Rik Chatterjee, Subhojeet Mukherjee, Jeremy Daily (Colorado State University)

Modern vehicles are equipped with embedded computers that utilize standard protocols for internal communication. The SAE J1939 protocols running on top of the Controller Area Network (CAN) protocol is the primary choice of internal communication for embedded computers in medium and heavy-duty vehicles. This paper presents five different cases in which potential shortcomings of the SAE J1939 standards are exploited to launch attacks on in-vehicle computers that constitute SAE J1939 networks.
In the first two of these scenarios, we validate the previously proposed attack hypothesis on more comprehensive testing setups. In the later three of these scenarios, we present newer attack vectors that can be executed on bench test setups and deployed SAE J1939 networks.
For the purpose of demonstration, we use bench-level test systems with real electronic control units connected to a CAN bus. Additional testing was conducted on a 2014 Kenworth T270 Class 6 truck under both stationary and driving conditions. Test results show how protocol attacks can target specific ECUs. These attacks should be considered by engineers and programmers implementing the J1939 protocol stack in their communications subsystem.

View More Papers

InfoMasker: Preventing Eavesdropping Using Phoneme-Based Noise

Peng Huang (Zhejiang University), Yao Wei (Zhejiang University), Peng Cheng (Zhejiang University), Zhongjie Ba (Zhejiang University), Li Lu (Zhejiang University), Feng Lin (Zhejiang University), Fan Zhang (Zhejiang University), Kui Ren (Zhejiang University)

Read More

Accountable Javascript Code Delivery

Ilkan Esiyok (CISPA Helmholtz Center for Information Security), Pascal Berrang (University of Birmingham & Nimiq), Katriel Cohn-Gordon (Meta), Robert Künnemann (CISPA Helmholtz Center for Information Security)

Read More

Him of Many Faces: Characterizing Billion-scale Adversarial and Benign...

Shujiang Wu (Johns Hopkins University), Pengfei Sun (F5, Inc.), Yao Zhao (F5, Inc.), Yinzhi Cao (Johns Hopkins University)

Read More

dewolf: Improving Decompilation by leveraging User Surveys

Steffen Enders, Eva-Maria C. Behner, Niklas Bergmann, Mariia Rybalka, Elmar Padilla (Fraunhofer FKIE, Germany), Er Xue Hui, Henry Low, Nicholas Sim (DSO National Laboratories, Singapore)

Read More