CyberCAN

Here you will find information on CAN bus cybersecurity.  CAN is an excellent technology for control system integration.  However, it was never designed with protection against cyberattacks in mind.

Attacks could include:

  • Spoofing of a device or ECU
  • Man-In-The-Middle
  • Denial of Service – e.g. taking the communications of an ECU down
  • Address Claim Hunter (NMEA2000, SAE J1939, ISOBUS, RV-C)

 

Attack examples include:

  • AdBlue ECU cheat– pretending AdBlue tank is full to prevent going into limp-home mode
  • Accident data manipulation
  • Tachograph cheating
  • Making control system dangerous by malicious attack
  • Manipulation of Battery Management System data
  • Bring entire network down (DoS on NMEA2000 by using Address Claim Hunter)
  • Reverse engineering of the CAN bus

 

Warwick Control can provide technologies to detect and prevent cybersecurity issues with CAN, e.g.

  • Patented CAN bus fingerprinting is used in the Battery Passport   to protect against battery usage data manipulation.
  • Address Claim Hunter detection and prevention on NMEA2000, SAE J1939, ISOBUS, RV-C networks.

If you are interested in more information, please contact enquiries@warwickcontrol.com

Training

Warwick Control is now providing a course on CAN bus hacking and cybersecurity which deals with the particular vulnerabilities in CAN and its higher layer protocol networks.  See here:

https://www.warwickcontrol.com/training/

Articles on CAN Bus Cybersecurity

Address Claim Hunter testing using T-Script for Kvaser Professional CAN interfaces.

 

 

Reverse Engineering the CAN Bus

See here for some articles:

Use of CAN Bus Message Electrical Signatures for Automotive Reverse Engineering

 

Reverse Engineering Utilising X-Analyser Advanced Features

 


 Link to https://batterypassport.org

An application for CyberCAN is Battery Passport in which CyberCAN is used to protect against battery usage data manipulation.

If you are interested in more information on CyberCAN, please contact sales@warwickcontrol.com