Forensic Analysis of Automotive Data Network Traffic during Vehicle Radiated Immunity Tests

Radiated immunity testing of vehicles has the potential to cause changes in, or corruption of, in-vehicle network messages, which may not necessarily result in a directly observable effect on the vehicle. Nonetheless, such effects may have undesirable impacts that are not currently considered or are only identified if message logs are analysed post-test. Analysis of in-vehicle automotive controller area network (CAN) traffic recorded before and during radiated immunity tests has been used to identify changes in CAN messages to highlight the susceptibility of particular electronic modules or the direct corruption of CAN messages. This capability has applications in the identification and resolution of possible vehicle radiated immunity issues, as well as possible implications for automotive cybersecurity.