,
and a response [28]. Specifically, a typical request bearing the determining hierarchical defense strategies and implement-
message type 0x00 anticipates a singular response denoted by ing corresponding mitigations based on identified threats.
the message type 0x80. TARA employs formula-based methods and model-based
Fire and Forget: This communication is an RPC that methods [29]. Formula-based methods, such as EVITA [30],
consists only of a request message. In the Fire and Forget com- HEAVENS [31], and SARA [32], mainly utilize tables, texts,
munication pattern, the request initiated by the message sender or formulas. Model-based methods, such as PASTA [33],
does not necessitate a response message. The request message STPA-sec [14], Attack Tree [34], etc., are utilized for modeling
type associated with this pattern is REQUEST_NO_RETURN. and analyzing the threats and risks of the system through
Events: This communication pattern entails a client send- data flow diagrams, graphs, and tree models. Formula-based
ing a subscription request to access a service. In certain TARA methods, due to their maturity and user-friendly nature,
scenarios, the server may dispatch an event to the client, enjoy broader adoption and usage, especially among users with
which means the client that sent the subscription request will limited security experience. Formula-based TARA methods
receive the service. Various sending strategies are employed are more mature and convenient for users without too much
for different events, including periodic updates from the security experience. As a result, they are more widely spread
server to the client or immediate notifications upon any and used. While model-based methods are more complex and
change in a value. It is noteworthy that, for both subscrip- therefore more difficult to understand and use.
tion and event messages, the designated message type is
NOTIFICATION. Importantly, when the server transmits an B. Feature Learning-Based
event to the client, the client is not required to provide a The vehicular abnormal detection aims to detect anoma-
response. lies by exploiting in-vehicle features. It is noteworthy that

Authorized licensed use limited to: University of Michigan Library. Downloaded on February 03,2025 at 01:05:12 UTC from IEEE Xplore. Restrictions apply.
LIU et al.: SISSA: REAL-TIME MONITORING OF HARDWARE FUNCTIONAL SAFETY AND CYBERSECURITY 27325

TABLE I
C OMPARISON W ITH E XISTING V EHICULAR SOME/IP-BASED S AFETY AND S ECURITY A NALYSIS M ETHODS . T HE C RITERIA I NCLUDE :
THE E XPLOITED C OMMUNICATION M ODEL , THE T YPE OF D ETECTION A LGORITHMS , THE A NALYSIS TARGET, THE O PEN -S OURCE
DATA AND C ODE , AND W HETHER M EETING THE R EAL -T IME R EQUIREMENTS D EFINED IN IEEE 802.1DG [35].
RB AND ML I NDICATE THE RULE -BASED AND M ACHINE -L EARNING -BASED

abnormal detection on the CAN bus has advanced significantly, model, are employed to learn SOME/IP communication packet
supported by ample-related research literature. Existing CAN features and determine whether anomalies exist in the tar-
bus abnormal detection can be divided into ID-based methods, get ECU [22], [23], [24]. However, machine-learning-based
payload-based methods, signal-based methods, and indirect methods are specifically employed for detecting cyberattacks
features-based methods [40]. ID-based methods monitor the but are unable to pinpoint and distinguish between attack
entropy [16], frequency [41], and time arrival interval [42] of categories and malfunctions within the ECU.
frame ID, which will trigger an alarm when they exceed the Table I summarizes the major differences between SISSA
predesigned threshold. Payload-based methods usually adopt and the existing vehicular SOME/IP safety and security anal-
machine learning model, such as deep neural networks [43] ysis methods. The proposed SISSA utilizes established deep
and generative adversarial network [44], to learn the feature learning models, namely, CNN, RNN, and LSTM, incorpo-
of frame payload, determining abnormal pattern. Signal-based rated with a residual self-attention mechanism. It not only
methods analyze vehicle sensor data, such as speed and detects various types of cyber attacks, such as DDoS, MITM,
steering angle to detect anomalies [45], [46]. Additionally, and abnormal communication but also aids in identifying hard-
indirect features, such as ECU fingerprints [19], are used to ware random failures through SOME/IP traffic. Additionally,
locate the compromised ECU. However, above methods are our data and code are open-source, facilitating researchers in
suitable for stable CAN message sequences, but not applicable pursuing their studies.
to the dynamic and unpredictable nature of SOME/IP traffic.
While feature learning for SOME/IP is in its early stages,
with limited research in this area, efforts are being made IV. P ROPOSED S AFETY AND S ECURITY
to explore its potential. Based on the criteria: the exploited M ONITORING M ODEL
communication model, the type of analysis algorithms, the This section proposes a novel safety and security monitoring
analysis target, the open-source data and code, and the framework, as illustrated in Fig. 3. ECUs communicate with
real-time capacity, we review recent SOME/IP-based safety each other via the SOME/IP protocol in Ethernet, which can
and security analysis methods in Table I. Cryptography and be susceptible to functional failures and cyberattacks. We first
Authentication techniques are adopted to secure SOME/IP model scenarios involving functional failure and cyberattck in
communication between ECUs [3], [4], [36], [39]. However, the communication of ECUs through SOME/IP. Subsequently,
the application of encryption authentication methods tends to training module is developed using unlabeled real-world data,
introduce increased communication complexity, elevated com- employing deep learning models to extract characteristics
putational overhead, and additional latency. Koyama et al. [38] from SOME/IP sessions among ECUs. We incorporate a
proposed to real-timely detect anomalies through whitelist- residual self-attention block (RSAB) to accelerates the model’s
based ways. Notably, their focus is primarily on mitigating convergence and enhances detection accuracy. Finally, during
replay attacks and MITM attacks. To enhance detection the detection phase, the proposed model operates online to
accuracy and broaden the spectrum of detected attack types, analyze SOME/IP traffic in real time and conducts analysis on
machine learning models, such as recurrent neural network the targeted ECU to determine its operational status, whether
(RNN), gated recurrent unit (GRU), and Vaswani’s transformer it is functioning normally, experiencing functional failure, or

Authorized licensed use limited to: University of Michigan Library. Downloaded on February 03,2025 at 01:05:12 UTC from IEEE Xplore. Restrictions apply.
27326 IEEE INTERNET OF THINGS JOURNAL, VOL. 11, NO. 16, 15 AUGUST 2024

Fig. 3. Workflow of SISSA.

under attack. In the following sections, we will detail the

contents.

A. Safety and Security Modeling Module

1) Modeling Functional Failure Scenarios: ISO 26262
defines functional safety as the mitigation of risks arising from
wear and tear resulting from abnormal operation of electrical
and electronic systems. The standard outlines two primary
types of failures in electrical/electronic systems: 1) systematic
failure and 2) random hardware failure [7]. Systematic failure,
associated with a specific cause, can only be addressed through
modifications to the design, manufacturing process, opera- Fig. 4. Bathtub curve of random hardware failures evolution.
tional procedures, documentation, or other related factors.
According to ISO 26262, quantifying systematic failures is
typically challenging using probabilistic methods. Developers
achieve comprehensive system fault diagnosis with in-vehicle their lifecycle. The failure rate curve often exhibits a bathtub
online monitoring, detection, and alerts to internal faults, shape, featuring higher failure rates at both ends and a lower
coupled with off-vehicle offline diagnostics extracting fault rate in the middle [48]. This pattern can be categorized
information externally through Unified Diagnostic Services into three stages as depicted in Fig. 4. The initial stage is
requests for investigation and maintenance [47]. the infant mortality period, marked by a high initial failure
While random hardware failure refers to unexpected failures rate that decreases rapidly with accumulated operational time.
during the hardware element’s lifecycle, following a proba- Subsequently, the system enters the random failures or steady
bility distribution [7]. ISO 26262 introduces the probabilistic period, characterized by an extended duration with a low and
metric for hardware failure (PMHF) in its 5th and 10th stable failure rate. In this phase, persistent failures occur,
parts. PMHF is employed to assess the Automotive Safety termed as the random failure stage, which cannot be entirely
Integrity Level, a measure of the probability of random eliminated irrespective of design quality. The final stage is
hardware failures. It serves as a crucial target value in the the wear-out period, where the failure rate experiences a rapid
hardware design of ECUs. In this work, we concentrate increase over time due to factors, such as wear, fatigue, and
on the probabilistic metric for random hardware failures. aging. As for the manifestation of these failures, we randomly
Differing from in-vehicle system fault diagnosis, our objective depicted them through scenarios such as unexpected inability
is to characterize the variations of random hardware failures to emit messages or payload being zero.
throughout the lifecycle, aiming to identify potential hardware For the purpose of calculations, ISO 26262 posits that each
malfunctions as comprehensively as possible. component within the system exhibits a consistent failure
We model random hardware failures based on the obser- rate throughout its operational lifespan. This is corresponding
vation: a significant correlation between automotive product to the steady period of random hardware failure evolution
failure rates and their usage time or driving mileage throughout depicted in Fig. 4. In this article, to broaden the scope of

Authorized licensed use limited to: University of Michigan Library. Downloaded on February 03,2025 at 01:05:12 UTC from IEEE Xplore. Restrictions apply.
LIU et al.: SISSA: REAL-TIME MONITORING OF HARDWARE FUNCTIONAL SAFETY AND CYBERSECURITY 27327

exploit the vulnerabilities of SOME/IP and construct the attack

scenarios as illustrated in Fig. 6, encompassing MITM attacks,
DDoS attacks, and abnormal communication processes.
1) Request Without Response (ReqNoRes): The attacker
interrupts response packets. In this case, the client
cannot receive a certain amount of response packets,
leading to abnormal client behavior.
2) Fake Interface (FI): The attacker identifies response
packets and injects nearly identical packets, with the
only distinction being an incorrect interface.
3) Fake Source (FS): The attacker replicates a chosen
packet, injects it into the communication, and substitutes
the original source IP address with another valid one.
Fig. 5. Weibull distribution under different shape parameter.
The new address is randomly selected from exist-
ing legal addresses, effectively deceiving the address
checking.
random hardware failure analysis, we assume that the random 4) DDoS: The adversary eavesdrops on SOME/IP commu-
hardware failures follow a nonexponential trend based on nication and disrupts client-to-server request packets at
the observations justified in Fig. 4. The failure pattern can higher rate than normal. As a result, the client fails to
be described by the Weibull distribution [49], which are receive a certain number of response packets from the
commonly used in reliability analysis. The probability density server.
function of Weibull is 5) Response Without Request (ResNoReq): The attacker
sends response packets to a client in the name of a server
β  t β−1 −( t )β
f (t) = e α (1) before the client sends request to the server. For instance,
α α attacker injects a response packet from a server to client
where β is the shape parameter that determines the probability when the client has just sent a notification packet to the
of the shape of the precision curve; α is the scale parameter server and is about to send a request.
that indicates the scaling of the function.
As depicted in Fig. 5, adjusting the shape parameter β
enables the simulation of the three stages corresponding to the B. Training Module
bathtub effect throughout the entire product lifecycle. These 1) Data Preprocessing: Fig. 7 depicts the process of data
stages include early failures, random failures, and wear-out training, designed for the analysis of n time-stamped messages
failures. within a detection window to perform multiple classification
1) When β < 1, the failure rate exhibits a decreasing tasks. Within our SOME/IP data described in Section II-A,
function of time t, suitable for modeling early failures each message is characterized by ten specific message fields
in automobiles. and a temporal attribute. Critical fields, such as Message
2) When β = 1, the failure rate approximates a constant, Type and Error Code, undergo OneHot encoding to convert
applicable for modeling random failures during the them into binary vectors, a process essential for the dis-
normal usage period of automobiles. crete categorization inherent in these fields. This enables the
3) When β >1, the failure rate demonstrates an increasing network to more effectively identify the interrelations between
function of t, suitable for modeling wear-out failures in disparate values. Notably, OneHot encoding is selectively
automobiles. This primarily manifests as failure issues employed for particular fields only, which leads us to design
occurring in products/components entering a period of the packet mapping block (PMB) to extract the feature of other
wear and aging after prolonged operational time. continuous values.
2) Cyberattack Scenarios: In this work, we are investi- 2) Packet Mapping: After the initial data preprocessing
gating the communication between ECUs that have already step, the PMB is applied. The PMB utilizes learnable affine
completed the establishment of TCP/IP connections and have transformations A(m) = Wm + b, where W and b denote the
commenced communication. Moreover, we assume that the weight matrix and bias vector, respectively, to incrementally
server has offered the OfferService to the client and ECUs can extend the dimensionality of each message to a d-dimensional
communicate with each other directly without SD. The focus is feature space. As a result, the input window is reshaped to the
primarily on introducing attackers and attacks targeting various dimension of n×d.
communication modes based on the SOME/IP protocol. We The above two step is a basic progress to preprocess a
assume that the attacker gains access to the in-vehicle Ethernet window of SOME/IP packets. Next, depending on the choice
network. Potential entry points may be discovered through of backbone, the data would be sent to different structures for
software compromise or by connecting a physical device to the further feature extraction and classification.
in-vehicle network. The attacker has the capability to capture 3) CNN Backbone: CNNs have been investigated for their
broadcast and multicast transmissions in a switched network, efficacy in intrusion detection [50]. It is hypothesized that
implying that SOME/IP packets are accessible to them. We when message windows are sampled across continuous

Authorized licensed use limited to: University of Michigan Library. Downloaded on February 03,2025 at 01:05:12 UTC from IEEE Xplore. Restrictions apply.
27328 IEEE INTERNET OF THINGS JOURNAL, VOL. 11, NO. 16, 15 AUGUST 2024

Fig. 6. Vulnerabilities of SOME/IP and construct the attack scenario, including (a) and (e) abnormal communication process, (d) DDoS attack, and (b) and
(c) MITM attack.

Fig. 7. (Top) Training process. (Bottom) Details of (a) data preprocessing, (b) PMB, and (c) residual attention block.

timestamps, they will display discernible image patterns that where the singleton dimension symbolizes a single-channel
differentiate normal behavior from anomalies. Such a premise grayscale image. Subsequently, a bespoke sampling algorithm,
paves the way for leveraging CNN-based architectures to bilinear interpolation, reformats the data into a 1×n×n image.
discern and categorize intrusions. This processed image is then propagated through a sequence
In the context of our proposed models, i.e., SISSA-C (CNN of convolutional blocks. Each block comprises a convolutional
backbone is employed in SISSA) and SISSA-C-A (CNN layer (Conv), followed by a Max Pooling layer (MaxPool),
backbone incorporated with residual self-attention is employed and a batch normalization layer (BN). The operations within
in SISSA), we employ a CNN backbone as the principal these blocks can be formally described as follows: for a given
mechanism for feature extraction and pattern recognition. The convolutional block Bi , the transformation T applied to the
detailed schematic of this CNN backbone is elucidated in input I is
Fig. 7. Input data, represented in an n×d matrix, undergoes an
initial transformation to a 3-D tensor with dimensions 1×n×d, T(I) = BN(MaxPool(Conv(I))). (2)

Authorized licensed use limited to: University of Michigan Library. Downloaded on February 03,2025 at 01:05:12 UTC from IEEE Xplore. Restrictions apply.
LIU et al.: SISSA: REAL-TIME MONITORING OF HARDWARE FUNCTIONAL SAFETY AND CYBERSECURITY 27329

To encapsulate interchannel relationships and the intricate the field of intrusion detection, the LSTM’s architecture is
feature interplay, the channels corresponding to each pixel adept at analyzing and learning from the intricate temporal
are subject to a nonlinear mapping. This mapping, designed patterns that characterize different attack vectors and fault
to extract the nuanced associations between diverse channels, conditions. The ability of LSTM to mitigate the vanishing
further refines the model’s intrusion detection capabilities. The gradient problem prevalent in traditional RNNs allows for
nonlinear mapping M between the channels for a pixel p is more effective learning over extended sequences, which is
expressed as paramount in the nuanced classification tasks presented by
multiple attack and fault modes [53], [54], [55]. The distinct
M(p) = f (p1 , p2 , . . . , pc ) (3) advantage of LSTM in handling such tasks stems from its
where f represents the nonlinear function, and p1 , p2 , . . . , pc unique gate-based architecture, which is particularly adept at
are the channel values of pixel p across c channels. capturing the temporal characteristics inherent in hacker attack
The amalgamation of these computational layers and the patterns [56] and the sporadic functional failures of in-vehicle
nonlinear mapping engenders a robust framework capable of ECUs.
identifying anomalous patterns indicative of cyber attack and Fig. 7 illustrates the LSTM backbone composed of multiple
random hardware failure. LSTM blocks. These blocks are embedding into SISSA-L
4) RNN Backbone: Although CNNs have been a conven- (LSTM backbone is employed in SISSA) and SISSA-L-A
tional choice for intrusion detection, their effectiveness in (LSTM backbone incorporated with residual self-attention
interpreting sequential data remains limited. Different from is employed in SISSA). Each block processes an input
that, sequence-based neural networks could potentially offer sequence of n packets, with each packet characterized by
superior generalization capabilities, particularly in the context a d-dimensional feature vector. The LSTM block is set to
of processing continuous message streams [51]. iteratively update its cell states and hidden states through a
Fig. 7 delineates the architecture of our proposed sequence- series of gated operations—input, output, and forget gates,
based models, SISSA-R (RNN backbone is employed in thus selectively retaining or discarding information through
SISSA) and SISSA-R-A (RNN backbone incorporated with the sequence.
residual self-attention is employed in SISSA). These models Formally, the LSTM updates for each time step t in a given
integrate RNN blocks, designed to capture temporal depen- block Bi can be described by the following equations:
dencies and extract timing features from sequences of network    
packets. The RNN blocks are structured to process an input ft = σ Wf · ht−1 , xt + bf
   
window comprising n packets, with each packet represented it = σ Wi · ht−1 , xt + bi
   
as a vector of dimension d. 
Ct = tanh Wc · ht−1 , xt + bC
In the context of SOME/IP communication, encompassing
both attack and fault scenarios, we carefully adhere to the tem- Ct = ft ∗ Ct−1 + it ∗ 
Ct
   
poral accuracy of packet transmission. This temporal aspect ot = σ Wo · ht−1 , xt + bo
may elude the feature detection capacities of purely image- ht = ot ∗ tanh(Ct ) (6)
based pattern recognition systems. Therefore, we introduce a
multilayered RNN architecture to address this challenge. The where ft , it , and ot represent the forget gate, input gate, and
architecture functions as follows. output gate activations, respectively; Ct and ht are the cell state
For each RNN block Bi , the transformation T across a and hidden state; σ denotes the sigmoid function; and W and
sequence of length n is defined recursively by b are the weights and biases associated with each gate.
ht = f (ht−1 , xt ; θ ) (4) The architectural schematic translates to a transformation
pathway
where ht is the hidden state at time t, xt is the input at time
t, and θ represents the parameters of the RNN. LSTM Block 1 LSTM Block 2
c(n, d) −−−−−−−−→ (n, h) −−−−−−−−→ (n, h). (7)
The schematic progression can be summarized as
RNN Block 1 RNN Block 2 Each LSTM block’s output, ht , encodes not only the
(n, d) −−−−−−−→ (n, h) −−−−−−−→ (h, d). (5)
information of the current packet but also the context of
Each RNN block captures and propagates temporal preceding packets. This makes it a valuable resource for
information through its hidden states, thereby facilitating an identifying patterns that signal anomalies, even in inputs with
intricate understanding of the temporal patterns characteristic intricate temporal dynamics.
of intrusion scenarios. By harnessing this architecture, SISSA- By harnessing the LSTM backbone within our proposed
R and SISSA-R-A aim to provide an in-depth analysis of models (SISSA-R and SISSA-R-A), we aim to elevate the
network traffic, potentially outperforming traditional CNN- accuracy and generalization of monitoring system to adeptly
based approaches in detecting sophisticated cyber attacks. handle the multifarious and temporally complex patterns
5) LSTM Backbone: LSTM is capable of capturing long- observed in functional failure and attack.
range dependencies within a sequence, making it eminently 6) Residual Self-Attention Block: RSAB aims to enhance
suitable for scenarios where messages that are far apart the network’s ability to discern complex and subtle relation-
within a window may exert a significant impact [52]. In ships within the data. This is crucial for differentiating patterns

Authorized licensed use limited to: University of Michigan Library. Downloaded on February 03,2025 at 01:05:12 UTC from IEEE Xplore. Restrictions apply.
27330 IEEE INTERNET OF THINGS JOURNAL, VOL. 11, NO. 16, 15 AUGUST 2024

indicative of attacks, which are typically intentional and well-

organized, from the stochastic nature of hardware failures,
which might manifest as irregular and less predictable patterns.
Attacks can occur through coordinated sequences of mes-
sages that may seem legitimate when considered individually.
The RSAB, with its intrinsic attention mechanism, is adept
at capturing the sequential context across the entire window
of messages, facilitating the identification of such coordinated
anomalies. It achieves this by calculating attention weights,
which essentially determine how much focus should be placed
on each part of the input sequence when constructing a
representation of a given message.
Mathematically, the attention mechanism within the RSAB
can be expressed as Fig. 8. Data set generation process for SOME/IP.

