Franco Oberti,Ernesto Sanchez,Alessandro Savino,Filippo Parisi,Mirco Brero,Stefano Di Carlo

DOI: https://doi.org/10.48550/arXiv.2206.02602

2022-06-06

Abstract:The automotive market is profitable for cyberattacks with the constant shift toward interconnected vehicles. Electronic Control Units (ECUs) installed on cars often operate in a critical and hostile environment. Hence, both carmakers and governments have supported initiatives to mitigate risks and threats belonging to the automotive domain. The Local Interconnect Network (LIN) is one of the most used communication protocols in the automotive field. Today's LIN buses have just a few light security mechanisms to assure integrity through Message Authentication Codes (MAC). However, several limitations with strong constraints make applying those techniques to LIN networks challenging, leaving several vehicles still unprotected. This paper presents LIN Multiplexed MAC (LINMM), a new approach for exploiting signal modulation to multiplex MAC data with standard LIN communication. LINMM allows for transmitting MAC payloads, maintaining fullback compatibility with all versions of the standard LIN protocol.

Cryptography and Security

Guoqi Xie,Laurence T. Yang,Wei Wu,Keyu Zeng,Xiangzhen Xiao,Renfa Li

DOI: https://doi.org/10.1109/tits.2020.3000783

IF: 8.5

2021-08-01

IEEE Transactions on Intelligent Transportation Systems

Abstract:Controller Area Network with Flexible Data-rate (CAN FD) is beneficial for the in-vehicle communication of Internet of Connected Vehicles (IoCVs) because of its high bandwidth and data field length. However, CAN FD lacks a security authentication mechanism, making it extremely vulnerable to masquerade attacks. This study proposes the security enhancement for a real-time parallel in-vehicle application adopting a two-stage method. The first stage obtains the lower bound of an in-vehicle application by quickly abandoning most of sequences, while the second stage enhances security by adding Message Authentication Codes (MACs) to messages taking advantage of the laxity interval from the lower bound to the deadline. Experiments with an example and the adaptive cruise control in-vehicle application show the advantage of the proposed two-stage method in increasing the total byte size of MACs.

engineering, electrical & electronic,transportation science & technology, civil

Franco Oberti,Alessandro Savino,Ernesto Sanchez,Filippo Parisi,Stefano Di Carlo

DOI: https://doi.org/10.1109/TDMR.2022.3157000

2022-03-07

Abstract:The automobile industry is no longer relying on pure mechanical systems; instead, it benefits from advanced Electronic Control Units (ECUs) in order to provide new and complex functionalities in the effort to move toward fully connected cars. However, connected cars provide a dangerous playground for hackers. Vehicles are becoming increasingly vulnerable to cyber attacks as they come equipped with more connected features and control systems. This situation may expose strategic assets in the automotive value chain. In this scenario, the Controller Area Network (CAN) is the most widely used communication protocol in the automotive domain. However, this protocol lacks encryption and authentication. Consequently, any malicious/hijacked node can cause catastrophic accidents and financial loss. Starting from the analysis of the vulnerability connected to the CAN communication protocol in the automotive domain, this paper proposes EXT-TAURUM P2T a new low-cost secure CAN-FD architecture for the automotive domain implementing secure communication among ECUs, a novel key provisioning strategy, intelligent throughput management, and hardware signature mechanisms. The proposed architecture has been implemented, resorting to a commercial Multi-Protocol Vehicle Interface module, and the obtained results experimentally demonstrate the approach's feasibility.

Cryptography and Security

Alessandro Lotto,Francesco Marchiori,Alessandro Brighente,Mauro Conti

2024-01-19

Abstract:The large number of Electronic Control Units (ECUs) mounted on modern cars and their expansive communication capabilities create a substantial attack surface for potential exploitation. Despite the evolution of automotive technology, the continued use of the originally insecure Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure. In response to the absence of standardized authentication protocols within the automotive domain, researchers propose diverse solutions, each with unique strengths and vulnerabilities. However, the continuous influx of new protocols and potential oversights in meeting security requirements and essential operational features further complicate the implementability of these protocols. This paper comprehensively reviews and compares the 15 most prominent authentication protocols for the CAN bus. Our analysis emphasizes their strengths and weaknesses, evaluating their alignment with critical security requirements for automotive authentication. Additionally, we evaluate protocols based on essential operational criteria that contribute to ease of implementation in predefined infrastructures, enhancing overall reliability and reducing the probability of successful attacks. Our study reveals a prevalent focus on defending against external attackers in existing protocols, exposing vulnerabilities to internal threats. Notably, authentication protocols employing hash chains, Mixed Message Authentication Codes, and asymmetric encryption techniques emerge as the most effective approaches. Through our comparative study, we classify the considered protocols based on their security attributes and suitability for implementation, providing valuable insights for future developments in the field.

