EAGER: Collaborative: Toward a Test Bed for Heavy Vehicle Cyber Security Experimentation

EAGER：协作：迈向重型车辆网络安全实验的试验台

• 批准号: 1619641
• 负责人: Indrakshi Ray
• 金额: $ 13万
• 依托单位: Colorado State University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2016
• 资助国家: 美国
• 起止时间: 2016-01-01 至 2018-12-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1619641&HistoricalAwards=false
• 关键词: EAGER; Collaborative; Toward; Test; Bed

Heavy vehicles, such as trucks and buses, are part of the US critical infrastructure and carry out a significant portion of commercial and private business operations. Little effort has been invested in cyber security for these assets. If an adversary gains access to the vehicle's Controller Area Network (CAN), attacks can be launched that can affect critical vehicle electronic components. Traditionally, physical access to a heavy vehicle was required to access the CAN. However, wireless devices are also installed on heavy vehicles, which open trucks and busses to remote wireless cyber attacks. This project explores cyber security vulnerabilities related to wireless devices that communicate on the CAN. For identified threats, researchers determine the proper mitigation strategies, including where and how they are best deployed. To demonstrate potential exploits and subsequent trust in proposed mitigation strategies, this project designs and implements a scalable, high-fidelity test bed using actual heavy vehicle electronic control units, such as engine and brake controllers. The test bed includes built-in mechanisms for remote access and secure information delivery to allow for collaboration among researchers at different sites. The results of the research, including the potential to extend the test bed with other components, can impact cyber security analysis for other industries that use CAN, such as building automation, medical devices, and manufacturing. The SAE J1939 communication network in heavy vehicles is based on CAN and has open documentation for packet definition and transmission. This openness may be exploited for creating spoofed J1939 messages. Heavy vehicle owners utilize third-party systems, such as remote telematics, that introduce new J1939 enabled modules, which can potentially be subverted by an adversary. This project uses these systems to gain remote access and attack another CAN connected electronic control unit. Packet sniffing is performed as the telematics system connects wirelessly to the CAN to determine if fake packets can be inserted. Research includes examining different designs, configurations, and deployments of intrusion detection systems to best thwart such remote attacks using the developed test bed. One challenge is to develop algorithms that can act in real-time with deployed test bed hardware. Research includes developing scientific strategies to measure the temporal response of the cyber actions in the test bed and the reaction time of any intrusion detection system, so that bounds can be determined based on the ability to conduct a remote cyber operation on a J1939 network.

重型车辆，如卡车和公共汽车，是美国关键基础设施的一部分，并进行了商业和私营企业运营的重要部分。在这些资产的网络安全方面投入的努力很少。如果攻击者获得对车辆控制器局域网（CAN）的访问权限，就可能发起影响关键车辆电子组件的攻击。传统上，访问CAN需要对重型车辆进行物理访问。然而，无线设备也安装在重型车辆上，这使得卡车和公共汽车容易受到远程无线网络攻击。该项目探讨了与在CAN上通信的无线设备相关的网络安全漏洞。对于已确定的威胁，研究人员确定适当的缓解策略，包括最佳部署位置和方式。为了证明潜在的漏洞利用和随后对拟议缓解策略的信任，该项目设计并实施了一个可扩展的高保真测试台，使用实际的重型车辆电子控制单元，如发动机和制动控制器。该试验台包括用于远程访问和安全信息传递的内置机制，以便不同地点的研究人员之间进行协作。研究结果，包括使用其他组件扩展测试床的可能性，可能会影响使用CAN的其他行业的网络安全分析，例如楼宇自动化，医疗设备和制造业。重型车辆中的SAE J1939通信网络基于CAN，并具有用于数据包定义和传输的开放文档。这种开放性可能被用来创建假冒的J1939消息。重型车辆车主使用第三方系统，如远程信息处理系统，这些系统引入了新的J1939启用模块，这些模块可能会被对手破坏。该项目使用这些系统获得远程访问并攻击另一个CAN连接的电子控制单元。当远程信息处理系统无线连接到CAN时执行数据包嗅探，以确定是否可以插入假数据包。研究包括检查不同的设计，配置和部署的入侵检测系统，以最好地阻止这种远程攻击使用开发的测试床。一个挑战是开发可以与部署的测试台硬件实时操作的算法。研究包括制定科学的策略来测量测试床中网络行为的时间响应和任何入侵检测系统的反应时间，以便根据在J1939网络上进行远程网络操作的能力来确定界限。

项目成果

POSTER: PenJ1939: An Interactive Framework for Design and Dissemination of Exploits for Commercial Vehicles

海报：PenJ1939：商用车漏洞设计和传播的交互式框架

• DOI: 10.1145/3133956.3138844
• 发表时间: 2017
• 期刊: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security
• 作者: Mukherjee, Subhojeet;Cain, Noah;Walker, Jacob;White, David;Ray, Indrajit;Ray, Indrakshi
• 通讯作者: Ray, Indrakshi