QK T
Attention(x) = Softmax √ V (8)
dk
V. E VALUATION
where Q, K, and V are the query, key, and value matrices A. Experimental Settings
derived from the input data x, and dk is the scaling factor
1) Data Set: In our comprehensive open-source framework
corresponding to the dimension of the keys. This attention
(SISSA), we delineate a holistic approach encompassing the
function allows the network to prioritize certain messages
generation of data that comply with the AUTOSAR stan-
within a window, which is crucial when a single malicious
dard, the simulation of various attacks and random hardware
packet could indicate a potential attack.
failures, alongside detailed data preprocessing and network
The RSAB enhances this mechanism by adding a residual
training methodologies.
connection, which is simply the addition of the input of the
The SOME/IP Generator, a Python-based tool for gener-
block to its output
ating SOME/IP packets based on IP/UDP, is available on
RSAB(x) = x + Attention(Q, K, V). (9) GitHub and has been extensively utilized in relevant intru-
sion detection [57], [24]. This generator employs Python’s
The inclusion of the residual connection facilitates gradient native multiprocessing components and multiple communica-
flow during backpropagation and helps mitigating the van- tion queues to effectively simulate the traffic of SOME/IP
ishing gradient problem, which is a common issue in deep packets among various ECUs within the same local area
networks. This is particularly advantageous for analyzing network over continuous time. However, due to the prolonged
complex network traffic data, where the relevance of specific lack of maintenance of the GitHub repository, the generator
features may be deeply buried in the sequence. faces challenges in implementing modern, complex message
For network traffic analysis, including the detection of behaviors. For instance, the packet generation process does
normal versus malicious activities or identifying ECU mal- not fully adhere to real-world timing constraints, rendering
functions, the ability of RSAB to focus on specific, relevant it inadequate for simulating attacks that are highly time-
parts of the data becomes crucial. Network attacks like sensitive. Moreover, the generator’s current design does not
DDoS or MITM, and ECU malfunctions exhibit characteristic effectively represent the random hardware malfunctions in the
patterns within the vast stream of network data. RSAB, by communication queue.
dynamically weighting input features, can effectively highlight Given these limitations, we propose enhancements to the
these patterns, making it easier for subsequent layers of the SOME/IP Generator. Our approach leverages its multi-ECU
model to recognize and classify them accurately. The model communication simulation capabilities to first generate stan-
can thus learn to discern subtle differences between normal dard SOME/IP traffic packets. Subsequently, we aim to model
and anomalous traffic, improving its predictive performance. in-vehicle functional safety and cyber security threats. This
Moreover, the residual connection in RSAB ensures that, will be achieved through custom scripts that can generate spe-
alongside these weighted features, the original input is also cific attack message windows and simulate random hardware
carried forward, preventing the loss of information that might failure message windows, thereby providing a more robust and
be crucial for understanding the context of the traffic. This realistic testing environment for monitoring systems. Access
is particularly important for network traffic data, where the to both the code and data sets is available at the following
context can significantly influence the interpretation of a link: https://github.com/jamesnulliu/SISSA.
message’s normalcy or anomaly. Fig. 8 shows the data set generation process for SOME/IP.
After RSAB and multilayer perceptron, the final output of By utilizing the SOME/IP Generator, we initiate the process
SISSA models is a tensor with the shape of (7, 1), indicating by generating typical SOME/IP communication data. This data
the probability of the input window being normal, suffering is subsequently processed through our data segmentation mod-
from DDoS, FI, FS ReqNoRes, ResNoReq attack, or Random ule. In this phase, the continuous stream of data is partitioned
Hardware Failure, respectively. into distinct blocks. These blocks are subjected to simulated

Authorized licensed use limited to: University of Michigan Library. Downloaded on February 03,2025 at 01:05:12 UTC from IEEE Xplore. Restrictions apply.
LIU et al.: SISSA: REAL-TIME MONITORING OF HARDWARE FUNCTIONAL SAFETY AND CYBERSECURITY 27331

TABLE II
T RAINING AND T ESTING DATA S ET C LASSES

attack or failure scenarios after shuffling. Subsequently,

each block is further subdivided into multiple, equal-length
windows, allocated to respective buckets based on the classifi- Fig. 9. Experimental environment.
cation task’s category. In our case, this results in seven buckets,
each containing diverse windows subjected to identical attack
simulations. To enhance the realism and variability of these data types, such as CAN. Researchers can introduce custom
simulations, we introduce adjustable parameters, ensuring that attack and failure modes, and reconfigure the network structure
each attack instance retains a unique characteristic. for retraining the classifier. Moreover, the management of all
We describe the generated communication scenarios and parameters is facilitated through several YAML files, obviating
traffic patterns in details. Through the configuration of XML the need for code modification within Python scripts once
files, we defined communication simulations across 14 dif- the model structure is established. This feature significantly
ferent IP addresses. Each IP represents an independent ECU enhances the usability and accessibility of the SISSA frame-
within the vehicle, allowing for arbitrary roles as either Server work for a wide array of research applications.
or Client in their communications. During communication 2) Environment: Fig. 9 shows the environment for testing
events, multiple processes simulate the actual behavior of proposed model. Regarding the trained model, we provided
ECUs, using shared queues among these processes as the two sets of inference platforms to measure inference speed,
communication channel to send and receive messages. For detailed as follows. It is important to emphasize that during
instance, when ECU A sends a request message to ECU B, this the inference process, each window is linearly input into the
message is queued at the end of the communication channel; model (batch size = 1128 packets).
upon capture, ECU B reacts accordingly and responds back to 1) Equipment Set 1: Ubuntu 22.04, Intel Xeon Silver 4210
ECU A. The communication process is further enhanced by CPU @ 2.20 GHz, GeForce RTX3090. Average speed
random parameters controlling the system’s behavior, thereby for SISSA is 0.8 ms/window (6.25×10−3 ms/packet).
increasing the realism of the simulation. 2) Equipment Set 2: Raspberry Pi OS, Cortex-
Table II shows the details of our training set and validation A72. Average speed for SISSA is 80 ms/window
set window data. A critical aspect of our approach is the strict (0.625 ms/packet).
equalization of windows across different categories, a measure In our inference experiments, the inference time for each
implemented to preclude any potential training bias due to data input window is exceedingly short (less than a millisecond).
imbalances at the simulation stage. Additionally, the entire Consequently, attempting to measure the variance across
process of attack and failure simulation is optimized through individual inferences could result in significant inaccuracies
multiprocess execution, significantly enhancing the speed of due to issues such as timing resolution limitations. To ensure
data generation and experimental efficiency. Once training is the accuracy of our inference time statistics, we employed a
completed, the model’s weights are not updated, and no part of methodology where we continuously and linearly infer 1000
the validation set is used for fine-tuning, ensuring the complete windowed data points and then calculate the mean value of
trustworthiness of the model’s inference results. these measurements.
Upon the generation of bucketed data, we engage in a series 3) Metrics: Classification task contains four possible out-
of preprocessing and feature engineering steps. The window comes. True positive (TP) models accurately identified
data within each bucket is then randomized and split into positives. True negative (TN) models correctly identified
training and validation sets in an 8:2 ratio. Once segmented negatives. False positive (FP) models wrongly labels instances
into these sets and saved as.npy files, the data is primed for as positives. False negative (FN) models fails to identify
neural network training. positives. Based on TP, TN, FP, and FN, we evaluate SISSA’s
It is worth mentioning that the SISSA framework is of performance using the following metrics.
high extensibility. Being entirely open-source and transparent 1) Accuracy measures the overall correctness of a model
allows researchers the flexibility to modify modules to suit by assessing the ratio of correctly predicted instances
specific objectives. Although our focus is on SOME/IP packet to the total instances, providing a general performance
detection and analysis, the framework is adaptable to other indicator (TP + TN/TP + TN + FP + FN).

Authorized licensed use limited to: University of Michigan Library. Downloaded on February 03,2025 at 01:05:12 UTC from IEEE Xplore. Restrictions apply.
27332 IEEE INTERNET OF THINGS JOURNAL, VOL. 11, NO. 16, 15 AUGUST 2024

Fig. 10. Train accuracy and loss of each SISSA model. (a) CNN-based models. (b) RNN-based models. (c) LSTM-based models.

