Search Results

With the development of vehicle intelligence and the Internet of Vehicles, how to protect the safety of the vehicle network system has become a focus issue that needs to be solved urgently. The Controller Area Network (CAN) bus is currently a very widely used vehicle-mounted bus, and its security largely determines the degree of vehicle-mounted information security. The CAN bus lacks adequate protection mechanisms and is vulnerable to external attacks such as replay attacks, modifying attacks, and so on. On the basis of the existing work, this paper proposes an authentication method that combines Hash-based Message Authentication Code (HMAC)-SHA256 and Tiny Encryption Algorithm (TEA) algorithms. This method is based on dynamic identity authentication in challenge/response made and combined with the characteristics of the CAN bus itself as it achieves the identity authentication between the gateway and multiple electronic control units (ECUs).

Access control enforces security policies for controlling critical resources. For V2X (Vehicle to Everything) autonomous military vehicle fleets, network middleware systems such as ROS (Robotic Operating System) expose system resources through networked publisher/subscriber and client/server paradigms. Without proper access control, these systems are vulnerable to attacks from compromised network nodes, which may perform data poisoning attacks, flood packets on a network, or attempt to gain lateral control of other resources. Access control for robotic middleware systems has been investigated in both ROS1 and ROS2. Still, these implementations do not have mechanisms for evaluating a policy's consistency and completeness or writing expressive policies for distributed fleets. We explore an RBAC (Role-Based Access Control) mechanism layered onto ROS environments that uses local permission caches with precomputed truth tables for fast policy evaluation.

But unfortunately, automotive cybersecurity researchers hardly produce a comprehensive detection method due to the confidential nature of Controller Area Network (CAN) DBC format files, which is a standard long maintained by car manufacturers.

In adjusting the data flow, this is an option to increase the cybersecurity for a complete system. This addition to the cybersecurity system provides a clear benefit. ...While this is the traditional application experienced, there are other applications relevant to cybersecurity. As part of the blockchain technology, the nodes are responsible for decision-making.

Strategies designed to deal with these challenges differ in the way in which added duties are assigned and cybersecurity topics are integrated into the already existing process steps. Cybersecurity requirements often clash with existing system requirements or established development methods, leading to low acceptance among developers, and introducing the need to have clear policies on how friction between cybersecurity and other fields is handled. ...Cybersecurity requirements often clash with existing system requirements or established development methods, leading to low acceptance among developers, and introducing the need to have clear policies on how friction between cybersecurity and other fields is handled. A cybersecurity development approach is frequently perceived as introducing impediments, that bear the risk of cybersecurity measures receiving a lower priority to reduce inconvenience. ...For an established development process and a team accustomed to this process, adding cybersecurity features to the product initially means inconvenience and reduced productivity without perceivable benefits.

This paper is the second in the series of documents designed to record the progress of a series of SAE documents - SAE J2836™, J2847, J2931, & J2953 - within the Plug-In Electric Vehicle (PEV) Communication Task Force. This follows the initial paper number 2010-01-0837, and continues with the test and modeling of the various PLC types for utility programs described in J2836/1™ & J2847/1. This also extends the communication to an off-board charger, described in J2836/2™ & J2847/2 and includes reverse energy flow described in J2836/3™ and J2847/3. The initial versions of J2836/1™ and J2847/1 were published early 2010. J2847/1 has now been re-opened to include updates from comments from the National Institute of Standards Technology (NIST) Smart Grid Interoperability Panel (SGIP), Smart Grid Architectural Committee (SGAC) and Cyber Security Working Group committee (SCWG).

With the introduction of Connected Vehicles, it is possible to extend the limited horizon of vehicles on the road by collective perceptions, where vehicles periodically share their information with other vehicles and servers using cloud. Nevertheless, by the time the connected vehicle spread expands, it is critical to understand the validation techniques which can be used to ensure a flawless transfer of data and connectivity. Connected vehicles are mainly characterized by the smartphone application which is provided to the end customers to access the connectivity features in the vehicle. The end result which is delivered to the customer is through the integrated telematics unit in the vehicle which communicates through a communication layer with the cloud platform. The cloud server in turn interacts with the final application layer of the mobile application given to the customer.

Driven by the growing internet and remote connectivity of automobiles, combined with the emerging trend to automated driving, the importance of security for automotive systems is massively increasing. Although cyber security is a common part of daily routines in the traditional IT domain, necessary security mechanisms are not yet widely applied in the vehicles. At first glance, this may not appear to be a problem as there are lots of solutions from other domains, which potentially could be re-used. But substantial differences compared to an automotive environment have to be taken into account, drastically reducing the possibilities for simple reuse. Our contribution is to address automotive electronics engineers who are confronted with security requirements. Therefore, it will firstly provide some basic knowledge about IT security and subsequently present a selection of automotive specific security use cases.

The article also focus on innovative approaches that have recently adopted my many cybersecurity professionals for secured operation of ITS involving block-chain, artificial intelligence, and Machine Learning.

UNECE R155 explicitly references ISO/SAE 21434 and mandates a certified cybersecurity management system (CSMS) as a prerequisite for automotive manufacturers to achieve vehicle type approval and sell new vehicle types. ...However, the gap in the CSMS framework is a lack in a standardized system that provides guidance and common criteria for automakers to measure a vehicle’s level of compliance and compute a publicly accepted cybersecurity rating. To help establish increased consumer confidence, OEMs and smart mobility stakeholders could take additional proactive steps to ensure the safety and security of their products. ...This paper addresses the above requirement and discusses the cybersecurity rating framework (CSRF) that could establish a framework for rating vehicle cybersecurity by standardizing the measurement criteria, parameter vectors, process, and tools.

