BenGardiner
commented
2 years ago To make matters more complicated, this is a J1939 attack, not a CAN attack per se.
Closed BenGardiner closed 2 years ago
BenGardiner
commented
2 years ago To make matters more complicated, this is a J1939 attack, not a CAN attack per se.
kentindell
commented
2 years ago If I understand correctly, the address claim attack uses a CAN protocol attack, which can't take place through a security gateway. So it might be better to re-word this requirement as "Prevent CAN protocol attacks", cite something that talks about the address claim attack / CAN protocol attacks. I could pull together some words on this if I can get a definitive description of the address claim attack.
BenGardiner
commented
2 years ago @kentindell thank you, I agree with your stated understanding. Could you review the changes proposed in https://github.com/nmfta-repo/vcr-experiment/pull/27 ?
The CGW-S-100 Impervious to Address Claim Attacks under AGW-S-002 Prevents DoS seems like the correct rooting of the requirement and prevention of that attack is desirable. I think the presence of this single attack in the set of requirements needs to be abstracted OR we need to complete the set of attacks under CAN.