SAE J1939-specific cyber security for medium and heavy-duty vehicles
dc.contributor.author | Mukherjee, Subhojeet, author | |
dc.contributor.author | Partridge, Craig, advisor | |
dc.contributor.author | Daily, Jeremy, advisor | |
dc.contributor.author | Gersch, Joseph, committee member | |
dc.contributor.author | Bradley, Thomas, committee member | |
dc.date.accessioned | 2023-06-01T23:55:45Z | |
dc.date.available | 2023-06-01T23:55:45Z | |
dc.date.issued | 2023 | |
dc.description.abstract | Medium and heavy-duty (MHD) vehicles are part of the US critical infrastructure. In modern MHD vehicles, mechanical operations are regularly controlled by interconnected networks of electronic control units (ECU). Communication within and across these networks is typically governed by the SAE J1939 standards. It has been established that similar to their lighter counterparts (passenger vehicles), MHD vehicles expose remote and physically accessible interfaces through which arbitrary messages can be sent to ECUs with the intent to control and/or disrupt the vehicle's functions. For physical transport of information between ECUs, SAE J1939 utilizes the Controller Area Network (CAN) protocol. CAN is used extensively for in-passenger vehicle communication and its security features have been analyzed frequently. Albeit, the same cannot be said about SAE J1939. As such, in this dissertation, we investigate security methods for MHD vehicles that utilize specifics of SAE J1939. First, we research cyber-attacks that exploit weaknesses in the SAE J1939 standards. Along with the known attacks from related literature, these help in enhancing the current threatscape. Next, we research network-based security solutions that make use of SAE J1939 specifications. Prior work on in-vehicle security identifies the necessity for a multi-layered security solution that can raise alarms even if the attack cannot be completely prevented. As such, we provide security in two layers. In the first layer, we try to detect an ongoing attack and raise alarms. The method is designed to function in an online manner in the dynamic networking environment within an MHD vehicle. In the second layer, we try to identify attacker-injected messages using user-provided rules in real time as the message is being transmitted. The method is designed to classify a message (e.g. a command to unlock a door) as benign or malicious based on features other than its content (e.g. whether the vehicle is in motion). | |
dc.format.medium | born digital | |
dc.format.medium | doctoral dissertations | |
dc.identifier | Mukherjee_colostate_0053A_17597.pdf | |
dc.identifier.uri | https://hdl.handle.net/10217/236641 | |
dc.language | English | |
dc.language.iso | eng | |
dc.publisher | Colorado State University. Libraries | |
dc.relation.ispartof | 2020- | |
dc.rights | Copyright and other restrictions may apply. User is responsible for compliance with all applicable laws. For information about copyright law, please see https://libguides.colostate.edu/copyright. | |
dc.subject | denial-of-service attack | |
dc.subject | intrusion prevention system | |
dc.subject | SAE J1939 | |
dc.subject | intrusion detection system | |
dc.subject | controller area network | |
dc.subject | medium and heavy duty vehicles | |
dc.title | SAE J1939-specific cyber security for medium and heavy-duty vehicles | |
dc.type | Text | |
dcterms.rights.dpla | This Item is protected by copyright and/or related rights (https://rightsstatements.org/vocab/InC/1.0/). You are free to use this Item in any way that is permitted by the copyright and related rights legislation that applies to your use. For other uses you need to obtain permission from the rights-holder(s). | |
thesis.degree.discipline | Computer Science | |
thesis.degree.grantor | Colorado State University | |
thesis.degree.level | Doctoral | |
thesis.degree.name | Doctor of Philosophy (Ph.D.) |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- Mukherjee_colostate_0053A_17597.pdf
- Size:
- 21.15 MB
- Format:
- Adobe Portable Document Format