ReCAN Data - Reverse engineering of Controller Area Networks

Abstract --------- This article details the methodology and the approach used to extract and decode the data obtained from the Controller Area Network (CAN) buses in three personal vehicles and four commercial trucks. The dataset is composed of two complementary parts, namely the raw data and the decoded ones. Along with the description of the data, this article also reports both hardware and software requirements to firstly extract the data from the vehicles and secondly decode the binary data frames to obtain the actual sensors' data. Finally, necessary code snippets have been described in pseudo-code and will be publicly available in a code repository. Preliminary results suggest that motivated enough actors may intercept, interact and recognize the vehicle data with consumer-grade technology, ultimately refuting, once-again, the security-through-obscurity paradigm used by automotive manufacturer as main defensive countermeasure. Keywords ---------- Automotive; Controller Area Network (CAN); Reverse Engineering; Dataset Type of data ------------- - RAW: CSV files with timestamp, CANline, ECU identifier, binary data - Decoded: CSV files with timestamp, CANline, ECU identifier, variable, value How data where acquired ---------------------------- Controller Area Network (CAN) buses have been accessed using a standard CAN connector and a CANtact board. The CAN Utils library, publicly available in the Linux Kernel, has been used to intercept the network traffic of the vehicle. Sensors data have been decoded using state-of-the-art algorithm. Source code for each step of the analysis is publicly available in the repository, as specified below. Parameters: - Cars: 500k baudrate, connected o the OBD-II port of each vehicle. - Trucks: 500k baudrate, connected both to the OBD-II port and to a second wire into a second CAN bus. Source code ------------- - Repository: ReCAN Source - Reverse engineering of Controller Area Networks - Provider: Github - Identification number: 10.5281/zenodo.3625715 - URL: https://github.com/Cyberdefence-Lab-Murcia/ReCAN Acknowledgments -------------------- This study was founded by a predoctoral grant from the Spanish National Cybersecurity Institute (INCIBE) within the program "Ayudas para la Excelencia de los Equipos de Investigación Avanzada en Ciberseguridad" ("Grants for the Excellence of Advanced Cybersecurity Research Teams"), with code INCIBEI-2015-27353; a predoctoral travel grant within the program "Ayudas para estancias en el estranjero de alumnos de doctorado en las líneas de actuación de Campus Mare Nostrum" ("Grants for stays abroad of Ph.D. students within the lines of action of Campus Mare Nostrum'').

摘要 --------- 本文详细阐述了从3辆乘用车与4辆商用卡车的控制器局域网（Controller Area Network, CAN）总线中提取并解码所得数据的方法与流程。本数据集包含两个互补部分，即原始数据与解码后数据。除数据说明外，本文还详述了从车辆中提取数据、并将二进制数据帧解码为实际传感器数据所需的软硬件配置要求。最后，本文以伪代码形式给出了必要的代码片段，相关代码将公开存放在代码仓库中。 初步研究结果表明，具备足够动机的主体可借助消费级技术拦截、交互并识别车辆数据，这再次驳斥了汽车制造商作为主要防御手段所采用的“以隐晦求安全”（security-through-obscurity）范式。 关键词 ---------- 汽车领域；控制器局域网（CAN）；逆向工程；数据集 数据类型 ------------- - 原始数据：包含时间戳、CAN帧、电子控制单元（Electronic Control Unit, ECU）标识与二进制数据的CSV文件 - 解码后数据：包含时间戳、CAN帧、ECU标识、变量名与变量值的CSV文件 数据获取方式 ---------------------------- 通过标准CAN连接器与CANtact开发板接入控制器局域网（CAN）总线。借助Linux内核中公开可用的CAN工具库（CAN Utils）拦截车辆的网络通信流量。采用当前前沿算法对传感器数据进行解码。本分析各步骤的源代码将如后文所述，公开存放于相关代码仓库中。 参数设置： - 乘用车：波特率500k，连接至各车辆的OBD-II接口。 - 商用卡车：波特率500k，同时连接至OBD-II接口与第二条CAN总线的第二根线缆。 源代码 ------------- - 代码仓库：ReCAN源代码库——控制器局域网逆向工程 - 托管平台：GitHub - 识别编号：10.5281/zenodo.3625715 - 仓库地址：https://github.com/Cyberdefence-Lab-Murcia/ReCAN 致谢 -------------------- 本研究得到西班牙国家网络安全研究所（INCIBE）的博士预科资助项目“面向先进网络安全研究团队卓越性的资助计划”（项目编号：INCIBEI-2015-27353），以及“Campus Mare Nostrum行动计划下博士生海外研修资助计划”的博士预科旅行资助。