Expanding the Attack Scenarios of SAE J1939: A Comprehensive Analysis of Established and Novel Vulnerabilities in Transport Protocol

TL;DR

This paper identifies and demonstrates 14 attack scenarios on the SAE J1939 protocol, including seven new vulnerabilities, verified through a testbed, highlighting significant security risks in commercial vehicle communication systems.

Contribution

The study introduces seven novel attack scenarios on SAE J1939 and verifies their feasibility, expanding the understanding of potential vulnerabilities in automotive communication protocols.

Findings

11 attack scenarios successfully executed

Some attacks are difficult to detect due to single message injection

Highlights critical security vulnerabilities in SAE J1939 protocol

Abstract

Following the enactment of the UN Regulation, substantial efforts have been directed toward implementing intrusion detection and prevention systems (IDPSs) and vulnerability analysis in Controller Area Network (CAN). However, Society of Automotive Engineers (SAE) J1939 protocol, despite its extensive application in camping cars and commercial vehicles, has seen limited vulnerability identification, which raises significant safety concerns in the event of security breaches. In this research, we explore and demonstrate attack techniques specific to SAE J1939 communication protocol. We introduce 14 attack scenarios, enhancing the discourse with seven scenarios recognized in the previous research and unveiling seven novel scenarios through our elaborate study. To verify the feasibility of these scenarios, we leverage a sophisticated testbed that facilitates real-time communication and the simulation of attacks. Our testing confirms the successful execution of 11 scenarios, underscoring their imminent threat to commercial vehicle operations. Some attacks will be difficult to detect because they only inject a single message. These results highlight unique vulnerabilities within SAE J1939 protocol, indicating the automotive cybersecurity community needs to address the identified risks.