Rik Chatterjee, Subhojeet Mukherjee, Jeremy Daily (Colorado State University)

Modern vehicles are equipped with embedded computers that utilize standard protocols for internal communication. The SAE J1939 protocols running on top of the Controller Area Network (CAN) protocol is the primary choice of internal communication for embedded computers in medium and heavy-duty vehicles. This paper presents five different cases in which potential shortcomings of the SAE J1939 standards are exploited to launch attacks on in-vehicle computers that constitute SAE J1939 networks.
In the first two of these scenarios, we validate the previously proposed attack hypothesis on more comprehensive testing setups. In the later three of these scenarios, we present newer attack vectors that can be executed on bench test setups and deployed SAE J1939 networks.
For the purpose of demonstration, we use bench-level test systems with real electronic control units connected to a CAN bus. Additional testing was conducted on a 2014 Kenworth T270 Class 6 truck under both stationary and driving conditions. Test results show how protocol attacks can target specific ECUs. These attacks should be considered by engineers and programmers implementing the J1939 protocol stack in their communications subsystem.

View More Papers

BANS: Evaluation of Bystander Awareness Notification Systems for Productivity...

Shady Mansour (LMU Munich), Pascal Knierim (Universitat Innsbruck), Joseph O’Hagan (University of Glasgow), Florian Alt (University of the Bundeswehr Munich), Florian Mathis (University of Glasgow)

Read More

Kids, Cats, and Control: Designing Privacy and Security Dashboard...

Jacob Abbott (Indiana University), Jayati Dev (Indiana University), DongInn Kim (Indiana University), Shakthidhar Reddy Gopavaram (Indiana University), Meera Iyer (Indiana University), Shivani Sadam (Indiana University) , Shirang Mare (Western Washington University), Tatiana Ringenberg (Purdue University), Vafa Andalibi (Indiana University), and L. Jean Camp(Indiana University)

Read More

Cyber Threat Intelligence for SOC Analysts

Nidhi Rastogi, Md Tanvirul Alam (Rochester Institute of Technology)

Read More