Cryptography and Security

Xuhang Ying,Giuseppe Bernieri,Mauro Conti,Linda Bushnell,Radha Poovendran

DOI: https://doi.org/10.1109/tdsc.2021.3068213

2021-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:In recent years, the security of automotive Cyber-Physical Systems (CPSs) is facing urgent threats due to the widespread use of legacy in-vehicle communication systems. As a representative legacy bus system, the Controller Area Network (CAN) hosts Electronic Control Units (ECUs) that are crucial for the vehicles functioning. In this scenario, malicious actors can exploit the CAN vulnerabilities, such as the lack of built-in authentication and encryption schemes, to launch CAN bus attacks (e.g., suspension, injection, and masquerade attacks) with life-threatening consequences (e.g., disabling brakes). In this article, we present TACAN (Transmitter Authentication in CAN), which provides secure authentication of ECUs on the legacy CAN bus by exploiting the covert channels, without introducing CAN protocol modifications or traffic overheads (no extra bits or CAN messages are used). TACAN turns upside-down the originally malicious concept of covert channels and exploits it to build an effective defensive technique that facilitates transmitter authentication via a centralized, trusted Monitor Node. TACAN consists of three different covert channels for ECU authentication: 1) the Inter-Arrival Time (IAT)-based, leveraging the IATs of CAN messages; 2) the Least Significant Bit (LSB)-based, concealing authentication messages into the LSBs of normal CAN data; and 3) a hybrid covert channel, exploiting the combination of the first two. In order to validate TACAN, we implement the covert channels on the University of Washington (UW) EcoCAR (Chevrolet Camaro 2016) testbed. We further evaluate the bit error, throughput, and detection performance of TACAN through extensive experiments using the EcoCAR testbed and a publicly available dataset collected from Toyota Camry 2010. We demonstrate the feasibility of TACAN and the effectiveness of detecting CAN bus attacks, highlighting no traffic overheads and attesting the regular functionality of-ECUs.

computer science, information systems, software engineering, hardware & architecture

Youngmi Baek,Seongjoo Shin

DOI: https://doi.org/10.3390/s22072636

2022-03-29

Abstract:Automotive cyber-physical systems are in transition from the closed-systems to open-networking systems. As a result, in-vehicle networks such as the controller area network (CAN) have become essential to connect to inter-vehicle networks through the various rich interfaces. Newly exposed security concerns derived from this requirement may cause in-vehicle networks to pose threats to automotive security and driver's safety. In this paper, to ensure a high level of security of the in-vehicle network for automotive CPS, we propose a novel lightweight and practical cyber defense platform, referred to as CANon (CAN with origin authentication and non-repudiation), to be enabled to detect cyber-attacks in real-time. CANon is designed based on the hierarchical approach of centralized-session management and distributed-origin authentication. In the former, a gateway node manages each initialization vector and session of origin-centric groups consisting of two more sending and receiving nodes. In the latter, the receiving nodes belonging to the given origin-centric group individually perform the symmetric key-based detection against cyber-attacks by verifying each message received from the sending node, namely origin authentication, in real-time. To improve the control security, CANon employs a one-time local key selected from a sequential hash chain (SHC) for authentication of an origin node in a distributed mode and exploits the iterative hash operations with randomness. Since the SHC can constantly generate and consume hash values regardless of their memory capacities, it is very effective for resource-limited nodes for in-vehicle networks. In addition, through implicit key synchronization within a given group, CANon addresses the challenges of a key exposure problem and a complex key distribution mechanism when performing symmetric key-based authentication. To achieve lightweight cyber-attack detection without imposing an additive load on CAN, CANon uses a keyed-message authentication code (KMAC) activated within a given group. The detection performance of CANon is evaluated under an actual node of Freescale S12XF and virtual nodes operating on the well-known CANoe tool. It is seen that the detection rate of CANon against brute-force and replay attacks reaches 100% when the length of KMAC is over 16 bits. It demonstrates that CANon ensures high security and is sufficient to operate in real-time even on low-performance ECUs. Moreover, CANon based on several software modules operates without an additive hardware security module at an upper layer of the CAN protocol and can be directly ported to CAN-FD (CAN with Flexible Data rate) so that it achieves the practical cyber defense platform.

