539
PGNs for a specific application environment. They
took advantage of the fact that NMEA 2000 is a
proprietary standard, meaning that an attacker will
not have complete information when attacking an
NMEA 2000 network and, therefore, can be detected.
This is not a CAN bus-specific solution, but it suggests
an interesting approach to defending the maritime
network environment.
4 SUMMARY AND CONCLUSIONS
The CAN bus was developed in the 1980s for the
automotive environment. Developed for a trusted
network during a time when networks could be
trusted, it has no particular security mechanisms or
defenses. Indeed, use of the CAN bus shows little sign
of diminishing 40-plus years later, yet the security
landscape is very different today than it once was;
consider that the hacker community has been
demonstrating successful attacks on automotive CAN
bus networks for more than a decade and CAN bus
attack suites employing open-source code and
inexpensive hardware are now readily available [26].
We can no longer afford to build networks that are
resilient to naturally-occurring errors but not to active
attack.
In today's environment of nearly constant
cyberwarfare, cyberattacks are planned and scheduled
to occur at the convenience of the attacker. Any of the
exploits described here might be exacerbated by the
fact that a ship at sea has access to a limited pool of
personnel and other resources. While a large vessel
might have someone trained to administer shipboard
information technology (IT) systems and deal with
some malfunctions, most are unlikely to have an
information security officer trained to recognize and
respond to a cyberattack. Furthermore, regardless of
the qualifications of the ship's officers and crew, being
at sea limits the options for fixing a problem;
sometimes the only solution is to power essential
devices down.
REFERENCES
1. Actisense: EBL Reader Software,
https://www.actisense.com/acti_software/ebl-reader, last
accessed 2021/03/01.
2. Anderson, L.C., Luft, L.A.: NMEA 2000® Applied.
Presentation at RTCM Meeting, St. Petersburg, FL, May
2002,
https://www.nmea.org/Assets/final_rtcm_2002_white_p
aper.pdf, last accessed 2021/03/01.
3. Applications of Controller Area Network (CAN) Bus:
Polytechnic Hub,
https://www.polytechnichub.com/applications-
controller-area-network-can-bus/, last accessed
2021/03/01.
4. Bozdal, M., Randa, M., Samie, M., Jennions, I.:
Hardware Trojan Enabled Denial of Service Attack on
CAN Bus. Procedia Manufacturing. 16, 47–52 (2018).
https://doi.org/10.1016/j.promfg.2018.10.158.
5. Bozdal, M., Samie, M., Aslam, S., Jennions, I.: Evaluation
of CAN Bus Security Challenges. Sensors. 20, 8, (2020).
https://doi.org/10.3390/s20082364.
6. Copperhill Technologies: A Brief Introduction to the
SAE J1939 Protocol, https://copperhilltech.com/a-brief-
introduction-to-the-sae-j1939-protocol/, last accessed
2021/03/01.
7. Corrigan, S.: Introduction to the Controller Area
Network (CAN). Texas Instruments Application Report,
SLOA 101,
https://www.rpi.edu/dept/ecse/mps/sloa101.pdf, last
accessed 2021/03/01.
8. CSS Electronics: ICS Alert (ICS-ALERT-17-209-01): CAN
Bus Standard Vulnerability. U.S. Department of
Homeland Security, https://us-
cert.cisa.gov/ics/alerts/ICS-ALERT-17-209-01, last
accessed 2021/03/01.
9. CSS Electronics: ICS Alert (ICS-ALERT-19-211-01): CAN
Bus Network Implementations in Avionics. U.S.
Department of Homeland Security, https://us-
cert.cisa.gov/ics/alerts/ics-alert-19-211-01, last accessed
2021/03/01.
10. CSS Electronics: J1939 Explained - A Simple Intro,
https://www.csselectronics.com/screen/page /simple-
intro-j1939-explained/language/en, last accessed
2021/03/01.
11. Di Natale, M.: Understanding and Using the Controller
Area Network. Radical Eye Software,
https://inst.eecs.berkeley.edu/~ee249/fa08/Lectures/hand
out_canbus2.pdf, last accessed 2021/03/01.
12. Farsi, M., Ratcliff, K., Barbosa, M.: An overview of
Controller Area Network. Computing & Control
Engineering Journal. 10, 3, 113-120(7) (1999).
13. Fenster, C., Lee, G., Whitfield, W.: Machine Learning in
Support of Anomalous Device Detection. U.S. Coast
Guard Academy, Electrical Engineering Section (2019).
14. Furuno: Furuno CAN Bus Network Design Guide,
https://www.furunousa.com/-
/media/sites/furuno/document_library/technical_info/int
erfacing_and_installation/interfacing_and_installation/f
uruno_can_bus_network_design.pdf, last accessed
2021/03/01.
15. International Organization for Standardization: Road
vehicles — Controller area network (CAN) — Part 1:
Data link layer and physical signalling. ISO 118981-1.
(2015).
16. International Organization for Standardization: Road
vehicles — Controller area network (CAN) — Part 2:
High-speed medium access unit. ISO 11898-2. (2016).
17. International Organization for Standardization: Road
vehicles — Controller area network (CAN) — Part 3:
Low-speed, fault-tolerant, medium-dependent interface.
ISO 11898-3. (2006).
18. International Organization for Standardization: Road
vehicles — Low-speed serial data communication —
Part 1: General and definitions. ISO 11519-1. (1994).
19. Kessler, G.C.: An Overview of Cryptography,
https://www.garykessler.net/library /crypto.html, last
accessed 2021/03/01.
20. Lin, C., Sangiovanni-Vincentelli, A.: Cyber-Security for
the Controller Area Network (CAN) Communication
Protocol. In: 2012 International Conference on Cyber
Security. pp. 1–
7 (2012).
https://doi.org/10.1109/CyberSecurity.2012.7.
21. Matsumoto, T., Hata, M., Tanabe, M., Yoshioka, K.,
Oishi, K.: A Method of Preventing Unauthorized Data
Transmission in Controller Area Network. In: 2012 IEEE
75th Vehicular Technology Conference (VTC Spring).
pp. 1–
5 (2012).
https://doi.org/10.1109/VETECS.2012.6240294.
22. National Marine Electronics Association (NMEA):
NMEA 0183 Interface Standard,
https://www.nmea.org/content/STANDARDS/NMEA_0
183_Standard, last accessed 2021/03/01.
23. National Marine Electronics Association (NMEA):
NMEA 2000® Interface Standard,
https://www.nmea.org/content/STANDARDS/NMEA_2
000, last accessed 2021/03/01.
24. National Marine Electronics Association (NMEA):
OneNet Standard for IP Networking of Marine