The lack of inherent security controls makes traditional Controller Area Network (CAN) buses vulnerable to Machine-In-The-Middle (MitM) cybersecurity attacks. Conventional vehicular MitM attacks involve tampering with the hardware to directly manipulate CAN bus traffic.

Automotive system functionalities spread over a wide range of sub-domains ranging from non-driving related components to complex autonomous driving related components. The requirements to design and develop these components span across software, hardware, firmware, etc. elements. The successful development of these components to achieve the needs from the stockholders requires accurate understanding and traceability of the requirements of these component systems. The high-level customer requirements transformation into low level granularity requires an efficient requirement engineer. The manual understanding of the customer requirements from the requirement documents are influenced by the context and the knowledge gap of the requirement engineer in understanding and transforming the requirements.

Software vulnerability management is one of the most critical and crucial security techniques, which analyzes the automotive software/firmware across the digital cockpit, ADAS, V2X, etc. domains for vulnerabilities, and provides security patches for the concerned Common Vulnerabilities and Exposures (CVE). The process of automotive SW/FW vulnerability management system between the OEMs and vendors happen through a channel of fixing a certain number of vulnerabilities by 1st tier supplier which needs to be verified in front of OEMs for the fixed number and type of patches in there deliverable SW/FW. The gap of verification between for the fixed patches between the OEMs and 1st tier supplier requires a reliable human independent intelligent technique to have a trustworthiness of verification.

., driver assistance functions, intrusion detection system, vehicle diagnostics, external device authentication during vehicle diagnostics, vehicle-to-grid and so on). The cybersecurity attacks targeting the global time result in false time, accuracy degradation, and denial of service as stated in IETF RFC 7384.

In the past, research on blockchain technology has addressed security and privacy concerns within intelligent transportation systems for critical V2I and V2V communications that form the backbone of Internet of Vehicles. Within trucking industry, a recent trend has been observed towards the use of blockchain technology for operations. Industry stakeholders are particularly looking forward to refining status quo contract management and vehicle maintenance processes through blockchains. However, the use of blockchain technology for enhancing vehicle performance in fleets, especially while considering the fact that modern-day intelligent vehicles are prone to cyber security threats, is an area that has attracted less attention. In this paper, we demonstrate a case study that makes use of blockchains to securely optimize the fuel economy of fleets that do package pickup and delivery (P&D) in urban areas.

Android applications have historically faced vulnerabilities to man-in-the-middle attacks due to insecure custom SSL/TLS certificate validation implementations. In response, Google introduced the Network Security Configuration (NSC) as a configuration-based solution to improve the security of certificate validation practices. NSC was initially developed to enhance the security of Android applications by providing developers with a framework to customize network security settings. However, recent studies have shown that it is often not being leveraged appropriately to enhance security. Motivated by the surge in vehicular connectivity and the corresponding impact on user security and data privacy, our research pivots to the domain of mobile applications for vehicles. As vehicles increasingly become repositories of personal data and integral nodes in the Internet of Things (IoT) ecosystem, ensuring their security moves beyond traditional issues to one of public safety and trust.

Autonomous vehicles might one day be able to implement privacy preserving driving patterns which humans may find too difficult to implement. In order to measure the difference between location privacy achieved by humans versus location privacy achieved by autonomous vehicles, this paper measures privacy as trajectory anonymity, as opposed to single location privacy or continuous privacy. This paper evaluates how trajectory privacy for randomized driving patterns could be twice as effective for autonomous vehicles using diverted paths compared to Google Map API generated shortest paths. The result shows vehicles mobility patterns could impact trajectory and location privacy. Moreover, the results show that the proposed metric outperforms both K-anonymity and KDT-anonymity.

CAN bus network proved to be efficient and dynamic for small compact cars as well as heavy-duty vehicles (HDV). However, HDVs are more susceptible to malicious attacks due to lack of security in their intra-vehicle communication protocols. SAE proposed a new standard named J1939-91C for CAN-FD networks which provides methods for establishing trust and securing mutual messages with optional encryption. J1939-91C ensures message authenticity, integrity, and confidentiality by implementing complex cryptographic operations including hash functions and random key generation. In this paper, the three main phases of J1939-91C, i.e., Network Formation, Rekeying, and Message Exchange, are simulated and tested on Electronic Control Units (ECUs) supporting CAN-FD network. Numerous test vectors were generated and validated to support SAE J1939-91C. The mentioned vectors were produced by simulating different encryption and hashing algorithms with variable message and key lengths.

In agriculture industry, increasing use of Vehicle Internet of Things (IoT), telematics and emerging technologies are resulting in smarter machines with connected solutions. Inter and Intra Communication with vehicle to vehicle and inside vehicle - Electronic Control Unit (ECU) to ECU or ECU (Electronic Control Unit) to sensor, requirement for flow of data increased in-turn resulting in increased need for secure communication. In this paper, we focus on functional verification and validation of secure Controller Area Network (CAN) for intra vehicular communication to establish confidentiality, integrity, authenticity, and freshness of data, supporting safety, advanced automation, protection of sensitive data and IP (Intellectual Property) protection. Network security algorithms and software security processes are the layers supporting to achieve our cause.

There continues to be massive advancements in modern connected vehicles and with these advancements, connectivity continues to rapidly become more integral to the way these vehicles are designed and operated. Vehicle connectivity was originally introduced for the purpose of providing software updates to the vehicle’s main system software, and we have seen the adoption of Over The Air updates (OTA) become mainstream with most OEMs. The exploitation of this connectivity is far more reaching than just basic software updates. In the latest vehicles it is possible to update software not just on the main vehicle systems, but to potentially update embedded software in all smart ECUs within the vehicle. Only using the connectivity to push data to the vehicle is not making full use of the potential of this increased connectivity. Being able to collect vehicle data for offline analysis and processing also brings huge benefits to the use of this technology.