VehChain: Blockchain Cryptography Decentralized Distributed CAN Bus Security for Intra-Vehicle Control Systems, awarded by Army STTR program
The U.S. Army GVSC and DoD ground systems continue utilizing Controller Area Network (CAN Bus) communication standards for embedded systems in the Army's manned, unmanned, electric, and autonomous vehicles (EVs, UGVs, UAVs). Due to inherited natures of CAN protocol limitations, these vehicles are vulnerable for cybersecurity attacks while they are connected to external networks. The existing CAN Bus enhanced security solutions require the hardware add-on, CAN Bus protocol modifications, or a centralized security control, which not only cause high cost but also result in backward-incompatibility and a single point of failure (See Army SBIR A20B-T020).
March 3 2021, InfoBeyond is awarded by Army small business office to develop VehChain, a technology to improve the security of Army ground vehicle system.As a Blockchain reminiscent solution, VehChain implements reliable CAN Bus message encryption, verification, and error recovery for intra-vehicle communications to provide a means for CAN Bus security. To reduce communication overhead and latency, VehChain is designed based on the nature of CAN Bus, i.e., messages are broadcasted, nodes have no identifiers, and the frame identifier determines the specified node. Distributed message validation at each node secures the CAN bus through MAC, encryption, and key generation reminiscent of Blockchain technology. Each cryptographic key is tied to the CAN frame's identifier, hash (plain-text payload), and hash (previous key). To provide resiliency from corrupting message, a reboot-based recovery approach utilizes CAN's built-in error handling mechanism. Hence, it mitigates the effect of attack propagation bus for ensuring the operational safety, security, and continuity.
VehChain offer several critical design features for Army vehicle security and operations:
- Distributed and decentralized message confidentiality and validation for intra-vehicle communication networks. Avoid single point of failure.
- Easily integration into the CAN Bus through the firmware revisions.
- No additional CAN hardware or data frame alteration is needed. Compatible with legacy vehicle systems (CAN &MilCAN).
- Proactive threat resilience in CAN Bus through self-reboot recovery mechanism.
- Lessen the communication overhead and delay.
In the past years, InfoBeyond has been dedicated to developing state-of-the-art solutions to improve military vehicle security, diagnosis, resilience, and maintenance. The company team specializes in delivering groundbreaking IT and cybersecurity technologies using Blockchain, Risk Management Frameworks, Networking, and AI/Machine Learning to enhance DoD vehicle operations against cyber security. We wield our passion for innovation to provide key enhancements to businesses and organizations around the globe. If success, VehChain can be utilized for a great range of applications and some of them are:
- Army Ground Vehicle System Center—GSVC.
- Army Combat Capabilities Development Command (CCDC)
- U.S. Army Engineering and Support Center (USACE).
- Mission Enabler Technologies Demonstrator (MET-D) Vehicles
- Robotic Combat Vehicles (RCV), Manned Lead Vehicles, Unmanned Vehicles, Unmanned Aerial Vehicle, Unmanned Ground Vehicles, Air force & Navy and other DoD vehicles.
- Commercial Vehicles and systems using CAN.
For more information, please click here to find VehChain Brochure or contact us.