Here you will find information on CAN bus cybersecurity. CAN is an excellent technology for control system integration. However, it was never designed with protection against cyberattacks in mind.
Attacks could include:
- Spoofing of a device or ECU
- Man-In-The-Middle
- Denial of Service – e.g. taking the communications of an ECU down
- Address Claim Hunter (NMEA2000, SAE J1939, ISOBUS, RV-C)
Attack examples include:
- AdBlue ECU cheat– pretending AdBlue tank is full to prevent going into limp-home mode
- Accident data manipulation
- Tachograph cheating
- Making control system dangerous by malicious attack
- Manipulation of Battery Management System data
- Bring entire network down (DoS on NMEA2000 by using Address Claim Hunter)
- Reverse engineering of the CAN bus
Warwick Control can provide technologies to detect and prevent cybersecurity issues with CAN, e.g.
- Patented CAN bus fingerprinting is used in the Battery Passport to protect against battery usage data manipulation.
- Address Claim Hunter detection and prevention on NMEA2000, SAE J1939, ISOBUS, RV-C networks.
If you are interested in more information, please contact enquiries@warwickcontrol.com
Training
Warwick Control is now providing a course on CAN bus hacking and cybersecurity which deals with the particular vulnerabilities in CAN and its higher layer protocol networks. See here:
https://www.warwickcontrol.com/training/
Articles on CAN Bus Cybersecurity
Address Claim Hunter testing using T-Script for Kvaser Professional CAN interfaces.
Reverse Engineering the CAN Bus
See here for some articles:
Use of CAN Bus Message Electrical Signatures for Automotive Reverse Engineering
Reverse Engineering Utilising X-Analyser Advanced Features
Link to https://batterypassport.org
An application for CyberCAN is Battery Passport in which CyberCAN is used to protect against battery usage data manipulation.
If you are interested in more information on CyberCAN, please contact sales@warwickcontrol.com