CAN Bus Vulnerabilities Raise Threats for Cars and Tanks  

How could a car thief steal a vehicle designed to only allow the car to be unlocked and started via its key fob?

In April 2023, media outlets reported escalating high-end car thefts using a technique that caused a vehicle’s immobilizer system to malfunction. The attack exploited a vulnerability in the car’s control system disabling the immobilizer and allowing car thieves to unlock the car doors, start the engine and steal the car. How could a car thief perform such a task on a vehicle designed to only allow the car to be unlocked and started via its key fob? Enter CAN bus. 

The CAN Bus Ripple Effect 

Around 1995, car manufacturers began replacing the electrical control system with a modern technology called CAN bus (Controller Area Network). Prior technology depended on directly connecting driver-controlled switches with the electrical device being operated. For example, when a driver presses the brake pedal, it activates the brake light switch. A wire connecting the switch to the brake lights provides the power to the brake lights and illuminates them. This direct connect method could be found in headlights, taillights, turn signals, and everything electrical being controlled by carrying the power from the switch to the device. This required heavy wires to be installed throughout the vehicle. The CAN bus enabled the control signal to be sent to the device via a digital network needing less current and benefitting from a bus topology rather than a star topology. Other systems, like airliners also implemented the CAN bus technology for the same reasons. 

CAN Bus History and Its Capabilities 

CAN bus is the implementation of the ISO11898 standard in use for more than 30 years. The technology came from Robert Bosch GmbH with the protocol officially being released in 1986. The ISO 11898-1 refers to the Data Link Layer protocol, while the ISO 11898-2 and 3 standards pertain to the physical medium specifications. The CAN bus is implemented over a twisted-pair, differential driven bus which supports up to 10 Mb/s of bandwidth. CAN FD (flexible data rate) extends the bandwidth of the classical CAN bus from 1 Mb/s to 5 Mb/s. The latest CAN specification CAN XL (extra-long) extends the bandwidth to 10 Mb/s. The newer data rates are backwards compatible. Classical CAN sends up to 8 bytes of data per transmission. CAN FD maintains the same protocol and can double the transmission rate of the data and cyclic redundancy check (CRC) fields as well as extend the maximum data transmission size to 64 bytes. CAN XL also maintains the classical protocol and increases the data and CRC field transmission rate to 10 Mb/s, sending up to 2048 bytes per packet. (https://www.digikey.com/en/blog/the-basics-of-the-controller-area-network) 

Since many military mobile weapon systems and logistics vehicles tend to be heavy and use the CAN bus network for command and control of the vehicle, they inherit similar vulnerabilities already present in the automobile industries.

With prevalent known attacks exploiting systems via the CAN bus today, a strong need for cybersecurity research and development for systems that utilize this technology has become monumental. Thankfully, a good bit of research on cybersecurity regarding the CAN bus exists. Resources: https://kentindell.github.io/2023/04/03/can-injection/  

Cybersecurity Research: Staying Ahead of CAN Bus 

Last August (2023), Mark Zachos and Prakash Kulkarni published a paper in the 2023 NDIA Michigan chapter, Ground Vehicle Systems Engineering and Technology Symposium, Cyberup – A Heavy Vehicle Cybersecurity Solution. The paper addresses SAE J1939 intra-vehicle communications protocols. The standard establishes a method of ensuring trust using cryptography over the CAN-FD protocol. These protection mechanisms deem especially important for military applications. Since many military mobile weapon systems and logistics vehicles tend to be heavy and use the CAN bus network for command and control of the vehicle, they inherit similar vulnerabilities already present in the automobile industries. The consequences of an attack against this technology could render the warfighter helpless and ineffective, thus this standard enables vital cybersecurity controls. Military vehicles must move to this new standard where all future acquisitions must be compliant.

Current systems will need to be retrofitted to comply with the standard. The standard will require the redesign of the entire vehicle network and the Electronic Control Units (ECU) in the vehicle. A challenge for sure, one that demands a great deal of engineering work. Technologies like SELinux (security-enhanced linux) and industrial hardened applications will be instrumental in accomplishing these goals. 

CAN Bus: Our Growing Dependency and Threat 

CAN bus is everywhere, in our personal and public transportation, the food we eat from the tractors plowing the fields, the machines harvesting the crops, and in the trucks delivering our food to the grocery stores. We depend on the security of the CAN bus as much as the security of the electrical grid, our water supply, and our sewer systems. These technologies must be resilient to cyberattacks.  

Recently, we learned China has installed Advanced Persistent Threat malware (APT) on much of the nation’s infrastructure. Consider the effect this cyber weapon could have if used to attack our interests in the China Sea. Look at what Russia did to Ukraine in 2014 to today’s most recent attacks. We need to be diligent in assessing the threats to our systems and continue to work harder to protect our infrastructure and keep our military equipment effective.