4CAN as another vehicle cybersecurity testing tool

Vehicle cybersecurity continues to grow in pertinence. This is especially the case with the CAV (connected and autonomous vehicle) as these advancements in technology application and improves in performance. The connected vehicles are already in place and used on the road. The autonomous vehicles are still being developed and tested. There will be a time when the scenes in movies, e.g. iRobot with the fleets of self-driving cars, are in place with the vehicles communicating with each other and the infrastructure (V2V, and V2I). 

As the prominence continues to grow, so does the potential for attack. This may be from the bad actors looking for their 15 minutes of fame, malicious attackers, or cybersecurity researchers. In each of these vehicles are also vastly more attack points than in prior years. The modern vehicles have hundreds of sensors feeding data to the vehicle regarding the vehicle and also the environment in which it is driving. These may be LiDAR, radar, cameras, microphones, and other sensors. These sensors provide real-time data to the vehicle and end-users on the vehicle’s operations, which is processed immediately dependent on the criticality. 

The attackers may have access to the vehicle’s computers through the vehicle’s WiFi, Bluetooth, or cellular means. While this is notable, the controller area network (CAN) is what carries the messages through the vehicle. 

4CAN

To better protect the vehicle, better tools have to be created, which is what was done in 3Q2019 by Cisco. 4CAN was originated by George Tarnovsky, who is a member of Cisco Customer Experience Assessment and Penetration Team (CX APT). This is a hardware tool and was released as open-source. This is a PiHat, meaning the 4CAN is attached on top of the Raspberry Pi. This was engineered to be used by all automobile security researchers. The focus is to test the sensors and computers within the vehicle to check for vulnerabilities. As noted, the bench setup is much cleaner, simpler, and easier to use. This changes a 4 piece set up, including two Beaglebone boards, to two pieces of equipment.  This also lessens the setup time for the lab staff. 

The 4CAN tool works to validate the communication policy for intra-CAN bus communication, fuzzing the sensors and modules to detect vulnerabilities, and use various CAN commands to interact with the vehicle. The interaction hopefully would also detect any sensor or module vulnerabilities with the messages being sent. The tool is designed to test four CAN channels at once. 

While the tools do have advanced capabilities and would suit many use cases, the 4CAN is able to complete these tests with a simplified bench set up. This assists the lab engineer to keep it simple and organized.

Resources

Arghire, I. (2019, August 23). New tool from cisco hunts flaws in automotive computers. Retrieved from https://www.securityweek.com/new-tool-cisco-hunts-flaws-automotive-computers 

CISOMAG. (2019, August 26). Cisco releases new security tool to identify vulnerabilities in connected cars. Retrieved from https://www.cisomag.com/cisco-releases-new-security-tool-to-identify-vulnerabilities-in-connected-cars/

DeTrano, A., Royes, J., & Valites, M. (2019, August 22). New 4CAN tool helps identify vulnerabilities in on-board car computers. Retrieved from https://blog.talosintelligence.com/2019/08/new-4can-tool-helps-identify.html

DeTrano, A. (2019, August 5).4CAN. Retrieved from https://github.com/alexdetrano/4CAN/tree/master/tools 

Haking. (n.d.). 4CAN-Open source security tool to find security vulnerabilities in modern cars. Retrieved from https://hakin9.org/4can-open-source-security-tool-to-find-security-vulnerabilities-in-modern-cars/ 

Meterpreter. (2020, April 16). Cisco releases 4CAN tool to find vulnerabilities in on-board car computers. Retrieved from https://meterpreter.org/cisco-releases-4can-tool-to-find-vulnerabilities-in-on-board-car-computers/ 

N, B. (2019, August 25). 4CAN-Cisco released new open source security tool to find security vulnerabilities in modern cars. Retrieved from https://gbhackers.com/4can/ 

Paganini, P. (2019, August 24). Cisco has released a hardware tool, called 4CAN, developed to help researchers to discover vulnerabilities in automotive systems. Retrieved from https://securityaffairs.co/wordpress/90317/hacking/4can-automotive-testing-tool.html