You are here

Validating Communications between Trusted and Untrusted Vehicle Control Systems


TECHNOLOGY AREA(S): Information Systems

OBJECTIVE: The idea is to implement a solution to decentralize and distributed blockchain security solution on the vehicle network to enable a form of incorruptible data and resiliency.

DESCRIPTION: Cybersecurity of the Army’s ground systems is a critical priority to national defense in the 21st century. Recent events have shown that modern commercial vehicles are vulnerable to attack and subversion through buggy or sometimes malicious devices that are present on intra-vehicle communication networks. The issue is current solutions require a centralize security measure such as an Intrusion Detection/Prevention System IDS/IPS to detect and/or prevent malicious communications. Since vehicles can be compromised at a single point yet effects can propagate across the entire vehicle, GVSC is looking for a solution that eliminates that single point of failure through a form of decentralized and distributed security validation to verify communications with certainty despite there being valid node on the network acting maliciously. GVSC would like to see this technology applied on an intra-vehicle communication network such as Controller Area Network (CAN) that can perform validation of messages in a form of decentralized security distributed amongst vehicle controllers as well as provide a sense of resiliency.

PHASE I: In the first phase of this effort, the contractor shall demonstrate a decentralized and distributed security solution that performs validation of communications on vehicle network such as Controller Area Network (CAN). The implemented technology shall have a low resource consumption on the vehicle network. In addition, message validations should minimally affect the vehicle network latency. The demonstration shall be a proof of concept in the form of a simulation or mathematical description.

PHASE II: Implement the concept developed in Phase I on real vehicle network such as Controller Area Network (CAN) using physical vehicle controllers. The contractor shall demonstrate the operation of the technology in a live vehicle or systems integration lab (SIL) environment. The demonstration shall include an ECU and at least one safety controller. The contractor shall validate the effectiveness of the technology by showing that other controllers reject valid but malicious messages sent by another controller. The contractor shall perform penetration testing with an independent team to identify other attack vectors against the technology.

PHASE III: The contractor shall package the technology to be retrofit into an existing vehicle system. The contractor shall collaborate with a vehicle original equipment manufacturer (OEM) to demonstrate their technology during normal vehicle operations on a test track. The contractor shall demonstrate the same validations shown in Phase II.

KEYWORDS: Vehicle Networks, Fault Tolerance, CAN, ECU, Cybersecurity, Trusted Computing, Communication Protocols, Ground Based, Data Transmission System, Intrusion Detection/Prevention System, Threat, Protection, Decentralize Security, Blockchain, Fault Tolerance, Resiliency.



US Flag An Official Website of the United States Government