Search Results

Android applications have historically faced vulnerabilities to man-in-the-middle attacks due to insecure custom SSL/TLS certificate validation implementations. In response, Google introduced the Network Security Configuration (NSC) as a configuration-based solution to improve the security of certificate validation practices. NSC was initially developed to enhance the security of Android applications by providing developers with a framework to customize network security settings. However, recent studies have shown that it is often not being leveraged appropriately to enhance security. Motivated by the surge in vehicular connectivity and the corresponding impact on user security and data privacy, our research pivots to the domain of mobile applications for vehicles. As vehicles increasingly become repositories of personal data and integral nodes in the Internet of Things (IoT) ecosystem, ensuring their security moves beyond traditional issues to one of public safety and trust.

It is essential to note that cybersecurity threats not only arise from inherent protocol defects but also consider software implementation vulnerabilities.

This method's detailed approach ensures that cybersecurity requirements can be readily implemented as a part of feature design, addressing the concerns of feature owners directly. ...This paper will discuss the merits of asset based approach to cybersecurity over attack based recognizing the inherent strengths and limitations of both methods and underscores the need for a unified approach.

The VCE Laboratory testbeds are connected with an Amazon Web Services (AWS) cloud-based Cyber-security Labs as a Service (CLaaS) system, which allows students and researchers to access the testbeds from any place that has a secure internet connection. ...VCE students are assigned predefined virtual machines to perform designated cyber-security experiments. The CLaaS system has low administrative overhead associated with experiment setup and management. ...VCE Laboratory CLaaS experiments have been developed for demonstrating man-in-the-middle cyber-security attacks from actual compromised hardware or software connected with the TestCube.

This paper gives a definition of the SDV concept, provides views from different aspects, discusses the progress in vehicle E/E architecture, especially zone-based architecture with centralized computation, and various technologies including High-Performance Computing (HPC) platform, standardized vehicle software architecture, advanced onboard communication, Over-The-Air (OTA) update, and cybersecurity etc. that collectively enable the realization of SDV.

Advanced Autonomous Vehicles (AV) for SAE Level 3 and Level 4 functions will lead to a new understanding of the operation phase in the overall product lifecycle. Regulations such as the EU Implementing Act and the German L4 Act (AFGBV) request a continuous field surveillance, the handling of critical E/E faults and software updates during operation. This is required to enhance the Operational Design Domain (ODD) during operation, offering Functions on Demand (FoD), by increasing software features within these autonomous vehicle systems over the entire digital product lifecycle, and to avoid and reduce downtime by a malfunction of the Autonomous Driving (AD) software stack.

Looking past ADAS Advances in perception hardware and software deliver new performance possibilities - and a refreshed vision for passenger-vehicle driving automation. Provizio eyes safety with radar, not lidar Provizio promises its 5D Perception stack can safely compete with expensive lidar sensors at a fraction of the cost. Can solid-state batteries commercialize by 2030? Solid-state batteries are facing a reckoning as OEMs attempt to commercialize the technology. Editorial Change?

Editorial Automated driving's continuing mission: One step forward… The Navigator Are robotaxis ready for prime time? AV Simulation Faces a Long and Winding Road There are many divergent-but-related ideas about how best to leverage simulation to 'teach' and test automated vehicles. Global AV simulation experts continue to attack the technology's persistent obstacles. DOT's 'Framework' for AV Development The U.S. Department of Transportation establishes structure to advance collaborative AV testing. The Chaos of Automotive Data Privacy Regulators and other privacy advocates believe vehicle-related data collection and brokering is in overdrive. One expert believes a day of reckoning is coming. Simulation Developer rFpro Mimics Vehicle Sensors 'Ray-tracing' software enables the training of ADAS systems entirely by simulation. Eight of the top 10 OEMs are using it. New Tools & Technologies

3D, no waiting! Two companies' latest techniques take additive manufacturing to the next level. Reducing the battery materials supply risk "Adjacent" strategies such as improving vehicle efficiency and advancing promising chemistries can mitigate the risks associated with today's favored battery materials. A formula for real-world experience Student engineers soak up the lessons from an army of auto-industry and racing volunteers at Formula SAE Michigan. Editorial It's about more than a connector Supplier Eye The New Wild West SAE to standardize Tesla's NACS charging connector Report: Suppliers need more info sooner on OEM EV plans Mazda again producing rotary engines Toyota to build new battery lab in Michigan New Lexus SUVs: GX for show, TX for dough? VW introduces seminal ID.Buzz in three-row layout Spotlight: 3D Printing/Additive Manufacturing Equipment & Software

Abstract The secure boot has successfully protected systems from executing untrusted software (SW), but low-power controllers lack sufficient time to check every memory cell while satisfying real-time functional safety requirements. Automotive controllers need to maintain security through multiple cycles of remote, unsupervised operation and safely reach a secure state when an anomaly is detected. To accelerate the boot time, we propose Sliced Secure Boot: build fingerprints by slicing orthogonally through memory blocks, protect each cell with a reusable fingerprint using a reproducible pattern with sufficient entropy, and randomly check one fingerprint pattern during boot. We do not claim that sampling offers equivalent protection to exhaustive checks but demonstrate that careful sampling can provide a sufficient level of detection while maintaining compatibility with both startup time and functional safety requirements.

