Rik Chatterjee, Colorado State University; Subhojeet Mukherjee, Hitachi, Ltd.; Jeremy Daily, Colorado State University
Modern commercial vehicles rely on the Society of Automotive Engineers (SAE) J1939 protocol to facilitate communication between Electronic Control Units (ECUs). However, prior research has demonstrated fundamental security limitations in J1939. These weaknesses allow adversaries to inject, modify, or spoof messages, leading to unauthorized control over vehicle functions and the potential for operational disruptions. While several firewall-based defenses have been proposed, they remain limited as most rely only on message content without considering transmission context, which is crucial for distinguishing legitimate from malicious messages.
This demo presents TruckSentry, a real-time, context-aware intrusion prevention system (IDPS) for SAE J1939 networks. By enforcing rules that incorporate message timing, source validity, and transmission context, TruckSentry mitigates attacks by disrupting unauthorized messages during arbitration or payload transmission.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
