Loren Data's SAM Daily™

fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
SAMDAILY.US - ISSUE OF APRIL 03, 2024 SAM #8163
SPECIAL NOTICE

99 -- Technology Opportunity: Vehicle Attack Framework for Penetration Testing and Analyzing Vehicle's Controller Area Network

Notice Date
4/1/2024 8:34:41 AM
 
Notice Type
Special Notice
 
Contracting Office
ORNL UT-BATTELLE LLC-DOE CONTRACTOR Oak Ridge TN 37831 USA
 
ZIP Code
37831
 
Solicitation Number
2024-04-01-F
 
Response Due
6/1/2024 2:00:00 PM
 
Archive Date
06/16/2024
 
Point of Contact
Andreana Leskovjan, Phone: 8653410433
 
E-Mail Address
leskovjanac@ornl.gov
(leskovjanac@ornl.gov)
 
Description
Invention Reference Number: 202305432 Technology Summary Vehicle cybersecurity professionals rely on techniques such as network penetration testing and simulation of malicious cyberattacks to gather data to create robust security tools designed to protect a vehicle from real-world malicious attacks. However, current attack simulations and penetration testing technologies focus on individual computers or systems instead of the entire vehicle as an insecure platform. This technology is a software package, called Vehicle Attack Analysis Framework, that researchers can use to perform attacks without prior knowledge of complex code, configurations, or executions. It allows for simple data collection either while attacking or during regular operations without attacks, and can automate the data parsing process. Description Vehicles rely on networked architecture called a controller area network (CAN) that, like a local area network, allows computers to communicate. However, vehicles can be vulnerable to hacking and attacks through their CAN. CAN-based attacks are trivial: small commonly available computing devices can be used to attack the network. Typical penetration testing isolates one vehicle system for cyber-resilience testing. With this new framework, researchers can perform penetration testing to expose these vulnerabilities for the whole vehicle. This technology provides the means for penetration testing of the entire vehicle without prior knowledge of how to configure or program an attack. Attacks and recordings are performed via a CAN interface attached to a portable computing device by a connector. Metadata regarding the attack scenario and the accompanying CAN data logs are saved for future parsing and analysis. Benefits Provides data collection during an attack and parses data Faster, more efficient means to learn about vulnerabilities No prior knowledge of coding, configurations or executions required Provides simple data collection during or after operations Automates data parsing programmatically Applications and Industries Vehicle manufacturers Radiological material transportation security Vehicle threat and risk assessment (TARA) industry Contact To learn more about this technology, email�partnerships@ornl.gov�or call 865-574-1051.
 
Web Link
SAM.gov Permalink
(https://sam.gov/opp/0a3b02a10e1940a4bb8e57f4bba2d764/view)
 
Place of Performance
Address: Oak Ridge, TN, USA
Country: USA
 
Record
SN07015275-F 20240403/240401230042 (samdaily.us)
 
Source
SAM.gov Link to This Notice
(may not be valid after Archive Date)

FSG Index  |  This Issue's Index  |  Today's SAM Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.