EAGER: Collaborative: Toward a Test Bed for Heavy Vehicle Cyber Security Experimentation

Information

  • NSF Award
  • 1619690
Owner
  • Award Id
    1619690
  • Award Effective Date
    1/1/2016 - 9 years ago
  • Award Expiration Date
    12/31/2017 - 7 years ago
  • Award Amount
    $ 170,000.00
  • Award Instrument
    Standard Grant

EAGER: Collaborative: Toward a Test Bed for Heavy Vehicle Cyber Security Experimentation

Heavy vehicles, such as trucks and buses, are part of the US critical infrastructure and carry out a significant portion of commercial and private business operations. Little effort has been invested in cyber security for these assets. If an adversary gains access to the vehicle's Controller Area Network (CAN), attacks can be launched that can affect critical vehicle electronic components. Traditionally, physical access to a heavy vehicle was required to access the CAN. However, wireless devices are also installed on heavy vehicles, which open trucks and busses to remote wireless cyber attacks. This project explores cyber security vulnerabilities related to wireless devices that communicate on the CAN. For identified threats, researchers determine the proper mitigation strategies, including where and how they are best deployed. To demonstrate potential exploits and subsequent trust in proposed mitigation strategies, this project designs and implements a scalable, high-fidelity test bed using actual heavy vehicle electronic control units, such as engine and brake controllers. The test bed includes built-in mechanisms for remote access and secure information delivery to allow for collaboration among researchers at different sites. The results of the research, including the potential to extend the test bed with other components, can impact cyber security analysis for other industries that use CAN, such as building automation, medical devices, and manufacturing.<br/><br/>The SAE J1939 communication network in heavy vehicles is based on CAN and has open documentation for packet definition and transmission. This openness may be exploited for creating spoofed J1939 messages. Heavy vehicle owners utilize third-party systems, such as remote telematics, that introduce new J1939 enabled modules, which can potentially be subverted by an adversary. This project uses these systems to gain remote access and attack another CAN connected electronic control unit. Packet sniffing is performed as the telematics system connects wirelessly to the CAN to determine if fake packets can be inserted. Research includes examining different designs, configurations, and deployments of intrusion detection systems to best thwart such remote attacks using the developed test bed. One challenge is to develop algorithms that can act in real-time with deployed test bed hardware. Research includes developing scientific strategies to measure the temporal response of the cyber actions in the test bed and the reaction time of any intrusion detection system, so that bounds can be determined based on the ability to conduct a remote cyber operation on a J1939 network.

  • Program Officer
    Ralph Wachter
  • Min Amd Letter Date
    12/24/2015 - 9 years ago
  • Max Amd Letter Date
    12/24/2015 - 9 years ago
  • ARRA Amount

Institutions

  • Name
    University of Tulsa
  • City
    Tulsa
  • State
    OK
  • Country
    United States
  • Address
    800 S. Tucker Drive
  • Postal Code
    741049700
  • Phone Number
    9186312192

Investigators

  • First Name
    Rosanne
  • Last Name
    Gamble
  • Email Address
    rose-gamble@utulsa.edu
  • Start Date
    12/24/2015 12:00:00 AM
  • First Name
    Jeremy
  • Last Name
    Daily
  • Email Address
    jeremy-daily@utulsa.edu
  • Start Date
    12/24/2015 12:00:00 AM

Program Element

  • Text
    CYBER-PHYSICAL SYSTEMS (CPS)
  • Code
    7918
  • Text
    Secure &Trustworthy Cyberspace
  • Code
    8060

Program Reference

  • Text
    CNCI
  • Code
    7434
  • Text
    EAGER
  • Code
    7916
  • Text
    WOMEN, MINORITY, DISABLED, NEC
  • Code
    9102
  • Text
    EXP PROG TO STIM COMP RES
  • Code
    9150