Rik Chatterjee, Subhojeet Mukherjee, Jeremy Daily (Colorado State University)

Modern vehicles are equipped with embedded computers that utilize standard protocols for internal communication. The SAE J1939 protocols running on top of the Controller Area Network (CAN) protocol is the primary choice of internal communication for embedded computers in medium and heavy-duty vehicles. This paper presents five different cases in which potential shortcomings of the SAE J1939 standards are exploited to launch attacks on in-vehicle computers that constitute SAE J1939 networks.
In the first two of these scenarios, we validate the previously proposed attack hypothesis on more comprehensive testing setups. In the later three of these scenarios, we present newer attack vectors that can be executed on bench test setups and deployed SAE J1939 networks.
For the purpose of demonstration, we use bench-level test systems with real electronic control units connected to a CAN bus. Additional testing was conducted on a 2014 Kenworth T270 Class 6 truck under both stationary and driving conditions. Test results show how protocol attacks can target specific ECUs. These attacks should be considered by engineers and programmers implementing the J1939 protocol stack in their communications subsystem.

View More Papers

An OS-agnostic Approach to Memory Forensics

Andrea Oliveri (EURECOM), Matteo Dell'Amico (University of Genoa), Davide Balzarotti (EURECOM)

Read More

Partitioning Ethereum without Eclipsing It

Hwanjo Heo (ETRI), Seungwon Woo (ETRI/KAIST), Taeung Yoon (KAIST), Min Suk Kang (KAIST), Seungwon Shin (KAIST)

Read More

WIP: Adversarial Object-Evasion Attack Detection in Autonomous Driving Contexts:...

Rao Li (The Pennsylvania State University), Shih-Chieh Dai (Pennsylvania State University), Aiping Xiong (Penn State University)

Read More

PISE: Protocol Inference using Symbolic Execution and Automata Learning

Ron Marcovich, Orna Grumberg, Gabi Nakibly (Technion, Israel Institute of Technology)

Read More