Charles River Analytics, Inc. SBIR Phase I Award, October 2018

Cyber attacks continue to be a growing concern for the US Army—tanks and other vehicles rely heavily on commercial computer and electronic systems, many of which were not designed with cyber security in mind. One vulnerable protocol is the Controller Area Network (CAN), ubiquitous in military and commercial vehicles. CAN has little built-in security (it has neither confidentiality nor authentication), yet it controls or has access to key vehicle systems connected to the CAN. Electronic control units (ECUs) control nearly all the essential functions on a vehicle, making cyber attacks on CAN and ECUs extremely dangerous; impacts range from loss of confidential information to total loss of vehicle control. Unfortunately, heavily modifying the CAN protocol to add security could affect compatibility with commercial and older systems, which tend to be slow to adopt new standards. To resolve this problem, our Controller Area Network Defense in Depth (CANDID) system will provide custom hardware between ECUs and the CAN bus. CANDID will prevent, detect, and mitigate damage from cyber attacks while providing greater situational awareness to the vehicle operator using state-of-the-art anomaly detection techniques. CANDID will stop these attacks by filtering or modifying CAN messages before they reach the ECUs.