Robert Buttigieg,Mario Farrugia,Clyde Meli

DOI: https://doi.org/10.1109/sta.2017.8314877

2017-12-01

Abstract:Modern vehicles may contain a considerable number of ECUs (Electronic Control Units) which are connected through various means of communication, with the CAN (Controller Area Network) protocol being the most widely used. However, several vulnerabilities such as the lack of authentication and the lack of data encryption have been pointed out by several authors, which ultimately render vehicles unsafe to their users and surroundings. Moreover, the lack of security in modern automobiles has been studied and analyzed by other researchers as well as several reports about modern car hacking have (already) been published. The contribution of this work aimed to analyze and test the level of security and how resilient is the CAN protocol by taking a BMW E90 (3-series) instrument cluster as a sample for a proof of concept study. This investigation was carried out by building and developing a rogue device using cheap commercially available components while being connected to the same CAN-Bus as a man in the middle device in order to send spoofed messages to the instrument cluster.

Stien Vanderhallen,Jo Van Bulck,Frank Piessens,Jan Tobias Mühlberg

DOI: https://doi.org/10.1016/j.comnet.2021.108079

IF: 5.493

2021-07-01

Computer Networks

Abstract:<p>Automotive control networks offer little resistance against security threats that come with the long-range connectivity in modern cars. Remote attacks that undermine the safety of vehicles have been shown to be practical. A range of security mechanisms have been proposed to harden resource-constrained embedded microcontrollers against malicious interference, including cryptographic protocols that establish the authenticity of in-vehicle message exchange. However, authenticated communication comes with repercussions on deployability and vehicle safety in terms of reliability, real-time compliance, backwards compatibility, and bandwidth and resource use.</p><p>In this article we investigate benign, defencive uses of <em>covert channels</em> to implement and support vehicular message authentication mechanisms as a transparent, resource-conserving approach to automotive network security. We provide the first comprehensive evaluation of covert channels in Controller Area Networks (CAN) with respect to the attainable bandwidth and reliability of covert communication. Our analysis identifies timing-based covert channels as candidates to design a <em>complementary</em> nonce synchronisation channel that can enhance robustness against message loss in existing authentication schemes. We practically implement and evaluate this design on top of an open-source authenticated CAN communication library, showing that covert timing channels can improve communication robustness in benign circumstances, while not reducing the security guarantees of the underlying authentication primitives when under attack.</p>

computer science, information systems,telecommunications,engineering, electrical & electronic, hardware & architecture

Mehmet Bozdal,Mohammad Samie,Sohaib Aslam,Ian Jennions

DOI: https://doi.org/10.3390/s20082364

IF: 3.9

2020-04-21

Sensors

Abstract:The automobile industry no longer relies on pure mechanical systems; instead, it benefits from many smart features based on advanced embedded electronics. Although the rise in electronics and connectivity has improved comfort, functionality, and safe driving, it has also created new attack surfaces to penetrate the in-vehicle communication network, which was initially designed as a close loop system. For such applications, the Controller Area Network (CAN) is the most-widely used communication protocol, which still suffers from various security issues because of the lack of encryption and authentication. As a result, any malicious/hijacked node can cause catastrophic accidents and financial loss. This paper analyses the CAN bus comprehensively to provide an outlook on security concerns. It also presents the security vulnerabilities of the CAN and a state-of-the-art attack surface with cases of implemented attack scenarios and goes through different solutions that assist in attack prevention, mainly based on an intrusion detection system (IDS).

