SAE J1939-specific cyber security for medium and heavy-duty vehicles
Date
2023
Authors
Mukherjee, Subhojeet, author
Partridge, Craig, advisor
Daily, Jeremy, advisor
Gersch, Joseph, committee member
Bradley, Thomas, committee member
Journal Title
Journal ISSN
Volume Title
Abstract
Medium and heavy-duty (MHD) vehicles are part of the US critical infrastructure. In modern MHD vehicles, mechanical operations are regularly controlled by interconnected networks of electronic control units (ECU). Communication within and across these networks is typically governed by the SAE J1939 standards. It has been established that similar to their lighter counterparts (passenger vehicles), MHD vehicles expose remote and physically accessible interfaces through which arbitrary messages can be sent to ECUs with the intent to control and/or disrupt the vehicle's functions. For physical transport of information between ECUs, SAE J1939 utilizes the Controller Area Network (CAN) protocol. CAN is used extensively for in-passenger vehicle communication and its security features have been analyzed frequently. Albeit, the same cannot be said about SAE J1939. As such, in this dissertation, we investigate security methods for MHD vehicles that utilize specifics of SAE J1939. First, we research cyber-attacks that exploit weaknesses in the SAE J1939 standards. Along with the known attacks from related literature, these help in enhancing the current threatscape. Next, we research network-based security solutions that make use of SAE J1939 specifications. Prior work on in-vehicle security identifies the necessity for a multi-layered security solution that can raise alarms even if the attack cannot be completely prevented. As such, we provide security in two layers. In the first layer, we try to detect an ongoing attack and raise alarms. The method is designed to function in an online manner in the dynamic networking environment within an MHD vehicle. In the second layer, we try to identify attacker-injected messages using user-provided rules in real time as the message is being transmitted. The method is designed to classify a message (e.g. a command to unlock a door) as benign or malicious based on features other than its content (e.g. whether the vehicle is in motion).
Description
Rights Access
Subject
denial-of-service attack
intrusion prevention system
SAE J1939
intrusion detection system
controller area network
medium and heavy duty vehicles