Visible to the public Adding Cyberattacks To An Industry-Leading CAN Simulator

TitleAdding Cyberattacks To An Industry-Leading CAN Simulator
Publication TypeConference Paper
Year of Publication2019
AuthorsHayward, Jake, Tomlinson, Andrew, Bryans, Jeremy
Conference Name2019 IEEE 19th International Conference on Software Quality, Reliability and Security Companion (QRS-C)
Date Publishedjul
Keywordsattack detection, attack prevention systems, automobiles, automotive cyber-security, automotive cybersecurity, Automotive engineering, CAN simulator, car, communication bus, conformance testing, controller area network, controller area network security, controller area networks, cyber vulnerability, Cyber-physical systems, cyberattacks, data usage, in-vehicle network, Internet of Things, Intrusion detection, Logic gates, performance critical components, pubcrawl, representative attack demonstrations, Resiliency, Roads, safety critical components, safety-critical software, security of data, simulation, telecommunication security, Testing, traffic engineering computing
AbstractRecent years have seen an increase in the data usage in cars, particularly as they become more autonomous and connected. With the rise in data use have come concerns about automotive cyber-security. An in-vehicle network shown to be particularly vulnerable is the Controller Area Network (CAN), which is the communication bus used by the car's safety critical and performance critical components. Cyber attacks on the CAN have been demonstrated, leading to research to develop attack detection and attack prevention systems. Such research requires representative attack demonstrations and data for testing. Obtaining this data is problematical due to the expense, danger and impracticality of using real cars on roads or tracks for example attacks. Whilst CAN simulators are available, these tend to be configured for testing conformance and functionality, rather than analysing security and cyber vulnerability. We therefore adapt a leading, industry-standard, CAN simulator to incorporate a core set of cyber attacks that are representative of those proposed by other researchers. Our adaptation allows the user to configure the attacks, and can be added easily to the free version of the simulator. Here we describe the simulator and, after reviewing the attacks that have been demonstrated and discussing their commonalities, we outline the attacks that we have incorporated into the simulator.
DOI10.1109/QRS-C.2019.00016
Citation Keyhayward_adding_2019