Nnaji, David C., authorDaily, Jeremy, advisorSimske, Steve, committee memberPasricha, Sudeep, committee memberRay, Indrajit, committee member2022-08-292024-08-222022https://hdl.handle.net/10217/235573Heavy vehicles are crucial to a functioning economy and society since they are responsible for delivering people and goods across the country. These systems rely on various forms of in-vehicle communication between electronic control units (ECU) for reliable operation. In recent years, numerous vulnerabilities inherent to unauthenticated in-vehicle communication have been identified in academia, industry, sponsored events, and real-world attacks. Current defensive cybersecurity research is primarily aimed at securing the controller area network (CAN) and other conventional systems. However, little to no defensive research has been conducted on legacy systems, and only recently have state-of-the-art attacks been identified in public disclosures or discussed in published works. Despite the age of the technology, the associated vulnerabilities from legacy networks are likely to persist for many years due to long equipment service life, cost-reluctance from fleets, and powerline bridge standardization. If system-wide security is desired by the industry, proportional research in this field is warranted. In this thesis, I examine the application of simple signature-based and anomaly-based intrusion detection on legacy serial data communication between ECUs in heavy-duty (HD) applications defined in SAE J1708 and J1587 building on previously published work. This is accomplished through the design and development of a prototype network gateway tailored to the requirements defined within the two protocols. Additionally, this thesis contributes the embedded software utility developed for the prototype gateway for open use and validates its functionality through robust unit testing. Ultimately, the intrusion detection system is deployed, tested, and evaluated on a retrofitted dual air brake system simulator (DABSS) managed by Dr. Jeremy Daily at the Powerhouse Energy Institute. An assessment of the effectiveness of the mitigation against four attack scenarios followed by recommendations for improvements and future work are provided in the final chapters.born digitalmasters thesesengCopyright and other restrictions may apply. User is responsible for compliance with all applicable laws. For information about copyright law, please see https://libguides.colostate.edu/copyright.automotive cybersecurityJ1708PLC4TRUCKSintrusion detection systemautomotive communicationJ2497Towards cybersecurity countermeasures for SAE J1708/1587 network protocol in heavy-duty vehiclesText