Automotive
CAN bus
CAN bus (Controller Area Network) is a serial communication protocol designed for in-vehicle Electronic Control Unit (ECU) communication. It allows multiple ECUs — engine, transmission, brakes, infotainment — to exchange messages on a shared two-wire bus without a central host.
Definition
CAN bus (Controller Area Network) is a serial communication protocol designed for in-vehicle Electronic Control Unit (ECU) communication. It allows multiple ECUs — engine, transmission, brakes, infotainment — to exchange messages on a shared two-wire bus without a central host.
What it means
Developed by Bosch in 1986 and standardized as ISO 11898, CAN bus is the dominant in-vehicle network protocol in passenger vehicles. CAN-FD (Flexible Data-rate) extends the original specification with higher bandwidth (up to 8 Mbit/s) and larger payloads (up to 64 bytes per frame). Messages broadcast on the bus with priority-based arbitration; any ECU can read any message.
The lack of authentication or encryption in the base CAN specification creates the primary security concern. An attacker with physical access to the bus — through the OBD-II port, a compromised telematics gateway, or a connected infotainment system — can inject arbitrary messages, replay captured frames, or perform denial-of-service via bus saturation. Modern vehicles increasingly use CAN gateways with message filtering or full security extensions (CAN-FD with Secure Onboard Communication / AUTOSAR SecOC) to constrain cross-zone message injection.
For offensive-security assessment, CAN bus testing typically includes: passive bus capture and dictionary attacks against unknown PIDs (parameter IDs), active replay of captured frames in a controlled lab environment, fuzzing of high-rate messages, and gateway-bypass attempts. The TARA Quality Anti-Patterns note discusses related methodology issues we see in automotive engagement portfolios.
Where it appears at Melina
Central to engagements under Automotive Security. CAN bus testing is one of the standard scope items in an in-vehicle network assessment.
Related terms
- OBD-II - ECU - TARA - ISO/SAE 21434 - DoIP (P1.5)
Authoritative sources
- ISO 11898-1:2024 — Road vehicles — Controller area network (CAN) — Part 1: Data link layer and physical signalling - Bosch CAN Specification 2.0 - AUTOSAR SecOC specification
---