Secure Data Transmission in ECU Data Acquisition Systems based on MQTT and TLS
Resumo
Electronic Control Units (ECUs) play a critical role in modern automotive systems, providing data for performance analysis, calibration, and validation. Traditional commercial acquisition tools are widely used but often limited by high costs, dependency on high-performance computers, and restricted integration with modern cloud and edge-processing infrastructures. To overcome these limitations, we developed the Intelligent Acquisition and Analysis System for ECUs (IASE), an embedded platform designed for real-time data acquisition and calibration. This paper presents a secure communication architecture for the second generation of the system (IASE v2), enabling remote connectivity through 4G networks while ensuring confidentiality, integrity, and authenticity of transmitted data. The architecture integrates MQTT over TLS with per-device certificates and mutual authentication (mTLS). We validate the solution through experiments under real-world 4G conditions, demonstrating reliable performance, secure Over-The-Air (OTA) updates, and message delivery consistency. Results show that the proposed approach ensures robust data security without compromising scalability, making it suitable for modern automotive testing environments.
Palavras-chave:
ECU Data Acquisition, MQTT, TLS, Mutual Authentication, Embedded Automotive Systems
Referências
K.-H. Dietsche e K. Reif, Automotive Handbook, 11th Edition, Revised and Extended. Karlsruhe: Bosch, 2022.
J. Weber, Automotive Development Processes: Processes for Successful Customer Oriented Vehicle Development. Berlin, Heidelberg: Springer Berlin Heidelberg, 2009. DOI: 10.1007/978-3-642-01253-2.
B. Du e L. Sterpone, “An FPGA-based testing platform for the validation of automotive powertrain ECU”, em 2016 IFIP/IEEE International Conference on Very Large Scale Integration (VLSI-SoC), set. 2016, p. 1–7. DOI: 10.1109/VLSI-SoC.2016.7753553.
J. Andert, S. Klein, R. Savelsberg, S. Pischinger, e K. Hameyer, “Virtual shaft: Synchronized motion control for real time testing of automotive powertrains”, Control Engineering Practice, vol. 56, p. 101–110, nov. 2016, DOI: 10.1016/j.conengprac.2016.08.005.
D. Guse, J. Andert, S. Walter, e N. Meyer, “Next Level of Testing - Extended Frontloading through Latency-optimized EiL Test Benches”, MTZ Worldw, vol. 81, no 10, p. 44–49, out. 2020, DOI: 10.1007/s38313-020-0278-7.
“VH4110 - IoT Enabler Manual”, Vector Informatik GmbH. Acesso em: 27 de setembro de 2025. [Online]. Disponível em: [link]
J. P. Bedretchuk, S. Arribas García, T. Nogiri Igarashi, R. Canal, A. Wedderhoff Spengler, e G. Gracioli, “Low-Cost Data Acquisition System for Automotive Electronic Control Units”, Sensors, vol. 23, no 4, p. 2319, jan. 2023, DOI: 10.3390/s23042319.
S. Arribas, J. Bedretchuck, A. Spengler, e T. Nogiri, “Desenvolvimento de Software Embarcado para Aquisição e Calibração de ECUs Automotivas”, em Blucher Engineering Proceedings, Blucher Proceedings, set. 2022, p. 50–60. DOI: 10.5151/simea2022-PAP10.
B. Bhushan, G. Sahoo, e A. K. Rai, “Man-in-the-middle attack in wireless and computer networking — A review”, em 2017 3rd International Conference on Advances in Computing,Communication & Automation (ICACCA) (Fall), set. 2017, p. 1–6. DOI: 10.1109/ICACCAF.2017.8344724.
M. Conti, N. Dragoni, e V. Lesyk, “A Survey of Man In The Middle Attacks”, IEEE Communications Surveys & Tutorials, vol. 18, no 3, p. 2027–2051, 2016, DOI: 10.1109/COMST.2016.2548426.
“Miller, C. and Valasek, C. (2015) Remote Exploitation of an Unaltered Passenger Vehicle. Black Hat USA. - References - Scientific Research Publishing”. Acesso em: 27 de setembro de 2025. [Online]. Disponível em: [link]
Z. Kegenbekov e A. Saparova, “Using the MQTT Protocol to Transmit Vehicle Telemetry Data”, Transportation Research Procedia, vol. 61, p. 410–417, jan. 2022, DOI: 10.1016/j.trpro.2022.01.067.
F. Chen, Y. Huo, J. Zhu, e D. Fan, “A Review on the Study on MQTT Security Challenge”, em 2020 IEEE International Conference on Smart Cloud (SmartCloud), nov. 2020, p. 128–133. DOI: 10.1109/SmartCloud49737.2020.00032.
