Truck & Off-Highway Engineering - October 2022 - 29

CYBERSECURITY FEATURE
Karthik
Sivaramakrishnan,
product marketing
manager, NXP
Semiconductors.
" Commercial vehicles are
susceptible to malicious access
to the vehicle network from
the way they are constructed. "
because in CAN data link layer communication, the sender
is unknown and the intended receiver acts on a CAN data
frame it receives, even if spoofed. Other requirements are
important for safety, such as " Measures to detect and recover
from a denial-of-service attack shall be employed, "
because a jammed CAN network could prevent the timely
transmission of control and safety-critical messages. This
makes it important not only to detect attacks and implement
fixes to avoid a repeat, but also to find ways to prevent
them from causing harm in the first place.
Commercial-vehicle security
challenges
Absence of a standard for secure communication -
Several OEMs that make passenger vehicles protect
their CAN network via secure onboard communication
implementation of Autosar SecOC. However, commercial
vehicles employ the CAN-based SAE J1939 higherlayer
protocol, which does not yet provide standardized
cybersecurity measures. For example, there is no
way to authenticate the origin of the message. There
are ongoing efforts to arrive at a secure communication
standard for J1939, but this is still being finalized.
Long life platforms with legacy ECUs and architectures
- Eventually there will be a secure communication
standard on J1939 called the J1939-91C. However,
implementation would require microcontrollers supporting
cryptographic functions. As most CVs have a
long lifetime once commercially released, there is typically
several microcontrollers without the required
TRUCK & OFF-HIGHWAY ENGINEERING
Securing CAN networks in commercial vehicles with NXP Secure CAN transceivers
TJA1152 and TJA1153.
security features, not only the advanced ones for hardware acceleration
of cryptographic key generation, but also more basic features of
modern microcontrollers such as secure boot.
Another vulnerability from the long life of CV platforms is that
these architectures were not designed with security as a focus.
Therefore, they do not have sufficient network separation between
the individual CAN branches, leaving a wider footprint of vulnerable
devices in the event of an attack. To be able to implement such a secure
communication standard effectively once released would still
require a major in-vehicle network overhaul to implement. Moreover,
there is a lot of know-how and infrastructure that will need to be put
in place before the standards are widely adopted within the supply
chain. This would still be out of reach for smaller truck and bus OEMs.
Custom security solutions are complex and prohibitive - As the
owner of security in the vehicle, some passenger-vehicle makers opt
to secure their networks with custom security implementations despite
the large one-time expense due to the security benefits they
perceive. However, implementation of a custom end-to-end security
solution is a challenge for commercial-vehicle OEMs as they don't
build the entire truck themselves but rather bring together different
subassemblies that are integrated into the vehicle.
Cryptographic security solutions that require complex software
implementations also can be cumbersome for the CV manufacturer's
security teams to coordinate across their vast swath of suppliers. This
would be an integration and testing nightmare. Besides, most smaller
OEMs buy off-the-shelf solutions, thus providing little room for the
Tier-1 supplier to take on such one-off security projects.
Open architectures - Commercial vehicles are susceptible to malicious
access to the vehicle network from the way they are constructed.
As a single CV chassis can be transformed into several different
variants, this means that the CAN network might well come all the
way to the exterior of the vehicle - for example, to establish the connection
between the vehicle chassis and a trailer. These could become
easy entry points to malicious hackers. As the vehicle is put together
October 2022 29
BOTH IMAGES: NXP
Truck & Off-Highway Engineering - October 2022

Table of Contents for the Digital Edition of Truck & Off-Highway Engineering - October 2022