2) Recall quantifies the model’s ability to correctly identify The stagnation in validation accuracy observed in the
all relevant instances among the actual positives, empha- SISSA-C and SISSA-C-A models is attributed to the temporal
sizing the avoidance of FNs (TP/TP + FN). nature of the attack and random failure modes delineated in
3) Precision gauges the model’s accuracy in labeling our study. These temporal characteristics are inadequately cap-
instances as positive, emphasizing the avoidance of FPs tured by convolutional image classification neural networks,
and assessing the relevance of the identified positives rendering them suboptimal for intrusion and fault detection
(TP/TP + FP). tasks that exhibit specific characteristics.
4) F1-score is the harmonic mean of precision and The SISSA-L-A model stands out as our recommended
recall, offering a balanced measure that considers solution for achieving the highest validation accuracy in
both FPs and FNs, suitable for evaluating mod- seven distinct classification scenarios. Owing to its integration
els in scenarios with imbalanced class distribution of LSTM and RSA modules, the SISSA-L-A is adept at
([2 × Precision × Recall]/Precision + Recall). extracting correlations between packet features across different
5) ROC Curve assesses model performance in neural timestamps in a window sequence. This capability enables it to
networks. It plots FP Rate and TP Rate for different effectively identify characteristics of SOME/IP traffic during
discrimination thresholds. The ideal ROC curve should vehicular attacks or random hardware failures.
be closer to the upper left corner, indicating better 2) Performance in Monitoring: Fig. 11 presents the confu-
performance. sion matrices for each of the six evaluated models. An analysis
6) AUC Scores quantify the area under the right side of the of these confusion matrices reveals that both the SISSA-C and
ROC curve, providing a visual measure of the classifier’s SISSA-C-A exhibit lower detection rates and higher FP rates,
predictive performance. In cases where ROC curves for particularly in scenarios involving DDoS attacks, FS attacks,
different classes intersect, the AUC values serve as a and random hardware failures. This diminished performance
quantitative criterion to determine which class exhibits is attributed to the temporal dynamics inherent in these attack
superior predictive performance. types, a feature that proves challenging for CNN-based models
to effectively capture and analyze.
Conversely, SISSA-L-A demonstrates remarkable efficacy,
B. Experimental Performance as evidenced by the near absence of detection errors and
1) Performance in Training: Fig. 10 illustrates the training FPs in Fig. 11. This observation underscores the superior
performance of six distinct SISSA models. These models were performance of the model, particularly in its ability to accu-
trained for a maximum of 150 epochs, with hyperparameters rately identify and classify attack patterns and hardware
finely tuned within this constraint to optimize training efficacy. malfunction. The results suggest that SISSA-L-A’s archi-
Of the six variants based on varying architectures, the SISSA- tecture, which likely leverages advanced temporal feature
L-A model exhibited superior performance, achieving the extraction capabilities, is better suited for handling the com-
highest validation accuracy of 99.7% across seven classifica- plexities associated with these specific types of attacks.
tion tasks. Conversely, the CNN-based model demonstrated Fig. 12 shows the ROC curves and AUC values for six
limited generalization capacity, though it attained a notable models with different backbones. It can be observed that the
training accuracy of 99.5%, translating to a lower validation AUC values of LSTM-based models (SISSA-L and SISSA-
accuracy of 72%. L-A) are range from a minimum of 0.93, with the majority
In Fig. 10(a) and (b), it is evident that the incorporation approaching 1. This indicates that LSTM-based models can
of an RSA layer at the network’s terminus not only sta- effectively distinguish between each type of attack, demon-
bilizes the training process but also significantly enhances strating superior performance.
validation accuracy. Furthermore, scenario Fig. 10(c) reveals The SISSA-C and SISSA-C-A models illustrated in
that the SISSA-L-A model, in comparison to its SISSA-L Fig. 12(a) and (b) exhibit a distinct pattern. The ROC
counterpart, exhibits improved generalization capabilities, curves associated with these models deviate from the typical
particularly under extended training durations. convergence toward the upper left corner. Simultaneously,

Authorized licensed use limited to: University of Michigan Library. Downloaded on February 03,2025 at 01:05:12 UTC from IEEE Xplore. Restrictions apply.
LIU et al.: SISSA: REAL-TIME MONITORING OF HARDWARE FUNCTIONAL SAFETY AND CYBERSECURITY 27333

Fig. 11. Confusion matrix for six different models on the testing data set. (a) and (b) CNN-based models. (c) and (d) RNN-based models. (e) and
(f) LSTM-based models.

Fig. 12. ROC curves and AUC values for six models with different backbones across seven classification tasks. (a) and (b) CNN-based models. (c) and
(d) RNN-based models. (e) and (f) LSTM-based models.

the AUC values they entail indicate challenges in accurately In the case of Fig. 12(c) and (d), the ROC curves for
discerning various attacks, resulting in reduced predictive the RNN-based models tend to converge toward the upper
accuracy. left corner, suggesting commendable predictive accuracy.

Authorized licensed use limited to: University of Michigan Library. Downloaded on February 03,2025 at 01:05:12 UTC from IEEE Xplore. Restrictions apply.
27334 IEEE INTERNET OF THINGS JOURNAL, VOL. 11, NO. 16, 15 AUGUST 2024

Fig. 13. (a) Overall accuracy, (b) precision, (c) recall, and (d) F1-score of each class on the testing data set under different window sizes.

TABLE III
However, its performance falls slightly short of the LSTM- C OMPARISON OF THE ACCURACY, P RECISION , R ECALL ,
based models. These observations collectively underscore the AND F1-S CORE OF E ACH SISSA M ODEL
efficacy of the models and highlight the impact of incorpo-
rating RSA, particularly evident in the enhanced predictive
capabilities of the LSTM-based model.
Fig. 13 delineates the comparative performance of six
distinct models as a function of varying window sizes. In
the conducted experiments, the SISSA-L-A and SISSA-L
models consistently outperformed their counterparts across
all four measured metrics. It was observed that with an
increase in window height, the RNN-backed models (SISSA-R
and SISSA-R-A) exhibited a remarkable improvement in
all measures. Conversely, models predicated on a CNN-
based backbone did not demonstrate significant alterations
in performance. This phenomenon can be attributed to the
RNN and LSTM’s inherent capability to exploit temporal
information provided by an enlarged window, thereby enhanc-
ing the model’s performance. In contrast, the SISSA-C and
SISSA-C-L models appear to be less adept at capturing
temporal characteristics and the intermessage associations,
leading to a stagnant performance outcome. Additionally, it
is noted that the integration of an RSA generally enhances
the model’s overall metrics. However, it necessitates a more
extended training duration to reach optimal efficacy, compared
to its counterparts devoid of the RSA. formatted to emphasize the highest metric values for each cat-
Table III presents a comprehensive evaluation of six distinct egory by employing bold typeface. This accentuation reveals
SISSA models across three categorical scenarios: 1) normal that the SISSA-L-A model exhibits superior performance,
message windows; 2) malicious attack message windows; and achieving near-perfect accuracy in the identification of mali-
3) random hardware failure message windows. The table is cious attack message windows. It is noteworthy, however, that

Authorized licensed use limited to: University of Michigan Library. Downloaded on February 03,2025 at 01:05:12 UTC from IEEE Xplore. Restrictions apply.
LIU et al.: SISSA: REAL-TIME MONITORING OF HARDWARE FUNCTIONAL SAFETY AND CYBERSECURITY 27335

TABLE IV
C OMPARISON OF THE ACCURACY, P RECISION , R ECALL , AND F1-S CORE of accuracy, precision, recall, and F1-score. The results high-
OF E ACH C LASS U NDER E ACH SISSA M ODEL light that, given a sufficient training set, the detection rate
for FI attacks by all six proposed models is near perfect.
The models exhibit varying degrees of efficacy in identifying
other forms of attacks and random hardware failures, which is
reflective of their differential capabilities in temporal feature
extraction. Notably, the SISSA-L-A model stands out with the
most robust performance, demonstrating high accuracy in the
recognition of diverse attack vectors and random functional
failures. This suggests that the synergy between the LSTM
backbone and RSA is particularly adept at discerning between
multiple attack patterns and hardware malfunctions within
multinode SOME/IP communication.
3) Overhead: Table V presents a comprehensive analysis
of parameters and time costs associated with six distinct
models, comparing them across various window sizes. It is
observed that an increase in window height results in a slower
detection speed, attributed to the simultaneous increase in the
number of parameters. When comparing models with identical
window values, those incorporating RSA tend to exhibit higher
parameter counts and slower detection times compared to
counterparts without RSA. Furthermore, notable differences in
parameter quantities exist among different model architectures.
In particular, the SISSA-L model exhibits a higher parameter
count and longer detection time in comparison to SISSA-R,
the latter surpassing SISSA-C in both aspects. Meanwhile,
the graphics memory increases with the growth of window
length. Considering that the resolution of message data itself is
not substantial, memory usage is unlikely to pose a hindrance
in practical applications. It is noteworthy to mention that
detection time of SISSA is less than 1 ms, which can meet
in-vehicle network traffic and real-time requirements defined
in IEEE 802.1DG [35]. This demonstrates that the SISSA-
L-A model is capable of achieving real-time detection in a
vehicular environment, confirming its practicality not only
on high-end computational platforms but also on hardware
with considerably lower performance, such as the Raspberry
Pi. This versatility in operating environments underscores the
model’s potential for widespread application in real-world
scenarios.

