CCAA mission is to build up a critical mass of inter-disciplinary academic researchers and partners from industry and government agencies to undertake pre-competitive research that advance the science and state-of-the-arts of security analytics and automation. CCAA does this by developing innovative sense-making and decision-making for automated and adaptive cyber defense that offers minimal human involvement, with provable, and measurable cyber security and resiliency properties. CCAA was established in 2013 as a multi-University National Science Foundation Industry/University Cooperative Research (I/UCRC) center.
InComVecSec: On Understanding and Formalizing Attacks in Embedded Networks in Commercial Heavy Vehicles
Modern day heavy vehicles are equipped with numerous sensors, embedded controllers, communication networks, and electro-mechanical systems that work in tandem to improve the performance, efficiency, and connectivity of vehicles. Embedded controllers, often referred to as Electronic Control Units (ECUs), communicate with each other using the Controller Area Network (CAN). In order to allow for interoperability of ECUs manufactured by different Original Equipment Manufacturers (OEMs), heavy duty vehicles use the higher layer SAE J1939 protocol to compose and interpret messages on CAN. Injecting spoofed messages in the communication network can have disastrous consequences. We identify several possible attacks on heavy vehicles and discuss the constraints on providing security solutions. We describe how to distinguish between attacks and safety-critical events from the generated network logs and also how to provide visualization aids to the operator of heavy vehicles in near real-time for CAN situational awareness. We conclude by enumerating our future directions in heavy vehicle security which includes methodology for designing secure heavy vehicles and developing a testbed for heavy vehicle security research.
Welcome!