Abstract
Heavy vehicles, such as trucks and buses, are part of the US critical infrastructure and carry out a significant portion of commercial and private business operations. Little effort has been invested in cyber security for these assets. If an adversary gains access to the vehicle's Controller Area Network (CAN), attacks can be launched that can affect critical vehicle electronic components. Traditionally, physical access to a heavy vehicle was required to access the CAN. However, wireless devices are also installed on heavy vehicles, which open trucks and busses to remote wireless cyber attacks. This project explores cyber security vulnerabilities related to wireless devices that communicate on the CAN. For identified threats, researchers determine the proper mitigation strategies, including where and how they are best deployed. To demonstrate potential exploits and subsequent trust in proposed mitigation strategies, this project designs and implements a scalable, high-fidelity test bed using actual heavy vehicle electronic control units, such as engine and brake controllers. The test bed includes built-in mechanisms for remote access and secure information delivery to allow for collaboration among researchers at different sites. The results of the research, including the potential to extend the test bed with other components, can impact cyber security analysis for other industries that use CAN, such as building automation, medical devices, and manufacturing.
The SAE J1939 communication network in heavy vehicles is based on CAN and has open documentation for packet definition and transmission. This openness may be exploited for creating spoofed J1939 messages. Heavy vehicle owners utilize third-party systems, such as remote telematics, that introduce new J1939 enabled modules, which can potentially be subverted by an adversary. This project uses these systems to gain remote access and attack another CAN connected electronic control unit. Packet sniffing is performed as the telematics system connects wirelessly to the CAN to determine if fake packets can be inserted. Research includes examining different designs, configurations, and deployments of intrusion detection systems to best thwart such remote attacks using the developed test bed. One challenge is to develop algorithms that can act in real-time with deployed test bed hardware. Research includes developing scientific strategies to measure the temporal response of the cyber actions in the test bed and the reaction time of any intrusion detection system, so that bounds can be determined based on the ability to conduct a remote cyber operation on a J1939 network.
Performance Period: 01/01/2016 - 12/31/2018
Institution: University of Tulsa
Sponsor: National Science Foundation
Award Number: 1619690