The U.S. Army Ground System Vehicle System Center (GVSC) and DoD ground systems utilize Controller Area Network (CAN) Bus protocol for providing inter-vehicle ECU (Electronic Control Unit) communications, such as in the Army's manned (Armored Multi-Purpose Vehicle (AMPV), Ground Combat Infantry Fighting Vehicle (GCV), unmanned, electric, and autonomous vehicles (EVS, UGVs, UAVs). Due to the inherited nature of the CAN Bus protocol limitations, these vehicles are vulnerable to cybersecurity attacks when they are connected to a hostile cyber network as well as embedded threats (e.g., malware, virus) due to potential supply chain vulnerabilities. This has become especially important to secure real-time safety-critical intra-vehicle communications for mission operational accomplishment in a secure way.
A blockchain-reminiscent cryptographic solution for effective in-vehicle communication security
VehChain Enhances Intra-Vehicle Cyber Security
VehChain is a state-of-the-art software solution for CAN Bus security to secure ECU communications against potential CAN Bus cyber attacks and vulnerabilities.
What is CAN Bus Security and VehChain?
What are VehChain Features?
VehChain Key Features
VehChain: A Blockchain-reminiscent Intra-Vehicle Communication Security for SAE J1939 and CAN 2.0
As a Blockchain reminiscent cybersecurity solution, VehChain implements firmware-based hash-chain cryptographic technique in aspects of payload encryption, message authentication, node integrity veriﬁcation, and cyber resilient recovery for the real-time safety-critical CAN Bus to provide a means for intra-vehicle communication cybersecurity. It effectively protects vehicle computers, networks, programs, and data from unintended or unauthorized access, change, or destruction.
VehChain Technical Specs
To reduce communication overhead and latency, VehChain is designed based on the nature of CAN Bus, i.e., messages are broadcasted, nodes have no identifiers, and the frame identifier determines the specified node. Distributed message validation at each node secures the CAN bus through MAC, encryption, and key generation reminiscent of Blockchain technology. Each cryptographic key is tied to the CAN frame’s identifier, hash (plain-text payload), and hash (previous key). To provide resiliency from corrupting messages, a reboot-based recovery approach utilizes CAN's built-in error handling mechanism. Hence, it mitigates the effect of attack propagation bus for ensuring the operational safety, security, and continuity.
- Pluggable software solution installed/updated with Firmware
- CAN Bus data frame confidentiality, integrity, hash keys, traceability, recoverability, and synchronization
- No modification of CAN BUS protocol (e.g., CAN 2.0, J1939)
- Fully distributed and no single point of failure against cyber attacks
VehChain: Secure CAN Bus Vehicle Communication Demo
VehChain Case Studies
VehChain is collaborating with the U.S. Army Combat Capabilities Development Command, known as DEVCOM, to research and develop Army GSVC’s intra-vehicle cybersecurity programs for validating communications between trusted and entrusted vehicle control systems. Our proposed VehChain system effectively secures, authenticates, and responds to threats in a distributed way that ensures Army mission continuity with a form of incorruptible data and advanced resiliency capabilities. Once the technology is matured, researched, and developed, VehChain can be transitioned to integrate in the:
- U.S. Army's Program Executive Office Ground Combat Systems (PEO GCS)
- U.S. Army's Program Executive Office, Combat Support & Combat Service Support (PEO CS&CSS)
- U.S. Army Engineering and Support Center (USACE)
- Mission Enabler Technologies Demonstrator (MET-D) Vehicles
- Robotic Combat Vehicles (RCV), Manned Lead Vehicles, Unmanned Vehicles, Unmanned Aerial Vehicle, Unmanned Ground Vehicles, Air force & Navy and other DoD vehicles
- Commercial Vehicles and systems using CAN
U.S. Army’s Program Executive Office Ground Combat Systems/U.S. Army's Program Executive Office, Combat Support & Combat Service Support
With support of DEVCOM/GVSC, VehChain will be transitioned to commercialization and integration through the PEO GCS and/or PEO CS & CSS. The Program Executive Office Ground Combat Systems (PEO GCS) oversees the product management offices responsible for total life cycle management of Army's finest ground systems including Self-Propelled Howitzer System (SPHS), Mounted Armored Vehicles (MAV), Main Battle Tank Systems (MBTS), Stryker Brigade Combat Team (SBCT), Future Battle Platforms (FBT), Maneuver Combat Systems (MCS), and Capability Transition and Product Integration (CTPI). The US Army’s Program Executive Office, Combat Support & Combat Service Support (PEO CS & CSS) designs, develops, and delivers essential, affordable capabilities America’s Soldiers need for the 21st Century's diverse mission challenges. Main priorities of PEO CS & CSS include tailoring and streamlining, human capital, and fleet management.
U.S. Army Engineering and Support Center (USACE)
The USACE’s main goal is to strengthen national security by building and maintaining America’s infrastructure and providing military facilities where servicemembers train, work and live. Another goal is researching and developing technology for the nation’s war fighters while protecting America's interests abroad by using engineering expertise to promote stability and improve quality of life. When carrying out these missions, USACE uses connected vehicles and other equipment on CAN bus protocols that may be at risk for cyber attacks. VehChain mitigates this risk in a cost efficient manner using a blockchain reminiscent technology to ensure safety and security of USACE projects at home and abroad.
Mission Enabler Technologies Demonstrator (MET-D) Vehicles and Robotic Combat Vehicles (RCV)
The MET-D is an experimental system of vehicles designed to help Army leaders determine how best to integrate unmanned vehicles called RCVs into ground combat formations. The MET-D leverages the latest technology in sensors, data display, graphical user interface, drive-by-wire capability, unmanned aerial vehicle-provided video, and advanced communications to operate unmanned platforms which can make contact with the enemy before the soldiers do. VehChain can ensure MET-D and RCVs are performing effectively and securely through its blockchain reminiscent software add on for CAN bus protocols.
Air Force, Navy, and other DoD vehicles
VehChain is not limited to integrating with just Army intra-vehicle control systems. It also can serve as a security mechanism for Air Force, Navy, and other DoD missions. For example, VehChain can protect naval aviation aircrafts, manned/unmanned aerial vehicles and weapons, and sea/ground missile defense systems.
Commercial Vehicles and Systems using CAN
VehChain is also not limited to just DoD Vehicles or systems. Any vehicle or system using CAN bus protocols can use VehChain to mitigate security risks. can be commercialized to a variety of potential vehicle-manufacturing companies like Tesla, Ford, GM, SpaceX, Blue Origin, Duke Energy, Raytheon, Lockheed Martin, Boeing, etc. For example, attacks of power grid SCADA CAN Bus systems (e.g., Power lines, transformers) could compromise the energy grid automation to cause devastations of the national economy. VehChain protects safety-critical CAB-Bus controlling by means of CAN validation and resiliency against potential attacks.
Do you want to build a live testbed or demo on your Vehicle or CAN Bus System? We are happy to partner with manufacturers and/or OEM (i.e., Original Equipment Manufacturer) vendors and transition the VehChain security to your customers through your products. If interested, please contact us.