Embedded Systems Academy

The CRA will significantly affect all digital products, including those based on the Controller Area Network (CAN) and using protocols like CANopen. Under the CRA, manufacturers must manage and report vulnerabilities with clear severity scoring. This applies not only to newly developed products but also to products already placed on the EU market.

To support companies in this transition, Embedded Systems Academy continuously publishes white papers that address the different aspects of CAN security and CRA compliance. Currently three papers are published at:
https://www.esacademy.com/en/library/security-white-papers.html

The first, Security Justification for Classical CAN Systems (EmSA-WP-101), explains under which circumstances lightweight or non-cryptographic measures can be sufficient. It shows how techniques like physical access control and event monitoring can provide compliance where full cryptography is impractical. The paper maps these measures against IEC 62443, BSI TR-02102 and CRA requirements and presents structured arguments that auditors can follow.

The second, Interface Driven Security Evaluation for Sensors (EmSA-WP-102), analyses how the choice of sensor interfaces, from memory bus and SPI/I²C to CAN, changes the security evaluation. The central message is that risk depends more on the exposure of the interface than on the protocol itself. Deeply embedded CAN systems may be sufficiently secure. But exposed systems, such as wiring accessible behind easily opened panels, often require additional mitigations. Methods could be as simple as timing checks but also involve cryptography like an authenticated heartbeat. The paper aligns these evaluations with IEC 62443, ISO/IEC 27005 and CRA expectations.

The third, Common Vulnerability Scoring System (CVSS) for CAN (EmSA-WP-103), provides guidance on applying CVSS v4.0 to CAN devices. Because CRA requires vulnerabilities to be reported with standardized severity scores, this paper adapts the CVSS methodology to include CAN-specific considerations. It explains how confidentiality, integrity and availability impacts should be assessed at both node and system levels. It demonstrates how measures such as event monitoring or cryptographic authentication can reduce scores from high to low risk.

These papers are a practical toolkit for organizations producing CAN nodes or machinery using CAN systems. By adopting these approaches now, companies can prepare for the CRA with confidence and ensure that their products remain secure and compliant.

This spring, the tutors of ESAcademy present five CAN and CANopen related papers at the 16th international CAN Conference and the Embedded World Conference 2017.

16th iCC, 7th to 8th March 2017 in Nuremberg
www.can-cia.org/services/conferences/icc/icc-2017/

Bernhard Floeth (Opel) and Olaf Pfeiffer (ESAcademy):
Using an enhanced condensed device configuration file format for CANopen boot-loading and/or device testing
This paper presents the enhanced CDCF player integrated in our free CANopen File Player and CANopen Diag projects. It supports spreadsheet based (.csv) Object Dictionary access with active flow control. (Tuesday, March 07, 2017, Session II)

Andrew Ayre (ESAcademy):
Automated trace analysis for testing of CANopen devices
This paper presents a summary of the debug information extractable from CANopen trace recordings. The functionality described in this paper are implemented in our Logxaminer software. (Wednesday, March 08, 2017, Session VII)

Olaf Pfeiffer (ESAcademy) and Christian Keydel (ESAcademy):
Scalable security for CAN, CANopen, and other CAN protocols
This paper describes the main functionality of the CANcrypt security framework described in our book “Implementing Scalable
CAN Security with CANcrypt”. (Wednesday, March 08, 2017, Session VIII)

Meet our tutors at our tabletop display table at the conference.

Embedded World Conference 2017, 14th to 16th March 2017, Nuremberg
www.embedded-world.eu/program.html

Christian Keydel (ESAcademy):
Secure CANopen (FD) Bootloading
This paper shows how to adapt the security mechanisms introduced by CANcrypt to CANopen, CAN (FD) and bootloading. (THURSDAY, MARCH 16, 2017, Session 25/I)

Olaf Pfeiffer (ESAcademy):
CiA 447, the CANopen Standard for After-Market Automotive Applications
This paper summarizes the key features of the CANopen application profile CiA 447. These include wake-up and sleep mechanisms as well as plug-and play functionality. (THURSDAY, MARCH 16, 2017, Session 25/II)

Meet our tutors at the PEAK System booth (Hall 1, Booth 1-483)

We look forward to meeting you

On March 5th, ESAcademy will conduct the following classes at the iCC together with NXP Semiconductors:

08:30 to 09:30 Everything CAN and NXP CAN Controller Intro
A 30 year old technology, here to stay for another 30 years

An overview of the almost 30 year old CAN technology, where it came from and where it goes. CAN is used in many new electronic designs, also thanks to continuous advancements in CAN controller technology. Comparison of various CAN controller technologies.

09:45 to 10:30 CANopen Essence
New to CANopen? Learn the key features in just 45 Minutes

With its 4000+ pages the CANopen drafts and standards are overwhelming to newcomers. Join this class to get an overview of the common technical key features that make CANopen work.

11:30 to 13:00  Introduction to NXP CAN microcontrollers and Co-Processors
CAN controllers, CANopen Co-Processor, J1939 Co-Processor

Specialties of NXP CAN controllers and how an LPC11C24 can be used as a communication Co-Processor. Using the LPC11C24 with integrated CAN transceivers to implement a Co-Processor to implement and handle a higher-layer protocol, offloading this task from a host processor system. The host system communicates with the gateway via
UART, I2C or SPI.

Participants may qualify for a free NXP Evaluation Kit (must be present to qualify, 50 kits available).

For more information about the international CAN conference visit: www.can-cia.org