This document provides recommendations to vehicle manufacturers, ECU developers, and other device suppliers in securing the SAE J1939 network from cybersecurity risks. This document focuses on security measures related to on-vehicle network architecture and security measures for communication interfaces between devices, ECUs, or networks. The focus is on security related to network communications on the vehicle side of off-vehicle interfaces, such as the SAE J1939-13 connector.
The recommendations in this document aim to address cybersecurity risks presented by communication between the vehicle and the rest of the supporting ecosystem via the vehicle networks. The risk focus is on safety and operational risks, although other risks are possible. This document should be used as a reference to current best practices for addressing off-vehicle communication security.
This document focuses on recommendations related to the Secure Architecture and Secure Connectivity aspects of vehicle security; it is the first in a family of security-related documents. Recommendations for secure on-board communications between ECUs and any other on-vehicle device will be defined in another document. While Secure ECU is out of scope for this document, this document does include some Secure ECU recommendations only to the extent needed to support the recommendations of topics that are in scope.
Some of the described guidelines and measures described in this document include:
It is recognized that not every application of SAE J1939 networks requires the same level of cybersecurity measures. Techniques to determine the level of cybersecurity measures required are out of scope for this document. Generally, higher-risk applications require higher levels of cybersecurity measures.
Generally, there are three forms of communication methodologies used in current vehicles:
-
1
Open access to communication buses – security included inside each networked ECU
-
2
Communication buses isolated via a gateway – central security interconnect ECU
-
3
Combinations of (1) and (2)
This document provides guidelines for securing communications with any off-board device for vehicles utilizing any of these methodologies.