CAN Bus Message Electrical Signatures for Automotive Reverse Engineering, Bench Marking and Rogue ECU Detection

2019-01-0476

04/02/2019

Event
WCX SAE World Congress Experience
Authors Abstract
Content
There are many applications in which you may need to reverse engineer the Controller Area Network (CAN), e.g.:
  • Automotive competitor analysis
  • Telematics applications such fleet management
  • Disabled driver applications
The typical reverse engineering process is concerned with moving a sensor and watching the CAN bus for message changes. For example, wind down a door window and see if this kicks off changes in CAN message data.
Many CAN buses have many messages originating from many Electronic Control Units (ECUs). This means it is difficult to watch all of them at the same time. It would be far easier if you could simply watch a smaller number of CAN messages to observe changes by isolating the ECUs the messages originate from.
This paper describes a process that allows the user to identify which CAN messages are transmitted by a particular ECU. This is achieved by getting the electrical signature of each CAN message and matching known CAN messages with unknown ones. Therefore, the transmitting ECU of the unknown CAN messages can be determined.
The method for determining which Identifiers come from a particular ECU is to first get electrical signature plots of known diagnostic response messages and compare with electrical signature plots of the real time control messages. It is shown how to achieve this using Warwick Control’s tool X-Analyser coupled with a PicoScope PC oscilloscope and the a Kvaser CAN USB interface.
This paper requires prior basic knowledge of the workings of the CAN bus technology.
Meta TagsDetails
DOI
https://doi.org/10.4271/2019-01-0476
Pages
6
Citation
Quigley, C., Charles, D., and McLaughlin, R., "CAN Bus Message Electrical Signatures for Automotive Reverse Engineering, Bench Marking and Rogue ECU Detection," SAE Technical Paper 2019-01-0476, 2019, https://doi.org/10.4271/2019-01-0476.
Additional Details
Publisher
Published
Apr 2, 2019
Product Code
2019-01-0476
Content Type
Technical Paper
Language
English