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Guoqi Xie,Laurence T. Yang,Yao Liu,Haibo Luo,Xin Peng,Renfa Li

DOI: https://doi.org/10.1109/tvt.2021.3061746

IF: 6.8

2021-06-01

IEEE Transactions on Vehicular Technology

Abstract:The rise of autonomous driving technology and the prosperity of mobile vehicular applications have brought tremendous pressure and put forward high bandwidth and low latency requirements for vehicular networks. Controller Area Network with Flexible Data-rate (CAN-FD) is a feasible choice to meet the high bandwidth and low latency requirements of in-vehicle communication of mobile vehicles. However, CAN-FD is vulnerable to masquerade attacks because it lacks necessary security authentication mechanisms and protection measures. This study presents a security enhancement technique called forward-backward exploration for independent in-vehicle CAN-FD messages while still guaranteeing each message is real-time. In the forward-backward exploration solution, a novel dual-pointer (including the forward pointer and the backward pointer) solution is proposed; the Message Authentication Code (MAC) size of each message is then dynamically adjusted by presenting the dual-pointer movement rules until the total payload no longer increases. Experimental results with real-life CAN-FD message set provided by an automaker demonstrate the effectiveness of our solution.

telecommunications,engineering, electrical & electronic,transportation science & technology

Xuhang Ying,Giuseppe Bernieri,Mauro Conti,Radha Poovendran

DOI: https://doi.org/10.48550/arXiv.1903.05231

2019-03-12

Cryptography and Security

Abstract:Nowadays, the interconnection of automotive systems with modern digital devices offers advanced user experiences to drivers. Electronic Control Units (ECUs) carry out a multitude of operations using the insecure Controller Area Network (CAN) bus in automotive Cyber-Physical Systems (CPSs). Therefore, dangerous attacks, such as disabling brakes, are possible and the safety of passengers is at risk. In this paper, we present TACAN (Transmitter Authentication in CAN), which provides secure authentication of ECUs by exploiting the covert channels without introducing CAN protocol modifications or traffic overheads (i.e., no extra bits or messages are used). TACAN turns upside-down the originally malicious concept of covert channels and exploits it to build an effective defensive technique that facilitates transmitter authentication via a trusted Monitor Node. TACAN consists of three different covert channels for ECU authentication: 1) Inter-Arrival Time (IAT)-based, leveraging the IATs of CAN messages; 2) offset-based, exploiting the clock offsets of CAN messages; 3) Least Significant Bit (LSB)-based, concealing authentication messages into the LSBs of normal CAN data. We implement the covert channels on the University of Washington (UW) EcoCAR testbed and evaluate their performance through extensive experiments. We demonstrate the feasibility of TACAN, highlighting no traffic overheads and attesting the regular functionality of ECUs. In particular, the bit error ratios are within 0.1% and 0.42% for the IAT-based and offset-based covert channels, respectively. Furthermore, the bit error ratio of the LSB-based covert channel is equal to that of a normal CAN bus, which is 3.1x10^-7%.

Kshitija S. Tekade,SIPNA College of Engineering and Technology, Amravati, India

DOI: https://doi.org/10.48175/ijarsct-4824

2022-06-17

Abstract:According to today’s upcoming technologies vehicle is one of the important necessity of human being. A vehicle dynamics, economy and comfort are improved by traditional electronic control but some problems comp up and they are very dangerous. Hence in-vehicle networking protocol gives benefits to many faults so we can inhibit problems such as the body wiring complexity, space constraints and some reliability issues. Therefore Alarming statistics of accidents and increased number of vehicles on road demands for an intelligent safety mechanism that helps the driver in handling immediate precarious situations. The Main motivation of this proposed system is to reduce fatal incidents happen in car accident. Controller area network (CAN) has been widely used for in-vehicle network. The demand of data rate of in-vehicle network has risen sharply, while traditional CAN communication cannot support this demand of data rate with limited bandwidth around DC. CAN which connects the ECUs (Electrical Control Units) embedded in the automobiles. The Main motivation of this project is to reduce fatal incidents after a car accident.

Alan J. Michaels,Venkata Sai Srikar Palukuru,Michael J. Fletcher,Chris Henshaw,Steven Williams,Thomas Krauss,James Lawlis,John J. Moore,Alan Michaels,Michael J Fletcher,Christopher Henshaw,John Moore

