A shared vocabulary keeps the rest of the reference precise.

Terms and Definitions

Common terms used across this reference: the CAN protocols and higher-layer protocols, the EU regulations that drive cybersecurity obligations for industrial products, the standards and guidelines that operationalize those obligations, and the cryptographic primitives that the CAN-specific defensive controls rely on. Entries cite their source standard or specification where one exists.

CAN Protocols and Higher-Layer Protocols

Regulations

Standards and Guidelines

Risk-Assessment Vocabulary

Threats and Attacks

Cryptographic Primitives and Keys

Security Measures and Mitigations

Frequently Asked Questions

How is this glossary scoped?

Industrial CAN and CAN FD security only. Entries cover the protocols (CAN, CAN FD, CAN XL, CANopen, J1939, FireCAN, CleANopen), the regulations that drive security obligations in the EU (CRA, NIS 2, Machinery Regulation), the standards that operationalize those obligations (IEC 62443, NIST SP 800-82, EN 303 645, ISO/IEC 9798), the threats and attacks the controls address (frame injection, spoofing / masquerading, replay, sniffing, bus flooding), and the security measures and mitigations on the CAN side (anomaly detection, SPsec, CANcrypt, SOFA, CANsec, secure boot) along with the cryptographic primitives and keys involved (AES-128-GCM, Update Key, Provisioning Key, Integrator Key, authentication key). Automotive vocabulary is deliberately excluded.

Where do these definitions come from?

Each term cites its source standard or specification where one exists. Where a term has multiple meanings across communities (for example MAC, which can mean Message Authentication Code or Media Access Control), the definition here is the one used by this reference and the disambiguation is called out.