This event has ended. Visit the official site or create your own event on Sched.
Welcome to the interactive agenda for SecurityWeek’s ICS 2022 ICS Cyber Security Conference. Sessions are being finalized and the final program will include 4 FULL DAYS of content. (View the full conference website here) (You can Register for the IN-PERSON Conference and trainings here and register for virtual/online only access here)
Back To Schedule
Tuesday, October 25 • 2:45pm - 3:15pm
Research: Protecting CAN Bus from Cyberattacks

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Research efforts have demonstrated many critical security weaknesses in modern vehicles, specifically involving their Controller Area Networks (CAN). The CAN bus serves as the main communication network between all control systems in the vehicle. Due to its importance and weak security properties, the CAN Bus presents an attractive attack surface for cyberattacks; but also a useful resource for detecting any attacks or other anomalous vehicle conditions.

We present an overview of three recent contributions. First, we describe a research testbed that allows for replaying, modifying, or generating synthetic CAN traffic. This is complementary to testing approaches that involve real vehicles, allowing simpler and easier development and testing, especially at earlier stages in research and development. Next, we present a method for decoding the (proprietary) encoded contents of CAN messages. This automatically determines what signals are present in each message type, and then uses known (standardized) diagnostic queries to label the meaning and units of these learned signals. Finally, we implement a system to find anomalous network traffic on the CAN bus. This includes monitoring the timing characteristics of CAN messages and detecting missing or unexpected messages. In addition, we used the extracted signals described above to detect unusual or tampered message contents. We then combine these approaches into an ensemble detector to demonstrate its effectiveness.

avatar for Joel Asiamah

Joel Asiamah

Cybersecurity Technical Professional, National Security Sciences Directorate, Oak Ridge National Laboratory
Joel Asiamah is a Cybersecurity Technical Professional in the National Security Sciences Directorate at Oak Ridge National Laboratory. He performs cybersecurity research in Energy and Control Systems, automotive CAN Bus, and Additive Manufacturing. His expertise is in Mechanical Engineering... Read More →
avatar for Sam Hollifield

Sam Hollifield

Cyber Security Hardware Engineer, Oak Ridge National Laboratory
Sam Hollifield has worked and led research in automotive and transportation cybersecurity at Oak Ridge National Laboratory since 2018. He advises and delivers technical solutions to unique security problems on projects sponsored by the Department of Energy, the National Nuclear Security... Read More →

Tuesday October 25, 2022 2:45pm - 3:15pm EDT
Windsor DE