I. L. B. M. Paris, M. H. Habaebi, e A. M. Zyoud, “Implementation of SSL/TLS Security with MQTT Protocol in IoT Environment”, Wireless Pers Commun, vol. 132, no 1, p. 163–182, set. 2023, DOI: 10.1007/s11277-023-10605-y.
J. Weber, Automotive Development Processes: Processes for Successful Customer Oriented Vehicle Development. Berlin, Heidelberg: Springer Berlin Heidelberg, 2009. DOI: 10.1007/978-3-642-01253-2.
B. Du e L. Sterpone, “An FPGA-based testing platform for the validation of automotive powertrain ECU”, em 2016 IFIP/IEEE International Conference on Very Large Scale Integration (VLSI-SoC), set. 2016, p. 1–7. DOI: 10.1109/VLSI-SoC.2016.7753553.
J. Andert, S. Klein, R. Savelsberg, S. Pischinger, e K. Hameyer, “Virtual shaft: Synchronized motion control for real time testing of automotive powertrains”, Control Engineering Practice, vol. 56, p. 101–110, nov. 2016, DOI: 10.1016/j.conengprac.2016.08.005.
D. Guse, J. Andert, S. Walter, e N. Meyer, “Next Level of Testing - Extended Frontloading through Latency-optimized EiL Test Benches”, MTZ Worldw, vol. 81, no 10, p. 44–49, out. 2020, DOI: 10.1007/s38313-020-0278-7.
“VH4110 - IoT Enabler Manual”, Vector Informatik GmbH. Acesso em: 27 de setembro de 2025. [Online]. Disponível em: [link]
J. P. Bedretchuk, S. Arribas García, T. Nogiri Igarashi, R. Canal, A. Wedderhoff Spengler, e G. Gracioli, “Low-Cost Data Acquisition System for Automotive Electronic Control Units”, Sensors, vol. 23, no 4, p. 2319, jan. 2023, DOI: 10.3390/s23042319.
S. Arribas, J. Bedretchuck, A. Spengler, e T. Nogiri, “Desenvolvimento de Software Embarcado para Aquisição e Calibração de ECUs Automotivas”, em Blucher Engineering Proceedings, Blucher Proceedings, set. 2022, p. 50–60. DOI: 10.5151/simea2022-PAP10.
B. Bhushan, G. Sahoo, e A. K. Rai, “Man-in-the-middle attack in wireless and computer networking — A review”, em 2017 3rd International Conference on Advances in Computing,Communication & Automation (ICACCA) (Fall), set. 2017, p. 1–6. DOI: 10.1109/ICACCAF.2017.8344724.
M. Conti, N. Dragoni, e V. Lesyk, “A Survey of Man In The Middle Attacks”, IEEE Communications Surveys & Tutorials, vol. 18, no 3, p. 2027–2051, 2016, DOI: 10.1109/COMST.2016.2548426.
“Miller, C. and Valasek, C. (2015) Remote Exploitation of an Unaltered Passenger Vehicle. Black Hat USA. - References - Scientific Research Publishing”. Acesso em: 27 de setembro de 2025. [Online]. Disponível em: [link]
Z. Kegenbekov e A. Saparova, “Using the MQTT Protocol to Transmit Vehicle Telemetry Data”, Transportation Research Procedia, vol. 61, p. 410–417, jan. 2022, DOI: 10.1016/j.trpro.2022.01.067.
F. Chen, Y. Huo, J. Zhu, e D. Fan, “A Review on the Study on MQTT Security Challenge”, em 2020 IEEE International Conference on Smart Cloud (SmartCloud), nov. 2020, p. 128–133. DOI: 10.1109/SmartCloud49737.2020.00032.
I. L. B. M. Paris, M. H. Habaebi, e A. M. Zyoud, “Implementation of SSL/TLS Security with MQTT Protocol in IoT Environment”, Wireless Pers Commun, vol. 132, no 1, p. 163–182, set. 2023, DOI: 10.1007/s11277-023-10605-y.
Publicado
24/11/2025
Como Citar
BEDRETCHUK, João Paulo; DOPKE, Tiago Porsch; MARTINS, Thiago; GRACIOLI, Giovani; SPENGLER, Anderson Wedderhoff.
Secure Data Transmission in ECU Data Acquisition Systems based on MQTT and TLS. In: WORKSHOP LATINOAMERICANO DE DEPENDABILIDADE E SEGURANÇA EM SISTEMAS VEICULARES (SSV), 2. , 2025, Campinas/SP.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2025
.
p. 33-36.
