Interest Group “CAN cyber security”

CAN in Automation (CiA) has established the Interest Group (IG) “CAN cyber security”. The inaugural meeting was participated by about 20 companies.

The IG harmonizes CAN-related cyber-security terminology including definitions of attack scenarios (e.g. remote attack, local attack, and attacks by system-owners). Additionally, the IG collects all known security attacks on CAN-based networks and evaluates them. The results are reported on the CiA website. It is not intended to develop application end-to-end solutions. Holger Zeltwanger who manages the IG as interim chairman said: “Optional security measures on each OSI layer can improve the security and make it harder for attackers to hack the communication compared with just an end-to-end protection.”

The IG has established two task forces: one for lower-layer (physical and data link layer) measures and another one for higher-layer (in particular for transport and application layers) measures. Sharika Kumar (Cummins) respectively Gianpiero Costantino (CNR) lead these TFs. The results should not just be suitable for in-vehicle networks but for all embedded network application.

Parties interested to participate in the IG or TFs may write to secretary(at)can-cia.org.