Interest Group “CAN cyber security” established

The nonprofit CAN in Automation (CiA) association has established the Interest Group (IG) “CAN cyber security”.

The inaugural meeting was participated by about 20 companies. The IG harmonizes CAN-related cyber-security terminology including definitions of attack scenarios (e.g. remote attack, local attack, and attacks by system-owners). Additionally, the IG collects all known security attacks on CAN-based networks and evaluates them. The results are reported on the CiA website. It is not intended to develop application end-to-end solutions. The IG is chaired interims-wise by Holger Zeltwanger, CiA Managing Director: “Optional security measures on each OSI layer can improve the security and make it harder for attackers to hack the communication compared with just an end-to-end protection.”

The IG has established two task forces: one for lower-layer (physical and data link layer) measures and another one for higher-layer (in particular for transport and application layers) measures. Sharika Kumar (Cummins) respectively Gianpiero Costantino (CNR) lead these TFs. The results should not just be suitable for in-vehicle networks but for all embedded network application.