Frame Security for CAN and CAN FD
CANcrypt protects frames. It is a security sublayer that sits just above the link layer, authenticating and, where configured, encrypting the frames your nodes exchange, without changing what your application protocol means. Depending on the CANcrypt version, support is available for classical CAN, CAN FD, CANopen CC, CANopen FD and other higher-layer CAN protocols.
A Sublayer That Protects Frames
CANcrypt secures the bus one frame at a time, from a thin sublayer placed just above the data-link layer. On classical CAN, where a frame carries at most 8 bytes, protecting a frame requires sending an extra frame, a security preamble, alongside it. On CAN FD, the larger frame absorbs the overhead in place: CANcrypt uses 12 or 16 bytes of the 64-byte data field for its security stamp, which reduces the payload available to the application to 48 bytes. Either way the higher-layer protocol keeps working unchanged; CANcrypt only adds authentication and, when configured, encryption.
Two Security Modes
CANcrypt works in two modes. For configuration it uses a secured 1:1 client-server exchange between a manager and a single device, so the same channel can be used for key provisioning. For operation it switches to group security: a single shared security context covers many participants at once, which suits the exchange of many different parameters and lets a constrained device secure all of its communication rather than a hand-picked subset.
Secure Heartbeat and Injection Detection
During operation, every device emits a secure heartbeat. As long as a device's heartbeat keeps arriving, receivers know the expected participants are present, and because the heartbeat is authenticated an attacker cannot easily spoof or masquerade as a node. Each device also watches for injected frames that carry its own identifier. When a device detects such an injection, it stops sending its heartbeat, so the other participants read the missing heartbeat as a sign of an attack.
One Family, Two Generations
Modern regulation expects data in motion to be authenticated and encrypted with strong, current cryptography. The EU Cyber Resilience Act mandates protection for products with digital elements, and standards such as IEC 62443 demand security in depth. The CAN and CAN FD standards ship no security of their own. CANcrypt closes that gap at the link layer: CANcrypt V1 secures classical CAN and CANopen CC for up to 16 nodes; CANcrypt V2 secures ALL frames exchanged on CAN FD and CANopen FD. V2 is build on SPsec, the open security sublayer for small-packet networks. For a vendor-neutral account of the underlying protocol weaknesses and the regulations that now address them, see our CAN Security Reference at CAN Protocol Weaknesses.
Where to Start
Pick the area that matches what you need:
- Compare CANcrypt V1 and CANcrypt V2
- Understand the SPsec security sublayer
- Read the specifications and download the PDFs
- Get in touch about CANcrypt
Frequently Asked Questions
What does CANcrypt protect?
CANcrypt protects individual CAN and CAN FD frames. It is a security sublayer just above the link layer that authenticates the frames a node sends and optionally encrypts them, without changing what the higher-layer protocol means.
What is the difference between CANcrypt V1 and CANcrypt V2?
CANcrypt V1 secures classical CAN and CANopen. CANcrypt V2 secures CAN FD and is built on the SPsec security sublayer. Both protect communication at the link layer.
Does CANcrypt distribute keys?
Yes. CANcrypt provides both group security and a 1:1 client-server mode. The point-to-point channel lets a secure manager distribute keys securely to each node.