VI. D ISCUSSION
A. Real-World Application
In the experimental evaluation, we observed distinct vari-
ations in detection rates and speeds among the six SISSA
models that developed for identifying cyber attacks and ran-
dom hardware failures. Owing to the comprehensive Python
during the detection of random hardware failure message win- code framework, SISSA can be seamlessly integrated as a
dows, the recall metric for SISSA-L-A is marginally eclipsed middleware within automotive communication networks to
by that of SISSA-L. This suggests a propensity of the SISSA- facilitate real-time monitoring of SOME/IP network activities.
L-A model to occasionally misclassify normal operational If this middleware operates in a strictly localized environment,
modes as faulty. This phenomenon may be attributed to a the SISSA network itself remains safeguarded against external
degree of overfitting engendered by the RSA within the attacks. Conversely, when connected to cloud services, the
model’s architecture, underscoring a potential area for further model’s efficiency can be incrementally enhanced in alignment
refinement. with vehicular modifications, allowing for the transmission of
Table IV elucidates the performance of each SISSA model anomalous states back to remote data centers. Additionally,
across seven classification categories, focusing on the metrics the versatility of SISSA is evident in its capacity to adapt

Authorized licensed use limited to: University of Michigan Library. Downloaded on February 03,2025 at 01:05:12 UTC from IEEE Xplore. Restrictions apply.
27336 IEEE INTERNET OF THINGS JOURNAL, VOL. 11, NO. 16, 15 AUGUST 2024

TABLE V
SISSA’ S C HARACTERISTICS AND C OMPUTATIONAL R ESOURCES

to varying packet traffic types through modifications in its further may yield diminishing returns in accuracy relative to
structural design and the data set used for training. the augmented inference time. Furthermore, it is worth noting
In practical applications, critical factors, such as the model’s that the low-dimensional nature of the message data results in a
detection rate, inference time, and memory usage, must be minimal GPU memory footprint during inference. This aspect
meticulously considered. Tailoring the window length and underscores the feasibility of running SISSA for safety and
model structure to suit the complexity of communication security analyses in automotive systems without significantly
scenarios is imperative. For instance, in our specific use impacting other GPU-based tasks. Such an attribute is vital
case, employing the SISSA-L-A model with an LSTM back- for the practical deployment of the application.
bone and a monitoring window of 128 consecutive packets, This article discusses SOME/IP traffic data, including noti-
we achieved a remarkable 99.7% accuracy across seven fications, requests, and responses, and simulates the feasibility
classification challenges. Concurrently, the model’s inference of real-world application scenarios. In future work, we will
time aligns with the prerequisites for real-time monitoring. consider the potential integration of vSOMEIP and the inclu-
However, it should be noted that increasing the window height sion of SOME/IP-SD traffic, further exploring security checks

Authorized licensed use limited to: University of Michigan Library. Downloaded on February 03,2025 at 01:05:12 UTC from IEEE Xplore. Restrictions apply.
LIU et al.: SISSA: REAL-TIME MONITORING OF HARDWARE FUNCTIONAL SAFETY AND CYBERSECURITY 27337

within the entire process between two ECUs, from service also accommodating the computational resource requirements
provision to connection establishment and communication. of ECUs.
In the future, we intend to expand the scope of our
framework to encompass additional in-vehicle communication
B. Limitations
protocols, including the well-established CAN bus. Besides,
1) False Positives: Although the proposed method boasts modeling cyberattacks on in-vehicle networks emerges as an
a high level of accuracy, it still suffers from nonnegligible intriguing and worthwhile avenue for exploration.
FPs. Modern vehicles are typically equipped with dozens
to hundreds of ECUs. Therefore, the model presented in
this article requires further optimization to reduce FPs, thus R EFERENCES
adapting to the real-time environment of vehicular systems. [1] M. Iorio, A. Buttiglieri, M. Reineri, F. Risso, R. Sisto, and F. Valenza,
On the other hand, attacks are effective when sustained. “Protecting in-vehicle services: Security-enabled SOME/IP middle-
ware,” IEEE Veh. Technol. Mag., vol. 15, no. 3, pp. 77–85, Sep. 2020.
Taking DoS as an example, malicious users aim to disrupt [2] (AUTOSAR Found., Munich, Germany). SOME/IP Protocol
normal operations by inundating the network with an excessive Specification. 2022. Accessed: Apr. 20, 2023. [Online].
amount of false requests or abnormal data packets. This Available: https://www.autosar.org/fileadmin/standards/R22-
11/FO/AUTOSAR_PRS_SOMEIPProtocol.pdf
strategy, to some degree, helps alleviate the problem of FPs [3] D. Zelle, T. Lauser, D. Kern, and C. Krauß, “Analyzing and securing
stemming from cyber attacks. some/ip automotive services with formal and practical methods,” in Proc.
2) Cyberattack Traffic Pattern Generation: Different win- 16th Int. Conf. Avail., Rel. Secur., 2021, pp. 1–20.
[4] M. Iorio, M. Reineri, F. Risso, R. Sisto, and F. Valenza, “Securing
dows are tailored to different attack scenarios, achieved SOME/IP for in-vehicle service protection,” IEEE Trans. Veh. Technol.,
through varying parameter values, and there are no loop vol. 69, no. 11, pp. 13450–13466, Nov. 2020.
conditions. A limitation lies in the fact that in real-world [5] F. C. Gail, R. Rieke, and F. Fenzl, “RulEth: Genetic programming-driven
derivation of security rules for automotive Ethernet,” in Proc. Joint Eur.
scenarios, a single window may encounter multiple types of Conf. Mach. Learn. Knowl. Discov. Databases, 2023, pp. 192–209.
attacks. This aspect was not accounted for in our study and [6] C. Miller and C. Valasek, “Remote exploitation of an unaltered passenger
requires further investigation in future research. vehicle,” Black Hat USA, vol. 2015, no. 91, pp. 1–91, 2015.
[7] Road Vehicles—Functional Safety, ISO Standard 26262, Dec. 2016.
3) Potential Pitfalls in Machine Learning for [8] Road Vehicles, Cybersecurity Engineering, ISO/SAE Standard 21434,
Cybersecurity: As SOME/IP was proposed by the BMW 2021.
and is not yet widely used like CAN, obtaining real data [9] E. Ruijters and M. Stoelinga, “Fault tree analysis: A survey of the
state-of-the-art in modeling, analysis and tools,” Comput. Sci. Rev.,
for SOME/IP is challenging. In this case, SOME/IP data is vols. 15–16, pp. 29–62, Feb.–May 2015.
generated using open-source tools, such as vSOME/IP and [10] H.-C. Liu, L. Liu, and N. Liu, “Risk evaluation approaches in failure
SOME/IP Generator, leading to potential sampling bias, as mode and effects analysis: A literature review,” Expert Syst. Appl.,
outlined in [58]. Concurrently, due to the data set’s singularity, vol. 40, no. 2, pp. 828–838, 2013.
[11] J.-P. Signoret and A. Leroy, “Hazard and operability study
slight overfitting may occur with the proposed SISSA-C. (HAZOP),” in Reliability Assessment of Safety and Production Systems:
However, since LSTM-L-A has learned almost all patterns Analysis, Modelling, Calculations and Case Studies. Cham, Switzerland:
in our data set and performs well on both the training and Springer, 2021, pp. 157–164.
[12] N. G. Leveson, Engineering a Safer World: Systems Thinking Applied
validation sets, it effectively addresses the overfitting issue. It to Safety. Cambridge, MA, USA: MIT, 2016.
is noteworthy that the aim of this study is to experimentally [13] C. Schmittner, Z. Ma, and P. Smith, “FMVEA for safety and security
demonstrate the superior performance of LSTM-L-A through analysis of intelligent and cooperative vehicles,” in Proc. Int. Conf.
Comput. Saf., Rel., Secur., 2014, pp. 282–288.
comparative analysis. [14] W. Young and R. Porada, “System-theoretic process analysis for security
(STPA-SEC): Cyber security and STPA,” in Proc. STAMP Conf., 2017,
pp. 1–69.
VII. C ONCLUSION [15] J. Cui and B. Zhang, “VeRa: A simplified security risk analysis method
for autonomous vehicles,” IEEE Trans. Veh. Technol., vol. 69, no. 10,
In this work, we propose a novel approach, termed SISSA, pp. 10494–10505, Oct. 2020.
to monitoring the safety and security of ECUs in con- [16] M. Müter and N. Asaj, “Entropy-based anomaly detection for in-vehicle
networks,” in Proc. 4th IEEE Intell. Veh. Symp., 2011, pp. 1110–1115.
nected automated vehicles using SOME/IP communication [17] C. Miller and C. Valasek, “Adventures in automotive networks and
traffic. SISSA employs Weibull distribution to model random control units,” IOActive, Seattle, WA, USA, White Paper, 2013.
hardware failures and identifies five classic cyberattacks. [18] M. Müter, A. Groll, and F. C. Freiling, “A structured approach to
anomaly detection for in-vehicle networks,” in Proc. 6th Int. Conf. Inf.
Leveraging three deep learning models with residual self- Assur. Secur., 2010, pp. 92–98.
attention mechanisms, SISSA effectively extracts features [19] K.-T. Cho and K. G. Shin, “Fingerprinting electronic control units for
from SOME/IP packets to distinguish between normal ECU vehicle intrusion detection,” in Proc. 25th USENIX Security Symp., 2016,
pp. 911–927.
operation, functional failures, and cyberattacks. We have
[20] Y. Xun, Y. Zhao, and J. Liu, “VehicleEIDS: A novel external intrusion
curated a comprehensive data set encompassing various classes detection system based on vehicle voltage signals,” IEEE Internet Things
for evaluation, a noteworthy contribution given the scarcity J., vol. 9, no. 3, pp. 2124–2133, Feb. 2022.
of publicly available data sets with similar characteristics. [21] W. Choi, K. Joo, H. J. Jo, M. C. Park, and D. H. Lee, “VoltageIDS: Low-
level communication characteristics for automotive intrusion detection
The experimental results indicate SISSA’s high effectiveness, system,” IEEE Trans. Inf. Forensics Security, vol. 13, pp. 2114–2129,
achieving an average F1-score of 99.2% for malfunction 2018.
identification and a perfect average F1-score of 99.86% for [22] N. Alkhatib, H. Ghauch, and J.-L. Danger, “Some/ip intrusion detection
using deep learning-based sequential models in automotive Ethernet
cyberattack detection. The detection speed and model overhead networks,” in Proc. IEEE 12th Annu. Inf. Technol., Electron. Mobile
meet the communication needs of automotive networks while Commun. Conf. (IEMCON), 2021, pp. 0954–0962.

