Vehicle Electronics and Architecture (VEA) & Cyber


by Jeremy S. Daily; Prakash Kulkarni


A cybersecurity exploit can be crafted to affect the vehicle diagnostic adapter system, which consists of the technician, vehicle diagnostic adapter, device drivers, and maintenance software all working together in a trusting relationship. In this paper, application layer encryption of the SAE J1939 diagnostic traffic between the vehicle diagnostic application and the in-vehicle secure gateway is developed to mitigate the vulnerabilities in potential attack paths. The proposed encryption strategy uses AES-128, which uses 16-byte cipher blocks. The secure connection is established by adjusting the bit rate to over twice the normal speed and packing a single J1939 message into two encrypted sequential CAN frames, The in-vehicle diagnostic gateway employs a hardware security module. A provisioning process is employed wherein the diagnostic application and the hardware security module both generate public-private key pairs. An elliptic curve Diffie-Hellman (ECDH) key exchange then takes place. Thus, each diagnostic session uses ephemeral symmetric session keys that are securely exchanged between the hardware security module and the diagnostics application. This approach is effective in mitigating attacks originating at the driver (DLL) level, such as an attacker that would exfiltrate and modify data using the system and vehicle diagnostic subsystems in a Windows environment. Also, as the secure key system can be centrally administered, the ability for user attribution through key management is possible. While the approach requires the addition of a hardware security module on the vehicle, the hardware strategy presented could be implemented in an arbitrary electronic control module on the vehicle. Vulnerabilities and mitigations are explained in detail to provide a solution to secure diagnostic sessions for heavy vehicles.