DOI: https://doi.org/10.1109/tvt.2022.3143708

IF: 6.8

2022-01-01

IEEE Transactions on Vehicular Technology

Abstract:Over the past decade, consumer vehicles have increasingly begun to resemble computers on wheels, with many newer vehicles containing over 100 independent electronic control units (ECU) that make independent decisions within the vehicle. Cost and power constraints for the vehicle significantly constrain processing capabilities and limitations on practical cybersecurity measures that may be employed in the vehicle today. Also, as automotive manufacturers are continuous integrators, many legacy communications links within vehicles were originally designed as standalone entities that assumed internal trust of communications between ECUs by virtue of closed bus structures and an emphasis on reliability, but not security. This paper presents a low-cost authentication mechanism to significantly improve message validation on wired message buses such as the Controller Area Network (CAN) bus by employing a co-channel underlay watermark that arrives time-aligned with the primary bus messages. Concept validation using a gate-level Simulink HDL Coder simulation provided initial feasibility, while a complete CAN bus hardware testbed was constructed with a custom CAN transceiver built on a Red Pitaya software defined radio (SDR) connected to multiple commercial CAN transceivers to validate backwards compatibility. This testbed incorporates a custom transmission security (TRANSEC) engine that supports dynamic variation of the watermark, further improving security during deployment. Finally, this custom CAN testbed with the watermarking CAN transceiver was tested across a range of operational conditions, with initial performance results presented and discussed. Future work describes potential for near-term ruggedization and productization of the watermarking CAN transceiver.

telecommunications,engineering, electrical & electronic,transportation science & technology

Giampaolo Bella,Pietro Biondi,Gianpiero Costantino,Ilaria Matteucci

DOI: https://doi.org/10.48550/arXiv.2111.10642

2021-11-20

Cryptography and Security

Abstract:Modern cars are no longer purely mechanical devices but shelter so much digital technology that they resemble a network of computers. Electronic Control Units (ECUs) need to exchange a large amount of data for the various functions of the car to work, and such data must be made secure if we want those functions to work as intended despite malicious activity by attackers. TOUCAN is a new security protocol designed to be secure and at the same time both CAN and AUTOSAR compliant. It achieves security in terms of authenticity, integrity and confidentiality, yet without the need to upgrade (the hardware of) existing ECUs or enrich the network with novel components. The overhead is tiny, namely a reduction of the size of the Data field of a frame. A prototype implementation exhibits promising performance on a STM32F407Discovery board.

Alvise de Faveri Tron,Stefano Longari,Michele Carminati,Mario Polino,Stefano Zanero

DOI: https://doi.org/10.1145/3548606.3560618

2022-09-20

Abstract:Current research in the automotive domain has proven the limitations of the CAN protocol from a security standpoint. Application-layer attacks, which involve the creation of malicious packets, are deemed feasible from remote but can be easily detected by modern IDS. On the other hand, more recent link-layer attacks are stealthier and possibly more disruptive but require physical access to the bus. In this paper, we present CANflict, a software-only approach that allows reliable manipulation of the CAN bus at the data link layer from an unmodified microcontroller, overcoming the limitations of state-of-the-art works. We demonstrate that it is possible to deploy stealthy CAN link-layer attacks from a remotely compromised ECU, targeting another ECU on the same CAN network. To do this, we exploit the presence of pin conflicts between microcontroller peripherals to craft polyglot frames, which allows an attacker to control the CAN traffic at the bit level and bypass the protocol's rules. We experimentally demonstrate the effectiveness of our approach on high-, mid-, and low-end microcontrollers, and we provide the ground for future research by releasing an extensible tool that can be used to implement our approach on different platforms and to build CAN countermeasures at the data link layer.

Cryptography and Security

Damilola Oladimeji,Amar Rasheed,Cihan Varol,Mohamed Baza,Hani Alshahrani,Abdullah Baz

DOI: https://doi.org/10.3390/s23198223

2023-10-02

Abstract:Current vehicles include electronic features that provide ease and convenience to drivers. These electronic features or nodes rely on in-vehicle communication protocols to ensure functionality. One of the most-widely adopted in-vehicle protocols on the market today is the Controller Area Network, popularly referred to as the CAN bus. The CAN bus is utilized in various modern, sophisticated vehicles. However, as the sophistication levels of vehicles continue to increase, we now see a high rise in attacks against them. These attacks range from simple to more-complex variants, which could have detrimental effects when carried out successfully. Therefore, there is a need to carry out an assessment of the security vulnerabilities that could be exploited within the CAN bus. In this research, we conducted a security vulnerability analysis on the CAN bus protocol by proposing an attack scenario on a CAN bus simulation that exploits the arbitration feature extensively. This feature determines which message is sent via the bus in the event that two or more nodes attempt to send a message at the same time. It achieves this by prioritizing messages with lower identifiers. Our analysis revealed that an attacker can spoof a message ID to gain high priority, continuously injecting messages with the spoofed ID. As a result, this prevents the transmission of legitimate messages, impacting the vehicle's operations. We identified significant risks in the CAN protocol, including spoofing, injection, and Denial of Service. Furthermore, we examined the latency of the CAN-enabled system under attack, finding that the compromised node (the attacker's device) consistently achieved the lowest latency due to message arbitration. This demonstrates the potential for an attacker to take control of the bus, injecting messages without contention, thereby disrupting the normal operations of the vehicle, which could potentially compromise safety.

