ISSN 2083-6473
ISSN 2083-6481 (electronic version)




Associate Editor
Prof. Tomasz Neumann

Published by
TransNav, Faculty of Navigation
Gdynia Maritime University
3, John Paul II Avenue
81-345 Gdynia, POLAND
www http://www.transnav.eu
e-mail transnav@umg.edu.pl
The CAN Bus in the Maritime Environment – Technical Overview and Cybersecurity Vulnerabilities
ABSTRACT: The Controller Area Network (CAN) bus standard was developed in the 1980s and is in widespread use in automobile, vehicular, aviation, and other networks. The CAN bus was introduced in the maritime environment with the adoption of the National Marine Electronics Association (NMEA) 2000 standard in the late-1990s. Many papers have been written about the CAN bus protocols and security vulnerabilities but there is sparse literature about use of the CAN bus in the maritime environment. Part I of this paper is a technical overview, describing CAN bus standards and operation, with particular attention to its use with the NMEA 2000 maritime communications standard. Part II of this paper describes security vulnerabilities in terms of loss of confidentiality, integrity, or availability of information (such as eavesdropping, denial-of-service, and spoofing), and mitigations specific to the maritime environment.
Actisense: EBL Reader Software, https://www.actisense.com/acti_software/ebl-reader, last accessed 2021/03/01.
Anderson, L.C., Luft, L.A.: NMEA 2000® Applied. Presentation at RTCM Meeting, St. Petersburg, FL, May 2002, https://www.nmea.org/Assets/final_rtcm_2002_white_paper.pdf, last accessed 2021/03/01.
Applications of Controller Area Network (CAN) Bus: Polytechnic Hub, https://www.polytechnichub.com/applications-controller-area-network-can-bus/, last accessed 2021/03/01.
Bozdal, M., Randa, M., Samie, M., Jennions, I - doi:10.1016/j.promfg.2018.10.158
Bozdal, M., Samie, M., Aslam, S., - doi:10.3390/s20082364
Copperhill Technologies: A Brief Introduction to the SAE J1939 Protocol, https://copperhilltech.com/a-brief-introduction-to-the-sae-j1939-protocol/, last accessed 2021/03/01.
Corrigan, S.: Introduction to the Controller Area Network (CAN). Texas Instruments Application Report, SLOA 101, https://www.rpi.edu/dept/ecse/mps/sloa101.pdf, last accessed 2021/03/01.
CSS Electronics: ICS Alert (ICS-ALERT-17-209-01): CAN Bus Standard Vulnerability. U.S. Department of Homeland Security, https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-17-209-01, last accessed 2021/03/01.
CSS Electronics: ICS Alert (ICS-ALERT-19-211-01): CAN Bus Network Implementations in Avionics. U.S. Department of Homeland Security, https://us-cert.cisa.gov/ics/alerts/ics-alert-19-211-01, last accessed 2021/03/01.
CSS Electronics: J1939 Explained - A Simple Intro, https://www.csselectronics.com/screen/page /simple-intro-j1939-explained/language/en, last accessed 2021/03/01.
Di Natale, M.: Understanding and Using the Controller Area Network. Radical Eye Software, https://inst.eecs.berkeley.edu/~ee249/fa08/Lectures/handout_canbus2.pdf, last accessed 2021/03/01.
Farsi, M., Ratcliff, K., Barbosa, M.: An overview of Controller Area Network. Computing & Control Engineering Journal. 10, 3, 113-120(7) (1999).
Fenster, C., Lee, G., Whitfield, W.: Machine Learning in Support of Anomalous Device Detection. U.S. Coast Guard Academy, Electrical Engineering Section (2019).
Furuno: Furuno CAN Bus Network Design Guide, https://www.furunousa.com/-/media/sites/furuno/document_library/technical_info/interfacing_and_installation/interfacing_and_installation/furuno_can_bus_network_design.pdf, last accessed 2021/03/01.
