Skip to Main Content Area
CPS-VO
Contact Support
Browse
Calendar
Announcements
Repositories
Groups
Search
Search for Content
Search for a Group
Search for People
Search for a Project
Tagcloud
› Go to login screen
Not a member?
Click here to register!
Forgot username or password?
Cyber-Physical Systems Virtual Organization
Read-only archive of site from September 29, 2023.
CPS-VO
»
Projects
EAGER: Collaborative: Toward a Test Bed for Heavy Vehicle Cyber Security Experimentation
View
Submitted by Rosanne Gamble on Thu, 01/04/2018 - 2:37pm
Project Details
Lead PI:
Rosanne Gamble
Co-PI(s):
Jeremy Daily
Performance Period:
01/01/16
-
12/31/18
Institution(s):
University of Tulsa
Sponsor(s):
National Science Foundation
Award Number:
1619690
729 Reads. Placed 530 out of 804 NSF CPS Projects based on total reads on all related artifacts.
Abstract:
Heavy vehicles, such as trucks and buses, are part of the US critical infrastructure and carry out a significant portion of commercial and private business operations. Little effort has been invested in cyber security for these assets. If an adversary gains access to the vehicle's Controller Area Network (CAN), attacks can be launched that can affect critical vehicle electronic components. Traditionally, physical access to a heavy vehicle was required to access the CAN. However, wireless devices are also installed on heavy vehicles, which open trucks and busses to remote wireless cyber attacks. This project explores cyber security vulnerabilities related to wireless devices that communicate on the CAN. For identified threats, researchers determine the proper mitigation strategies, including where and how they are best deployed. To demonstrate potential exploits and subsequent trust in proposed mitigation strategies, this project designs and implements a scalable, high-fidelity test bed using actual heavy vehicle electronic control units, such as engine and brake controllers. The test bed includes built-in mechanisms for remote access and secure information delivery to allow for collaboration among researchers at different sites. The results of the research, including the potential to extend the test bed with other components, can impact cyber security analysis for other industries that use CAN, such as building automation, medical devices, and manufacturing. The SAE J1939 communication network in heavy vehicles is based on CAN and has open documentation for packet definition and transmission. This openness may be exploited for creating spoofed J1939 messages. Heavy vehicle owners utilize third-party systems, such as remote telematics, that introduce new J1939 enabled modules, which can potentially be subverted by an adversary. This project uses these systems to gain remote access and attack another CAN connected electronic control unit. Packet sniffing is performed as the telematics system connects wirelessly to the CAN to determine if fake packets can be inserted. Research includes examining different designs, configurations, and deployments of intrusion detection systems to best thwart such remote attacks using the developed test bed. One challenge is to develop algorithms that can act in real-time with deployed test bed hardware. Research includes developing scientific strategies to measure the temporal response of the cyber actions in the test bed and the reaction time of any intrusion detection system, so that bounds can be determined based on the ability to conduct a remote cyber operation on a J1939 network.
Related Artifacts
Posters
EAGER: Collaborative: Toward a Test Bed for Heavy Vehicle Cyber Security Experimentation
|
Download
Toward a Test Bed for Heavy Vehicle Cyber Security Experimentation
|
Download
Publications
Practical DoS Attacks on Embedded Networks in Commercial Vehicles
Towards a Cyber Assurance Testbed for Heavy Vehicle Electronic Controls
Other
Toward a Test Bed for Heavy Vehicle Cyber Security Experimentation
|
Download
PDF version
Printer-friendly version