Qiang Dong,Zenglu Song,Haoshu Shao

DOI: https://doi.org/10.1049/ell2.13112

2024-01-30

Electronics Letters

Abstract:This research presents a novel method for detecting and defending against intrusions in the Controller Area Network (CAN) bus used in automotive systems. By analysing frequency anomalies in message transmission and utilizing the arbitration mechanism of the CAN bus, this approach effectively identifies and disrupts illegal messages in real‐time, ensuring the security of the network. As automobile intelligence continues to develop, the electronic control units connected to the Controller Area Network (CAN) bus within vehicles face an increasing number of threats from potential attacks originating from the internet. To address this issue, an intrusion detection and defence method is proposed that is capable of detecting illegal messages through the use of frequency anomaly detection, and subsequently disrupting them through utilization of the CAN bus arbitration mechanism. This proposed method offers a simple implementation compared to traditional approaches, while being able to identify suspicious units and neutralize threats in real‐time. Experimental results demonstrate the effectiveness of this approach.

engineering, electrical & electronic

WANG Jian,ZHANG Zi-jian,YUAN Jian

DOI: https://doi.org/10.13190/j.jbupt.2015.04.006

2015-01-01

Abstract:The development of vehicular Ad hoc networks ( VANETs) require a secure in-vehicle net-work. Controller area network (CAN) is a popular protocol applied in in-vehicle network. In order to en-hance CAN bus security, abroadcast authentication algorithm, which establishesthe samemessage authen-tication code( MAC) list among all the electronic control unit ( ECUs) with stream ciphers, was pro-posed. The senderjust needs to attach a MAC sequence to the data frame and the receiver compares the received MAC sequence with the corresponding one in the established list. This algorithm can be adapt to the characteristic ofthe CAN bus communication. The structure of the authentication system was described in detail. Finally,the security and delay performance was analyzed. The probability of miss and the bus overhead was provided.

George Kornaros,Othon Tomoutzozlou,Marcello Coppola,Georgios Kornaros,Othon Tomoutzoglou

DOI: https://doi.org/10.1109/mm.2018.053631143

IF: 2.8212

2018-09-01

IEEE Micro

Abstract:With emerging smart automotive technologies, vehicle-to-vehicle communications, and software-dominated enhancements for enjoyable driving and advanced driver assistance systems, the complexity of providing guarantees in terms of security, trust, and privacy in a modern cyber-enabled automotivesystem is significantly elevated. New threat models emerge that require efficient system-level countermeasures. This article introduces synergies between on- and off-chip networking techniques to ensure secure execution environments for electronic control units. The proposed mechanisms consist of hardware firewalling and on-chip network physical isolation, whose mechanisms are combined with system-wide cryptographic techniques in automotive controller area network (CAN)-bus communications to provide authentication and confidentiality.

computer science, software engineering, hardware & architecture

Wenhong Ma,Yan Liu,Guoqi Xie,Renfa Li,Laurence T. Yang

DOI: https://doi.org/10.1109/jiot.2021.3085422

IF: 10.6

2021-01-01

IEEE Internet of Things Journal

Abstract:Controller area network with flexible data-rate (CAN-FD) has received great attention in automotive cyber–physical systems (ACPSs) due to its high bandwidth and long payload. However, CAN-FD adopts a broadcast message transmission mechanism and lacks security protection, making it extremely vulnerable to cyberattacks. CAN-FD message packing (packing signals into messages) with low bandwidth occupancy (utilization) under security constraints is the prerequisite for running intelligent applications in ACPS. In this work, we implement a two-stage CAN-FD message packing solution to reduce bandwidth utilization and improve signal acceptance rate under security constraints. The first stage solves the message packing problem of minimizing bus bandwidth utilization under security constraints. The second stage aims at improving the signal acceptance rate by repacking signals. Experimental results show that the first stage reduces average bus bandwidth utilization by 135% compared with the unpacking solution, and the second stage improves the average signal acceptance rate by 5% than existing advanced methods.

computer science, information systems,telecommunications,engineering, electrical & electronic