Towards a Cybersecurity Testbed for Agricultural Vehicles and Environments

In today’s modern farm, an increasing number of agricultural systems and vehicles are connected to the Internet. While the benefits of networked agricultural machinery are attractive, this technological shift is also creating an environment that is conducive to cyberattacks. While previous research has focused on general cybersecurity concerns in the farming and agricultural industries, minimal research has focused on techniques for identifying security vulnerabilities within actual agricultural systems that could be exploited by cybercriminals. Hence, this paper presents STAVE – a Security Testbed for Agricultural Vehicles and Environments – as a potential solution to assist with the identification of cybersecurity vulnerabilities within commercially available off-the-shelf components used in certain agricultural systems. This paper reports ongoing research efforts to develop and refine the STAVE testbed, along with describing initial cybersecurity experimentation which aims to identify security vulnerabilities within wireless and Controller Area Network (CAN) Bus agricultural vehicle components

Towards a Cybersecurity Testbed for Agricultural Vehicles and Environments

In today’s modern farm, an increasing number of agricultural systems and vehicles are connected to the Internet. While the benefits of networked agricultural machinery are attractive, this technological shift is also creating an environment that is conducive to cyberattacks. While previous research has focused on general cybersecurity concerns in the farming and agricultural industries, minimal research has focused on techniques for identifying security vulnerabilities within actual agricultural systems that could be exploited by cybercriminals. Hence, this paper presents STAVE – a Security Testbed for Agricultural Vehicles and Environments – as a potential solution to assist with the identification of cybersecurity vulnerabilities within commercially available off-the-shelf components used in certain agricultural systems. This paper reports ongoing research efforts to develop and refine the STAVE testbed, along with describing initial cybersecurity experimentation which aims to identify security vulnerabilities within wireless and CAN Bus agricultural vehicle components

A Real-Time Remote IDS Testbed for Connected Vehicles

Connected vehicles are becoming commonplace. A constant connection between vehicles and a central server enables new features and services. This added connectivity raises the likelihood of exposure to attackers and risks unauthorized access. A possible countermeasure to this issue are intrusion detection systems (IDS), which aim at detecting these intrusions during or after their occurrence. The problem with IDS is the large variety of possible approaches with no sensible option for comparing them. Our contribution to this problem comprises the conceptualization and implementation of a testbed for an automotive real-world scenario. That amounts to a server-side IDS detecting intrusions into vehicles remotely. To verify the validity of our approach, we evaluate the testbed from multiple perspectives, including its fitness for purpose and the quality of the data it generates. Our evaluation shows that the testbed makes the effective assessment of various IDS possible. It solves multiple problems of existing approaches, including class imbalance. Additionally, it enables reproducibility and generating data of varying detection difficulties. This allows for comprehensive evaluation of real-time, remote IDS.Comment: Peer-reviewed version accepted for publication in the proceedings of the 34th ACM/SIGAPP Symposium On Applied Computing (SAC'19

Cybersecurity of Agricultural Machinery: Exploring Cybersecurity Risks and Solutions for Secure Agricultural Machines

Modern agriculture is reliant on agricultural machinery for the production of food, fuel, and other agricultural products. The need for producing large quantities of quality agricultural products while sustainably stewarding environmental resources has led to the integration of numerous digital technologies into modern agricultural machinery, such as the CAN bus and telematic control units (Liu et al., 2021). An unintended drawback of these integrated digital technologies is the opportunity for these components to become cyberattack vectors. Cyberattack instances have increasingly targeted critical infrastructures, with numerous reports from agencies such as the Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS) warning of the significance of cyberattacks targeting the agricultural infrastructure specifically (Boghossian et al., 2018; Federal Bureau of Investigation, 2021; Federal Bureau of Investigation, 2022). Agricultural machinery, which is included in the agricultural infrastructure, has the potential to be targeted by cyberattacks, although the impacts are not well quantified or understood. This project demonstrates a hypothetical case study, where cyberattacks targeting in-season side-dress nitrogen application to corn could cause as much as $100 or more in profit loss per acre. Literature discussing practical cybersecurity solutions for agricultural machinery from both industry and academic institutions is absent, therefore two possible solutions were demonstrated in this project: modeling and the use of security testbeds. A four-step modeling methodology was developed and investigated as a solution in identifying the most security-critical areas of a machine. Two specific cyberattack scenarios were modeled to demonstrate the potential of the modeling methodology. A Security Testbed for Agricultural Vehicles and Environments (STAVE) was also developed as a useful solution for the identification of cybersecurity vulnerabilities to agricultural machinery (Freyhof et al., 2022). A replay attack and wireless signal recordings were performed to evaluate various components on STAVE. Advisor: Santosh K. Pitl