You are here

Controller Area Network Defense in Depth (CANDID)

Award Information
Agency: Department of Defense
Branch: Army
Contract: W56HZV-19-C-0009
Agency Tracking Number: A182-126-0023
Amount: $99,958.91
Phase: Phase I
Program: SBIR
Solicitation Topic Code: A18-126
Solicitation Number: 18.2
Timeline
Solicitation Year: 2018
Award Year: 2019
Award Start Date (Proposal Award Date): 2018-10-15
Award End Date (Contract End Date): 2019-10-04
Small Business Information
625 Mount Auburn Street, Cambridge, MA, 02138
DUNS: 115243701
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Dan Mitchell
 Software Engineer
 (617) 491-3474
 dmitchell@cra.com
Business Contact
 Yvonne Fuller
Phone: (617) 491-3474
Email: yfuller@cra.com
Research Institution
N/A
Abstract
Cyber attacks continue to be a growing concern for the US Army—tanks and other vehicles rely heavily on commercial computer and electronic systems, many of which were not designed with cyber security in mind. One vulnerable protocol is the Controller Area Network (CAN), ubiquitous in military and commercial vehicles. CAN has little built-in security (it has neither confidentiality nor authentication), yet it controls or has access to key vehicle systems connected to the CAN. Electronic control units (ECUs) control nearly all the essential functions on a vehicle, making cyber attacks on CAN and ECUs extremely dangerous; impacts range from loss of confidential information to total loss of vehicle control. Unfortunately, heavily modifying the CAN protocol to add security could affect compatibility with commercial and older systems, which tend to be slow to adopt new standards. To resolve this problem, our Controller Area Network Defense in Depth (CANDID) system will provide custom hardware between ECUs and the CAN bus. CANDID will prevent, detect, and mitigate damage from cyber attacks while providing greater situational awareness to the vehicle operator using state-of-the-art anomaly detection techniques. CANDID will stop these attacks by filtering or modifying CAN messages before they reach the ECUs.

* Information listed above is at the time of submission. *

US Flag An Official Website of the United States Government