SAE J1939-91A PDF
Original price was: $127.00.$72.39Current price is: $72.39.
Security Recommendations for Interfaces to On-Vehicle Networks
Description
This document provides recommendations to vehicle manufacturers, ECU developers, and other device suppliers in securing the SAE J1939 network from cybersecurity risks. This document focuses on security measures related to on vehicle network architecture and security measures for communication interfaces between devices, ECUs, or networks. The focus is on security related to network communications on the vehicle side of off-vehicle interfaces, such as the SAE J1939-13 connector.
The recommendations in this document aim to address cybersecurity risks presented by communication between the vehicle and the rest of the supporting ecosystem via the vehicle networks. The risk focus is on safety and operational risks, although other risks are possible. This document should be used as a reference to current best practices for addressing off-vehicle communication security.
This document focuses on recommendations related to the Secure Architecture and Secure Connectivity aspects of vehicle security; it is the first in a family of security-related documents. Recommendations for secure on-board communications between ECUs and any other on-vehicle device will be defined in another document. While Secure ECU is out of scope for this document, this document does include some Secure ECU recommendations only to the extent needed to support the recommendations of topics that are in scope.
Some of the described guidelines and measures described in this document include:
Overview of the SAE J1939 layered security model
Secure Architecture
Domain Separation
Vehicle Messaging Matrix (VMM) to document all network messaging
Multi-level security (MLS) policy, based on VMM, to control message flow between domains
Secure Connectivity
Gateways and firewalls to isolate on-vehicle networks from off-vehicle networks and control message flow of incoming messages from off-vehicle
Firewall-based diagnostic services control
ECU-based diagnostic services control
An alert service for reporting detected imposter messaging activity
It is recognized that not every application of SAE J1939 networks requires the same level of cybersecurity measures. Techniques to determine the level of cybersecurity measures required are out of scope for this document. Generally, higher risk applications require higher levels of cybersecurity measures.
Generally, there are three forms of communication methodologies used in current vehicles:
Open access to communication buses – security included inside each networked ECU
Communication buses isolated via a gateway – central security interconnect ECU
Combinations of (1) and (2)
This document provides guidelines for securing communications with any off-board device for vehicles utilizing any of these methodologies.
History
| ISSUING COMMITTEE | Truck and Bus Control and Communications Network Committee |
|---|---|
| DATE | 2025-03-19 |
| DOI | |
| ISCURRENT | Current |
| PAGE | 21 |
| PUBLISHER | SAE International |
Please select a variation to view its pdf.
Reviews
There are no reviews yet.