International Organization for Standardization: Road vehicles — Controller area network (CAN) — Part 1: Data link layer and physical signalling. ISO 118981-1. (2015).
International Organization for Standardization: Road vehicles — Controller area network (CAN) — Part 2: High-speed medium access unit. ISO 11898-2. (2016).
International Organization for Standardization: Road vehicles — Controller area network (CAN) — Part 3: Low-speed, fault-tolerant, medium-dependent interface. ISO 11898-3. (2006).
International Organization for Standardization: Road vehicles — Low-speed serial data communication — Part 1: General and definitions. ISO 11519-1. (1994).
Kessler, G.C.: An Overview of Cryptography, https://www.garykessler.net/library /crypto.html, last accessed 2021/03/01.
Lin, C., Sangiovanni-Vincentelli, A.: Cyber-S - doi:10.1109/CyberSecurity.2012.7
Matsumoto, T., Hata, M., Tanabe, M., Yoshiok - doi:10.1109/VETECS.2012.6240294
National Marine Electronics Association (NMEA): NMEA 0183 Interface Standard, https://www.nmea.org/content/STANDARDS/NMEA_0183_Standard, last accessed 2021/03/01.
National Marine Electronics Association (NMEA): NMEA 2000® Interface Standard, https://www.nmea.org/content/STANDARDS/NMEA_2000, last accessed 2021/03/01.
National Marine Electronics Association (NMEA): OneNet Standard for IP Networking of Marine Electronic Devices, https://www.nmea.org/content/STANDARDS/OneNet, last accessed 2021/03/01.
Palanca, A., Evenchick, E., Maggi, F., Zanero, S.: A Stealth, Selective, Link-Layer Denial-of-Service Attack Against Automotive Networks. In: Polychronakis, M. and Meier, M. (eds.) Detection of Intrusions and Malware, and Vulnerability Assessment. pp. 185–206 Springer International Publishing, Cham (2017).
Payne, B.: Car Hacking: Accessing and Exploiting the CAN Bus Protocol. Journal of Cybersecurity Education, Research and Practice. 2019, 1, (2019).
Pfeiffer, O., Keydel, C.: Challenges of CANopen Node ID assignment, avoiding duplicates. Presented at the 1st International Mobile Machine Control (MMC) Conference (2013).
SAE International: SAE J1939 Standards Collection on the Web: Content, https://www.sae.org /standardsdev/groundvehicle/j1939a.htm, last accessed 2021/03/01.
U.S. Coast Guard: Cyber Incident Exposes Potential Vulnerabilities Onboard Commercial Vessels. Marine Safety Alert 06-19, https://www.dco.uscg.mil/Portals/9/DCO%20Documents /5p/CG-5PC/INV/Alerts/0619.pdf, last accessed 2021/03/01.
Zetter, K.: How digital detectives deciphered Stuxnet, the most menacing malware in history, https://arstechnica.com/tech-policy/news/2011/07/how-digital-detectives-deciphered-stuxnet-the-most-menacing-malware-in-history.ars, last accessed 2021/03/01.
Zimmermann, T., Bauer, J., Aschenbruck, N.: - doi:10.18420/sicherheit2020_06
Citation note:
Kessler G.C.: The CAN Bus in the Maritime Environment – Technical Overview and Cybersecurity Vulnerabilities. TransNav, the International Journal on Marine Navigation and Safety of Sea Transportation, Vol. 15, No. 3, doi:10.12716/1001.15.03.05, pp. 531-540, 2021
Authors in other databases:
Gary C. Kessler: Scopus icon23976166100 Scholar iconnj-uIMUAAAAJ

Other publications of authors:

File downloaded 105 times

Important: TransNav.eu cookie usage
The TransNav.eu website uses certain cookies. A cookie is a text-only string of information that the TransNav.EU website transfers to the cookie file of the browser on your computer. Cookies allow the TransNav.eu website to perform properly and remember your browsing history. Cookies also help a website to arrange content to match your preferred interests more quickly. Cookies alone cannot be used to identify you.
Akceptuję pliki cookies z tej strony