Generalizability of an Identification Approach for Machine Control Signals in Brownfield Production Environments

Digital transformation has been a central aspect of optimizing processes in manufacturing companies for several years now. A basic prerequisite of successful transformation is the vertical integration of all machines and machine tools to capture data at all levels. This can create further applications that enable more sustainable and resource-saving processes. At the same time cost- and quality-optimizing analyses such as failure detection, predictive maintenance or general process optimization represent major incentives for companies. While the necessary interfaces are now integrated in state-of-the-art machine tools, companies with older legacy machines face the problem that no such interfaces are readily available. Brownfield machine tools feature outdated technology that does not allow direct networking connectivity without further effort. To participate in the technological progress, a system was developed that allows to extract machine control signals from machine tools and identify them automatically as time series. This is compatible with several communication protocols (e.g., OPC UA) to be as universally applicable as possible. Since machine control signals are often not interpretable for the user due to different naming conventions, the extracted time series are analyzed by machine learning and analytical rule bases, these are based on expert knowledge, and assign a specific signal type in each case. With regard to a cross-machine generalization capability, several aspects have to be considered. Due to different data sources, the identification system must still function reliably with varying sampling frequency. Another challenge is the diversity of different types of machines and production equipment. Therefore, this publication investigates the different influences of data sources and machine types on the machine control signal identification system

Towards Reverse Engineering Controller Area Network Messages Using Machine Learning

The automotive Controller Area Network (CAN) allows Electronic Control Units (ECUs) to communicate with each other and control various vehicular functions such as engine and braking control. Consequently CAN and ECUs are high priority targets for hackers. As CAN implementation details are held as proprietary information by vehicle manufacturers, it can be challenging to decode and correlate CAN messages to specific vehicle operations. To understand the precise meanings of CAN messages, reverse engineering techniques that are time-consuming, manually intensive, and require a physical vehicle are typically used. This work aims to address the process of reverse engineering CAN messages for their functionality by creating a machine learning classifier that analyzes messages and determines their relationship to other messages and vehicular functions. Our work examines CAN traffic of different vehicles and standards to show that it can be applied to a wide arrangement of vehicles. The results show that the function of CAN messages can be determined without the need to manually reverse engineer a physical vehicle

Techniques for utilizing classification towards securing automotive controller area network and machine learning towards the reverse engineering of CAN messages

The vehicle industry is quickly becoming more connected and growing. This growth is due to advancements in cyber physical systems (CPSs) that enhance the safety and automation in vehicle. The modern automobile consists of more than 70 electronic control units (ECUs) that communicate and interact with each other over automotive bus systems. Passenger comforts, infotainment features, and connectivity continue to progress through the growth and integration of Internet-of-Things (IoT) technologies. Common networks include the Controller Area Network (CAN), Local Interconnect Network (LIN), and FlexRay. However, the benefits of increased connectivity and features comes with the penalty of increased vulnerabilities. Security is lacking in preventing attacks on safety-critical control systems. I will explore the state of the art methods and approaches researchers have taken to identify threats and how to address them with intrusion detection. I discuss the development of a hybrid based intrusion detection approach that combines anomaly and signature based detection methods. Machine learning is a hot topic in security as it is a method of learning and classifying system behavior and can detect intrusions that alter normal behavior. In this paper, we discuss utilizing machine learning algorithms to assist in classifying CAN messages. I present work that focuses on the reverse engineering and classification of CAN messages. The problem is that even though CAN is standardized, the implementation may vary for different manufacturers and vehicle models. These implementations are kept secret, therefore CAN messages for every vehicle needs to be analyzed and reverse engineered in order to get information. Due to the lack of publicly available CAN specifications, attackers and researchers need to reverse engineer messages to pinpoint which messages will have the desired impact. The reverse engineering process is needed by researchers and hackers for all manufacturers and their respective vehicles to understand what the vehicle is doing and what each CAN message means. The knowledge of the specifications of CAN messages can improve the effectiveness of security mechanisms applied to CAN