Finding solutions for Sustainable Mobility SAE created its SMS team to help industry rethink itself as part of the new industrial revolution and the EV transition within it. Debarbonizing the EV battery supply chain Altering manufacturing processes and using a much higher percentage of low emission energy can help the battery industry get greener rapidly, according to a new McKinsey & Co. report. Europe's dust buster The pending Euro 7 vehicle-emissions regulations include a significant new sustainability wrinkle: first-ever restrictions for PM emissions from brakes. E-fueling for the future The development of carbon-neutral e-fuels enjoyed a major boost from European regulators, but production cost and scale remain issues. Fuels to transition the global legacy fleet The EV bandwagon has obscured potential solutions for decarbon-izing the enormous global ICE legacy fleet.

This exercise confirms the necessity of a more restrictive cybersecurity posture in automotive peripherals with access to critical systems, in particular VDAs, and especially when such peripherals present a wireless interface.

There continues to be massive advancements in modern connected vehicles and with these advancements, connectivity continues to rapidly become more integral to the way these vehicles are designed and operated. Vehicle connectivity was originally introduced for the purpose of providing software updates to the vehicle’s main system software, and we have seen the adoption of Over The Air updates (OTA) become mainstream with most OEMs. The exploitation of this connectivity is far more reaching than just basic software updates. In the latest vehicles it is possible to update software not just on the main vehicle systems, but to potentially update embedded software in all smart ECUs within the vehicle. Only using the connectivity to push data to the vehicle is not making full use of the potential of this increased connectivity. Being able to collect vehicle data for offline analysis and processing also brings huge benefits to the use of this technology.

Cybersecurity (CS) is crucial and significantly important in every product that is connected to the network/internet. ...Hence making it very important to guarantee that every single connected device shall have cybersecurity measures implemented to ensure the safety of the entire system. Looking into the forecasted worldwide growth in the electric vehicles (EV’s) segment, CS researchers have recently identified several vulnerabilities that exist in EV’s, electric vehicle supply equipment (EVSE) devices, communications to EVs, and upstream services, such as EVSE vendor cloud services, third party systems, and grid operators. ...Additional processes have been defined in the process reference and assessment model for the CS engineering in order to incorporate the cybersecurity related processes in the ASPICE scope. This paper aims at providing a model & brief overview to establish a correlation between the ASPICE, ISO/SAE 21434 and the ISO 26262 functional safety (FS) standards for development of a secured cybersecurity software with all the considerations that an organization can undertake.

Automotive electronics and enterprise IT are converging and thus open the doors for advanced hacking. With their immediate safety impact, cyberattacks on such systems will endanger passengers. Today, there are various methods of security verification and validation in the automotive industry. However, we realize that vulnerability detection is incomplete and inefficient with classic security testing. In this article, we show how an enhanced Grey-Box Penetration Test (GBPT) needs less test cases while being more effective in terms of coverage and indicating less false positives.

To build secure systems of road vehicles, the cybersecurity engineering standard ISO21434[11] suggests the evaluation of vulnerabilities throughout engineering process, such as attack path analysis, system requirement stage, software architecture, design, and implementation and testing phases. ...With my analysis and practices, it is appropriate to include the common vulnerabilities that ought to be an integral part of the automotive cybersecurity engineering process. In this paper, the author would like to provide a list of vulnerabilities that might be a suggestion for threat analysis and risk assessment and propose two solutions that may be adopted directly in the V-model for security-relevant software development.

Abstract Vehicular communications face unique security issues in wireless communications. While new vehicles are equipped with a large set of communication technologies, product life cycles are long and software updates are not widespread. The result is a host of outdated and unpatched technologies being used on the street. This has especially severe security impacts because autonomous vehicles are pushing into the market, which will rely, at least partly, on the integrity of the provided information. We provide an overview of the currently deployed communication systems and their security weaknesses and features to collect and compare widely used security mechanisms. In this survey, we focus on technologies that work in an ad hoc manner. This includes Long-Term Evolution mode 4 (LTE-PC5), Wireless Access in Vehicular Environments (WAVE), Intelligent Transportation Systems at 5 Gigahertz (ITS-G5), and Bluetooth.

R1T Exposed! A comprehensive teardown of Rivian's pioneering electric pickup reveals praiseworthy build quality, innovative thinking…and some lapses in manufacturability. EVs drive NVH materials innovation Skateboard platforms, high-frequency motor noise push lower dB thresholds and new countermeasure solutions. Optimizing design for additive manufacturing Avoiding the pitfalls of 3D printing requires knowing the process limitations - and how to work around them. An expert at a leading AM specialist shares insights on getting it right. Real-time processors help drive the zonal E/E revolution With its new generation of software-compatible processors, NXP aims to accelerate systems consolidation and performance.

Supplier Eye Inflation ignites another supplier squeeze Toyota reinvesting in collaborative safety research SAE and NREL partner to strengthen EV-charging cybersecurity Expanding the 'bubble' of cabin acoustics 2022 Ford F-150 Lightning redefines the pickup paradigm GM's Hummer EV is like nothing else