CAN-PHANTOM: case study

CAN-PHANTOM manufactures an aftermarket Controller Area Network (CAN) bus immobiliser that prevents a vehicle from being moved until a PIN code has been entered.

CAN-PHANTOM joined the Digital Security by Design (DSbD) Technology Access Programme to use the Arm Morello board for exploring new ways of fixing and preventing common programming and security issues. This was a valuable opportunity for their team to get involved with DSbD technology at an early stage – before market launch, as well as being able to connect and collaborate with other companies working on automotive systems with CHERI (capability hardware enhanced RISC instructions).

The Morello evaluation board designed by Arm is a real-world test platform for the CHERI architecture developed by the University of Cambridge. It is the first hardware implementation of DSbD technology, and could eliminate whole classes of possible exploits, significantly reducing the ability of bad actors to capture user data, take over machines, or shut down critical systems.

The CAN-PHANTOM team were hoping to find that CHERI would detect and prevent vulnerabilities in memory, such as stack overflows and underflows, which have the potential to cause a denial of service or allow hackers to gain control of a system. Based on their experience through the project, they found that CHERI would allow them to find bugs and errors at a much earlier stage in the design process. This will have the benefit of fewer firmware/software security updates being needed in the future. 

The project team converted some of their existing automotive CAN-handling code and added code to support global navigation satellite systems (GNSS) and wide-area Long-Term Evolution Machine Type Communication (LTE-M) based devices. They then used the CHERI technology to isolate the processes from each other, only allowing communication through a well-defined Interprocess Communication (IPC) mechanism. This reduces the chance of errors in one process allowing unfiltered access to another. For the automotive industry, this process of isolating or compartmentalising the vehicle’s systems increases its overall resilience, making it harder for an attacker to take control.

The CAN-PHANTOM team is now keen to exploit the technology as soon as it becomes commercially available, and they are looking into the possibilities of using the Morello board as a verification platform for their code. 

Digital Security by Design (DSbD) is enabling software designers to make their products more robust and resilient to cyber-attacks. Digital Catapult is running the Technology Access Programme on behalf of UKRI to facilitate experimentation and early adoption by UK companies. This includes implementing updated hardware architecture, developing the software and system development tools that will run on it, and demonstrating its application and value in different industry sectors.