Authorized licensed use limited to: University of Michigan Library. Downloaded on February 03,2025 at 01:05:12 UTC from IEEE Xplore. Restrictions apply.
27338 IEEE INTERNET OF THINGS JOURNAL, VOL. 11, NO. 16, 15 AUGUST 2024

[23] F. Luo, Z. Yang, Z. Zhang, Z. Wang, B. Wang, and M. Wu, “A [48] V. Prasanth, D. Foley, and S. Ravi, “Demystifying automotive safety
multi-layer intrusion detection system for some/IP-based in-vehicle and security for semiconductor developer,” in Proc. IEEE Int. Test Conf.
network,” Sensors, vol. 23, no. 9, p. 4376, 2023. (ITC), 2017, pp. 1–10.
[24] N. Alkhatib, M. Mushtag, H. Ghauch, and J.-L. Danger, “Here comes [49] A. Kleyner and R. Knoell, “Calculating probability metric for random
SAID: A SOME/IP attention-based mechanism for intrusion detec- hardware failures (PMHF) in the new version of ISO 26262 functional
tion,” in Proc. 14th Int. Conf. Ubiquitous Future Netw. (ICUFN), 2023, safety-methodology and case studies,” SAE, Warrendale, PA, USA,
pp. 462–467. Technical Paper 2018-01-0793, 2018.
[25] T. Gehrmann and P. Duplys, “Intrusion detection for SOME/IP: [50] R. Zhao, Y. Wang, Z. Xue, T. Ohtsuki, B. Adebisi, and G. Gui,
Challenges and opportunities,” in Proc. 23rd Euromicro Conf. Digit. “Semi-supervised federated learning based intrusion detection method
Syst. Design (DSD), 2020, pp. 583–587. for Internet of Things,” IEEE Internet Things J., vol. 10, no. 10,
[26] “SOME/IP protocol specification, Release R19-11,” AUTOSAR Found., pp. 8645–8657, May 2023.
Munich, Germany, document 696, 2019. [51] W. Chen, F. Lyu, F. Wu, P. Yang, and J. Ren, “FLAG: Flexible, accurate,
[27] “Scalable service-oriented middleware over IP (SOME/IP).” 2024. and long-time user load prediction in large-scale WiFi system using
[Online]. Available: https://some-ip.com/ deep RNN,” IEEE Internet Things J., vol. 8, no. 22, pp. 16510–16521,
[28] (AUTOSAR Found., Munich, Germany). SOME/IP Service Nov. 2021.
Discovery Protocol Specification. 2022. Accessed: Apr. 20, 2023. [52] J. Gao et al., “Omni SCADA intrusion detection using deep learning
[Online]. Available: https://www.autosar.org/fileadmin/standards/R22- algorithms,” IEEE Internet Things J., vol. 8, no. 2, pp. 951–961,
11/FO/AUTOSAR_PRS_SOMEIPServiceDiscoveryProtocol.pdf Jan. 2021.
[29] F. Luo, Y. Jiang, Z. Zhang, Y. Ren, and S. Hou, “Threat analysis and risk [53] I. Sutskever, O. Vinyals, and Q. V. Le, “Sequence to sequence learning
assessment for connected vehicles: A survey,” Secur. Commun. Netw., with neural networks,” in Proc. Adv. Neural Inf. Process. Syst., vol. 27,
vol. 2021, pp. 1–19, Sep. 2021. 2014, pp. 1–9.
[30] O. Henniger, A. Ruddle, H. Seudié, B. Weyl, M. Wolf, and T. Wollinger, [54] J. Kim, J. Kim, H. L. T. Thu, and H. Kim, “Long short term memory
“Securing vehicular on-board IT systems: The EVITA project,” in Proc. recurrent neural network classifier for intrusion detection,” in Proc. Int.
VDI/VW Automot. Secur. Conf., 2009, p. 41. Conf. Platform Technol. Service (PlatCon), 2016, pp. 1–5.
[31] SAE Cybersecurity Guidebook for Cyber-Physical Automotive Systems, [55] R. C. Staudemeyer and E. R. Morris, “Understanding LSTM—A
SAE Standard J3061, 2017. tutorial into long short-term memory recurrent neural networks,” 2019,
[32] J.-P. Monteuuis, A. Boudguiga, J. Zhang, H. Labiod, A. Servel, and arXiv:1909.09586.
P. Urien, “SARA: Security automotive risk analysis method,” in Proc. [56] X. Yuan, C. Li, and X. Li, “DeepDefense: identifying DDoS attack via
4th ACM Workshop Cyber-Phys. Syst. Security, 2018, pp. 3–14. deep learning,” in Proc. IEEE Int. Conf. Smart Comput. (SMARTCOMP),
[33] S. Kim, R. Shrestha, S. Kim, and R. Shrestha, “Internet of Vehicles, 2017, pp. 1–8.
vehicular social networks, and cybersecurity,” Automotive Cyber [57] “Some-ip generator.” Egomania. 2016. [Online]. Available:
Security: Introduction, Challenges, and Standardization. Singapore: https://github.com/Egomania/SOME-IP_Generator
Springer, 2020, pp. 149–181. [58] D. Arp et al., “Dos and don’ts of machine learning in computer
[34] D. Ren, S. Du, and H. Zhu, “A novel attack tree based risk assessment security,” in Proc. 31st USENIX Security Symp., 2022, pp. 3971–3988.
approach for location privacy preservation in the vanets,” in Proc. IEEE
Int. Conf. Commun. (ICC), 2011, pp. 1–5.
[35] “Time-sensitive networking task group,” Piscataway, NJ, USA, docu-
ment 802.1, 2019. [Online]. Available: https://1.ieee802.org/tsn/802-1dg/
[36] B. Ma et al., “An authentication and secure communication scheme for
in-vehicle networks based on SOME/IP,” Sensors, vol. 22, no. 2, p. 647,
2022.
[37] A. Casparsen et al., “Closing the security gaps in some/ip through
implementation of a host-based intrusion detection system,” in Proc. Qi Liu received the B.S. degree in network
25th Int. Symp. Wireless Pers. Multimedia Commun. (WPMC), 2022, engineering from Suzhou University, Suzhou, China,
pp. 436–441. in 2017, and the master’s degree in computer science
[38] T. Koyama, M. Tanaka, A. Miyajima, S. Ukai, T. Sugashima, and and technology from Zhejiang Normal University,
