15/11/2021 by Kvaser

How the heavy-duty trucking industry is securing on-board communications

white truck on country highway

Cybersecurity and functional safety have become major topics and focuses of development in most transportation-related industries lately. Many organizations are working to take advantage of the ever-increasing connectivity available today, while working to secure the vehicles from malicious intruders. If you add to this the fact that electronic control systems are responsible for more of the vehicle every year, with Electronic Control Units (ECUs) routinely connected to the accelerator, brakes, and steering, it is easy to understand why vehicle cybersecurity has become so important.

Secure On-board Communications (SecOC) is one aspect of cybersecurity that focuses upon securing communications between ECUs within the vehicle. Security is about denying the intruders access, but neither do you want to leave the valuables lying around for easy picking if intruders do get in. 

Organizations such as the Society of Automotive Engineers (SAE), CAN in Automation (CiA) and the International Organization for Standardization (ISO) are integrating these security mechanisms in existing vehicle standards in ways that will impact the Controller Area Network (CAN) system. Taking Heavy Duty (HD) trucking and the SAE J1939 standard as an example, the transition from classic CAN to CAN with Flexible Data rate (CAN FD) has in large part been driven by a demand for extra bandwidth for cybersecurity purposes. With the eight-byte data limit in classic CAN, there wasn’t room to add significant cybersecurity content in messages. The HD trucking industry is now moving to CAN FD with the publication of the SAE J1939-22, CAN FD Data Link Layer document in March 2021. 

In addition to cybersecurity, SAE J1939-22 takes into consideration a second path to securing a vehicle’s electronics: Functional Safety (FuSa). FuSa involves preventing and detecting safety-related failures in vehicles and there are different standards already published and in development related to it. The Task Force that created the SAE J1939-22 l standard set aside space to be used by yet-undefined security/safety services. We didn’t define this information as part of the standard; this was left to other task forces and other documents. 

With space allocated in the standardized message and ways this space can be used to provide security and safety on the network, truck standards are adopting key automotive strategies to secure communications. The ongoing task is to define how to use encryption to secure the communications, how to incorporate a freshness counter and how to do key management to make SecOC and FuSa a reality on a truck near you. Since the technologies for hacking are advancing as fast as the technologies for securing the communications, this is an aspect of vehicle development that won’t be slowing down any time soon.

Bryan Hennessy business portrait. Bellingham, WA. © 2020 Mark Turner

Bryan Hennessy

Bryan Hennessy is an Applications Engineer with extensive experience in SAE J1939 and NMEA 2000, as well as the physical and datalink layers of CAN. He is a member of the SAE Truck Bus Control and Communications Network Committee (AKA J1939 Committee), Chairman for the SAE J1939 Next Generation Task Force, and recently completed an update to the SAE J1939-21 datalink layer specification. Bryan has over thirty-five years of experience with digital communications and holds a BSEE from Florida Institute of Technology.