Interest Group “CAN Cyber Security” established
The IG harmonises CAN-related cyber-security terminology including definitions of attack scenarios
CAN in Automation (CiA) association
Users’ and manufacturers’ group for the CAN network
Nuremberg, July 11, 2018 – The non-profit CAN in Automation (CiA) association has established the Interest Group (IG) “CAN cyber security”. The inaugural meeting was participated by about 20 companies. The IG harmonises CAN-related cyber-security terminology including definitions of attack scenarios (e.g., remote attack, local attack, and attacks by system-owners). Additionally, the IG collects all known security attacks on CAN-based networks and evaluates them. The results are reported on the CiA website. It is not intended to develop application end-to-end solutions. The IG is chaired interims-wise by Holger Zeltwanger, CiA Managing Director: “Optional security measures on each OSI layer can improve the security and make it harder for attackers to hack the communication compared with just an end-to-end protection.”
The IG has established two task forces: one for lower-layer (physical and data link layer) measures and another one for higher-layer (in particular for transport and application layers) measures. Sharika Kumar (Cummins) respectively Gianpiero Costantino (CNR) lead these TFs. The results should not just be suitable for in-vehicle networks but for all embedded network application.
CAN in Automation (CiA) is the international users’ and manufacturers’ group for the CAN network (Controller Area Network), internationally standardized in the ISO 11898 series. The non-profit association was established in 1992. The aim is to provide an unbiased platform for future developments of the CAN protocol and to promote the image of the CAN technology.