M. Egawa, “SOME/IP intrusion detection system using real-time and Jinhua, China, in 2020. He is currently pursuing
retroactive anomaly detection,” in Proc. IEEE 95th Veh. Technol. Conf., the Ph.D. degree with the School of Computer
2022, pp. 1–7. Engineering and Science, Shanghai University,
[39] S. Lee, W. Choi, and D. H. Lee, “Protecting SOME/IP communication Shanghai, China.
via authentication ticket,” Sensors, vol. 23, no. 14, p. 6293, 2023. He is employed with Purple Mountain
[40] G. Zhang, Q. Liu, C. Cao, J. Li, and Y. Li, “Bit scanner: Anomaly detec- Laboratories, Nanjing, China. His research interests
tion for in-vehicle can bus using binary sequence whitelisting,” Comput. include the safety and security of connected
Secur., vol. 134, Nov. 2023, Art. no. 103436. automated vehicles, and differential privacy.
[41] A. Taylor, N. Japkowicz, and S. Leblanc, “Frequency-based anomaly Mr. Liu received the Outstanding Graduate of Zhejiang Province in 2020
detection for the automotive can bus,” in Proc. World Congr. Ind. Control and the Outstanding Graduate Doctorate in Shanghai in 2024. He serves as a
Syst. Security, 2015, pp. 45–49. reviewer for several journals, including IEEE Vehicular Technology Magazine
[42] H. M. Song, H. R. Kim, and H. K. Kim, “Intrusion detection system and Expert Systems With Applications.
based on the analysis of time intervals of can messages for in-vehicle
network,” in Proc. Int. Conf. Inf. Netw. (ICOIN), 2016, pp. 63–68.
[43] A. R. Javed, S. Ur Rehman, M. U. Khan, M. Alazab, and T. Reddy,
“CANintelliIDS: Detecting in-vehicle intrusion attacks on a controller
area network using CNN and attention-based GRU,” IEEE Trans. Netw.
Sci. Eng., vol. 8, no. 2, pp. 1456–1466, Apr.–Jun. 2021.
[44] E. Seo, H. M. Song, and H. K. Kim, “GIDS: GAN based intrusion
detection system for in-vehicle network,” in Proc. 16th Annu. Conf. Priv.,
Security Trust (PST), 2018, pp. 1–6.
Xingyu Li is currently pursuing the B.S. degree with
[45] T. He, L. Zhang, F. Kong, and A. Salekin, “Exploring inherent sensor
the School of Computer Engineering and Science,
redundancy for automotive anomaly detection,” in Proc. 57th ACM/IEEE
Shanghai University, Shanghai, China.
Design Autom. Conf. (DAC), 2020, pp. 1–6.
His research interests cover the security of con-
[46] L. Xue et al., “SAID: State-aware defense against injection attacks
nected automated vehicles and statistical methods,
on in-vehicle network,” in Proc. 31st USENIX Secur. Symp., 2022,
including the Hawkes process.
pp. 1921–1938.
[47] (AUTOSAR Found., Munich, Germany). AUTOSAR Software
Specification: Diagnostic Event Manager. 2020. [Online].
Available: https://www.autosar.org/fileadmin/standards/R20-
11/CP/AUTOSAR_SWS_DiagnosticEventManager.pdf

Authorized licensed use limited to: University of Michigan Library. Downloaded on February 03,2025 at 01:05:12 UTC from IEEE Xplore. Restrictions apply.
LIU et al.: SISSA: REAL-TIME MONITORING OF HARDWARE FUNCTIONAL SAFETY AND CYBERSECURITY 27339

Ke Sun (Member, IEEE) received the M.Sc. degree Yanchen Liu currently pursuing the B.S. degree in
from Tongji University, Shanghai, China, and the school of computer engineering and science from
University of Bologna, Bologna, Italy, in 2015, and Shanghai University, Shanghai, China, engaged in
the Ph.D. degree from the University of Sheffield, CV and ML research.
Sheffield, U.K., in 2020. He is adept at designing and implementing deep-
He is currently a Lecturer with the School learning models, operating and maintaining HPC
of Computer Engineering and Science, Shanghai clusters, optimizing complex computing tasks, and
University, Shanghai. Prior to that, he was a performance tuning.
Postdoctoral Researcher with the INRIA Centre,
Université Côte d’Azur, INRIA, Sophia Antipolis,
France, in 2022, and a Postdoctoral Research
Associate with the University of Sheffield from 2019 to 2021. His research
interests include the cybersecurity of cyber–physical systems.
Dr. Sun is the recipient of the 2023 Shanghai Overseas Talents Program, the
2020 ACSE Prize, and the Honorable Mention Award within the Engineering
Science Category in the 2020 Doctoral Research Award. He serves as a
TPC Member for IEEE SmartGridComm 2023 & 2024, and as a reviewer
for several journals and conferences, including IET Smart Grid, IEEE
I NTERNET OF T HINGS J OURNAL, IEEE T RANSACTIONS ON I NDUSTRIAL
I NFORMATICS, and IET Cyber-Physical Systems: Theory & Applications.

Yufeng Li received the Ph.D. degree in information

sciences from Information Engineering University,
Zhengzhou, China, in 2008.
He is currently a Professor with the School
of Computer Engineering and Science, Shanghai
University, Shanghai, China. He is in charge of
the endogenous security direction of the Internet
of Vehicles with Purple Mountain Laboratories,
Nanjing, China. His research interests include safety
and security of connected automated vehicles, broad-
band information network, and high-speed router
core technology.

Authorized licensed use limited to: University of Michigan Library. Downloaded on February 03,2025 at 01:05:12 UTC from IEEE Xplore. Restrictions apply.