Security shortcomings of embedded network protocols in commercial vehicles

Abstract

Modern commercial vehicles depend on embedded systems that communicate via standardized protocols, forming the foundation of their internal networks. The Controller Area Network (CAN) protocol is commonly employed for communication, with protocols such as SAE J1939 and Unified Diagnostic Services (UDS) playing critical roles in medium and heavy-duty vehicles. This thesis investigates multiple attack vectors that exploit vulnerabilities in both the SAE J1939 and UDS protocols, potentially compromising electronic control units (ECUs) in commercial vehicle networks. The study presents five case scenarios related to the SAE J1939 standard, including two that validate previously proposed attack hypotheses using extensive testing setups. Additionally, three new attack vectors are explored through bench tests and in-vehicle trials. Simultaneously, the research highlights three vulnerabilities within the UDS protocol, specifically addressing weaknesses in the ISO 14229 and ISO 15765 specifications. Testing was conducted on real-world systems, including bench setups with ECUs connected to a CAN bus and in-vehicle evaluations using a 2014 Kenworth T270 and a 2018 Freightliner Cascadia Truck Front Cab configured as a test bench. The results demonstrate how these protocol-based attacks can target and compromise specific ECUs, revealing significant security gaps in current vehicular communication systems. Engineers and developers working with SAE J1939 and UDS stacks must consider these vulnerabilities to enhance the resilience of communication subsystems in future designs.