CAN-PHANTOM explores new ways to increase automotive cyber-security

CAN-PHANTOM manufactures an aftermarket Controller Area Network (CAN) bus immobiliser that prevents a vehicle from being moved until a PIN code has been entered.

Vehicles are data centres on wheels. Their digital security is an important aspect of their overall safety.
Article type: Case study
author Digital

Exploring new ways to increase automotive cyber-security

CAN-PHANTOM joined the Digital Security by Design (DSbD) Technology Access Programme to use the Arm Morello board for exploring new ways of fixing and preventing common programming and security issues. This was a valuable opportunity for their team to get involved with DSbD technology at an early stage – before market launch, as well as being able to connect and collaborate with other companies working on automotive systems with CHERI (capability hardware enhanced RISC instructions).

The Morello evaluation board designed by Arm is a real-world test platform for the CHERI architecture developed by the University of Cambridge. It is the first hardware implementation of DSbD technology, and could eliminate whole classes of possible exploits, significantly reducing the ability of bad actors to capture user data, take over machines, or shut down critical systems.

Tackling the errors and flaws that arise from pointer issues

The CAN-PHANTOM team were hoping to find that CHERI would detect and prevent vulnerabilities in memory, such as stack overflows and underflows, which have the potential to cause a denial of service or allow hackers to gain control of a system. Based on their experience through the project, they found that CHERI would allow them to find bugs and errors at a much earlier stage in the design process. This will have the benefit of fewer firmware/software security updates being needed in the future. 

Increasing cyber-security by isolating processes

The project team converted some of their existing automotive CAN-handling code and added code to support global navigation satellite systems (GNSS) and wide-area Long-Term Evolution Machine Type Communication (LTE-M) based devices. They then used the CHERI technology to isolate the processes from each other, only allowing communication through a well-defined Interprocess Communication (IPC) mechanism. This reduces the chance of errors in one process allowing unfiltered access to another. For the automotive industry, this process of isolating or compartmentalising the vehicle’s systems increases its overall resilience, making it harder for an attacker to take control.

“The help offered through the DSbD programme was very good. We were expecting to find more problems but almost everything we tried just worked as advertised. The one bug that we did encounter was fixed in under 24 hours, which is remarkably fast.”

Alan Smewing, CTO, CAN-PHANTOM

DSbD is presenting new possibilities

The CAN-PHANTOM team is now keen to exploit the technology as soon as it becomes commercially available, and they are looking into the possibilities of using the Morello board as a verification platform for their code.

“The prospect of eliminating more than 60% of common errors is appealing. We also see the potential for using CHERI as a way of showing compliance with a form of Secure by Design standard. Once the Linux conversion is complete and the hardware is readily available, we imagine that it would be difficult to defend a position of not using it!”

Alan Smewing, CTO, CAN-PHANTOM


CAN-PHANTOM manufactures an aftermarket Controller Area Network (CAN) bus immobiliser that prevents a vehicle from being moved until a PIN code has been entered.

Sign up to the newsletter

Sign up to the Digital Security by Design newsletter to stay up to date with our events, news, insights and opportunities. Be the first to know about our work and ways to get involved.

UKRI DSbD Councils
Website delivered by Digital Catapult as part of the Technology Access Programme, funded by UKRI through the Digital Security by Design Programme