For Homeschool / Physical Setup:

• Index Cards or Post-it Notes (3 different colors if possible)
• A long piece of yarn, string, or a jump rope (approx. 6-10 feet)
• 3-4 clothespins or paperclips
• Colored markers or pens
• A stopwatch or smartphone timer
• Optional: A computer with internet access to view a short video and simulation

For Digital/Remote Setup:

• Access to Google Slides, Miro, or Jamboard to drag-and-drop simulated "data packets"

The Hook: The Jeep Hack Story

In 2015, two cybersecurity researchers sat on a couch in their basement and took complete wireless control of a Jeep Cherokee driving down a highway miles away. They turned on the windshield wipers, blasted the radio, cut the engine, and disabled the brakes! How did they do it? They didn't cut physical brake lines; they sent digital lies to the car’s computer system. Modern cars are not just mechanical machines—they are giant computers on wheels.

The Dinner Table Analogy:

Imagine sitting around a noisy dinner table in a dark room. You cannot see who is speaking; you can only hear voices. If someone shouts, "Pass the salt!", you don't actually know who said it. You just assume it was a family member, so you pass the salt. This is exactly how a CAN Bus works. It is a shared line where any computer can broadcast a message, and every other computer hears it. Crucially: Standard CAN messages have no "sender ID" or signatures. Anyone can claim to be the brakes!

Step-by-Step Setup:

1. Lay the Bus: Stretch your yarn/string across the table or room. This string is your CAN Bus.
2. Assign Roles (ECUs):
   • Node A (The Dashboard): Hold one end of the string.
   • Node B (The Brakes): Hold the other end of the string.
   • Node C (The Infotainment System/Radio): Hold onto the middle of the string.
   • Note: If learning 1-on-1, the educator plays Node A & B, and the student plays Node C (The Hackable Node).
3. Define the Packets (Index Cards): Write these commands on three different cards:
   • [Blue Card] - ID: 0x101 | Data: SPEED = 50mph
   • [Green Card] - ID: 0x202 | Data: BRAKE = OFF
   • [Red Card] - ID: 0x303 | Data: MUSIC = PLAY VOLUME 10

Activity 1: Normal Operations

Practice sending safe messages. To send a message, clip an index card to the string and slide it along the string to the other players. Every node must read every message sliding by. If the message applies to them (e.g., Brakes see "BRAKE = OFF"), they say "Acknowledged!" out loud.

Activity 2: The Attack (Spoofing & Sniffing)

Now, the Infotainment System (Node C) has been compromised because someone plugged a malicious device into the car's diagnostic port (OBD-II port) or hacked the Bluetooth!

• Step A (Sniffing): Node C quietly watches the cards slide by. They write down the ID and exact layout of Node B's "BRAKE" messages. They now know how the brakes talk!
• Step B (Spoofing): Node C writes a fake card: ID: 0x202 | Data: BRAKE = ENGAGE EMERGENCY! Node C clips it to the line and slides it to the Brakes.
• The Result: Because there is no signature verifying *who* sent the brake command, the Brakes (Node B) must execute the command immediately! The dashboard flashes and the car screeches to a simulated halt.

Your Challenge:

Part 1: The Denial of Service (DoS) Attack

On CAN Bus networks, low-numbered IDs (like 0x000) have higher priority than high-numbered IDs (like 0x303). If two nodes talk at the same time, the one with the lowest ID wins, and the other node must wait.

• Your Task: Figure out how to completely freeze or crash the brake system (Node B) using a stack of blank index cards and a marker.
• Constraint: You cannot physically disconnect the wire.
• Hint: What happens if you constantly flood the line with high-priority "0x000" messages? Try to simulate this on your physical string.

Part 2: Designing a Defense (The Security Architect)

How do we stop these attacks? You are the lead engineer for a major car company. On a piece of paper, design a solution to prevent spoofed brake messages. Consider these real-world options:

• Option A: Cryptographic Keys (MACs): Can you add a secret "code" or mathematical signature to the end of the message? (e.g., BRAKE = ON + [Secret math password that changes every second]).
• Option B: Network Segmentation (Firewalls): Can you divide the string into two separate loops (one for critical safety parts like brakes, one for entertainment) separated by a gateway guard?

Deliverable: Draw or write your defense strategy. If choosing Option A, create a "secret code key" with your family member/teacher and see if you can successfully reject a spoofed card that doesn't have the correct secret code on it!

Summary Points (What We Taught):

1. ECUs are the individual computers running different parts of a modern car.
2. The CAN Bus is the shared communication highway connecting all ECUs.
3. Standard CAN has no authentication, making it vulnerable to:
   • Sniffing: Listening to private car data.
   • Spoofing: Injecting fake commands (like turning steering wheels or cutting brakes).
   • Denial of Service (DoS): Flooding the network so critical safety messages can't get through.
4. Defenses include segmenting networks (firewalls) and adding encrypted signatures to data packets.

Formative Assessment (During Lesson):

Observe the student during the "Human CAN Bus" simulation. Ensure they understand that the receiving node (brakes) has no way of knowing where the message originated unless a verification step is added.

Summative Assessment (End of Lesson):

Have the student complete this short scenario matching puzzle: