With the development of vehicle intelligence and the Internet of Vehicles, how to protect the safety of the vehicle network system has become a focus issue that needs to be solved urgently. The Controller Area Network (CAN) bus is currently a very widely used vehicle-mounted bus, and its security largely determines the degree of vehicle-mounted information security. The CAN bus lacks adequate protection mechanisms and is vulnerable to external attacks such as replay attacks, modifying attacks, and so on. On the basis of the existing work, this paper proposes an authentication method that combines Hash-based Message Authentication Code (HMAC)-SHA256 and Tiny Encryption Algorithm (TEA) algorithms. This method is based on dynamic identity authentication in challenge/response made and combined with the characteristics of the CAN bus itself as it achieves the identity authentication between the gateway and multiple electronic control units (ECUs).
Abstract Automotive software is increasingly complex and critical to safe vehicle operation, and related embedded systems must remain up to date to ensure long-term system performance. Update mechanisms and data modification tools introduce opportunities for malicious actors to compromise these cyber-physical systems, and for trusted actors to mistakenly install incompatible software versions. A distributed and stratified “black box” audit trail for automotive software and data provenance is proposed to assure users, service providers, and original equipment manufacturers (OEMs) of vehicular software integrity and reliability. The proposed black box architecture is both layered and diffuse, employing distributed hash tables (DHT), a parity system and a public blockchain to provide high resilience, assurance, scalability, and efficiency for automotive and other high-assurance systems.
In adjusting the data flow, this is an option to increase the cybersecurity for a complete system. This addition to the cybersecurity system provides a clear benefit. ...While this is the traditional application experienced, there are other applications relevant to cybersecurity. As part of the blockchain technology, the nodes are responsible for decision-making.
Abstract Over the past forty years, the Electronic Control Unit (ECU) technology has grown in both sophistication and volume in the automotive sector, and modern vehicles may comprise hundreds of ECUs. ECUs typically communicate via a bus-based network architecture to collectively support a broad range of safety-critical capabilities, such as obstacle avoidance, lane management, and adaptive cruise control. However, this technology evolution has also brought about risks: if ECU firmware is compromised, then vehicle safety may be compromised. Recent experiments and demonstrations have shown that ECU firmware is not only poorly protected but also that compromised firmware may pose safety risks to occupants and bystanders.
GM's CTO driving new paths to technology leadership 'We're making actual production commitments regarding our advanced-technology strategy, rather than just talking about it,' says GM's CTO Jon Lauckner. 'We're absolutely going to be among the leaders, if not the leader, in these areas.' Aluminum prepares for its next big leap Ford's F-Series blockbuster was just the beginning. New micromills now in pilot phase aim to bring vastly stronger and more formable light-alloy materials at higher capacity, says Alcoa's Mike Murphy. Slick solutions for friction reduction From new lubricants to 'smart' oil pumps and clever bearing technologies, engine designers are attacking every potential source of spin losses and internal friction in the quest for more mechanical work out of less fuel. Next-gen NSX: a twin-turbo, multi-material Ferrari-fighter The production NSX made its much-awaited global debut at NAIAS in January.
Global Viewpoints The latest strategies are investigated for vehicle development by automakers and major suppliers. Sports cars embrace array of green technology IMSA Tudor United SportsCar Championship promotes a variety of green technologies to link racing to the road. More gears, more challenges Many strategies, as well as key software and hardware aspects related to controllers, networks, sensors, and actuators, must be considered to keep automatic transmissions shifting smoothly as more gears are added to improve fuel economy. Advancing structural composites Industry experts address the opportunities and challenges involved with moving toward composite-intensive vehicles, including Nissan's effort to produce a high-volume, fully recyclable composite liftgate with low metal content.
Volkswagen reveals its 'people's' EV VW's ID.4 leads the 2021 stampede to electrification for the mass market. Answering the fuel-cell compressor question The optimum compressor device for a fuel cell depends on vehicle application - and a lot more. An Eaton expert explains. Tire pressure's impact on EV driving range A new study shows that tighter control of tire-pressure loss can lead to marked improvement in electric-vehicle efficiency. Editorial Warm socks for the EV options list Supplier Eye For suppliers, a new drumbeat New SAE wireless charging standard is EV game-changer Tula DMD aims for more-efficient e-machines Multiphysics helps transform modeling, simulation Is the camshaft being timed out? New Magna seat puts connectivity in the second row BMW reveals its first "M" performance-badged two-wheeler Volkswagen readies new-generation Golf R Q&A Discussing safety tech, standards and industry trends with Hyundai North America's Brian Latouf
New vision @ Gentex Creating a vital ADAS partner through home-grown R&D and manufacturing in (of all places) western Michigan. Positioning for hybrid growth BorgWarner "modularizes" to provide OEMs optimal electrified-driveline flexibility. Editorial: Beleaguered diesel could use a break-or a breakthrough SAE Standards News Kickoff to begin testing program to validate SAE J2954 wireless charging Recommended Practice Supplier Eye Will you be an active participant or passive bystander? The Navigator For future vehicles, communication equals trust Tenneco readies new semi-active digital suspension for 2020 New 90-degree turbo V6 leads Audi's hybridization blitz GKN using modular control algorithms for added systems integration U of M students engineer new autonomous shuttle system Jaguar's 2018 E-Pace shares Land Rover bones Ford pumps powertrains for 2018 F-150 2018 Subaru Crosstrek moves to new global platform Nissan's Ponz Pandikithura on EV lifecycle value
Strategies designed to deal with these challenges differ in the way in which added duties are assigned and cybersecurity topics are integrated into the already existing process steps. Cybersecurity requirements often clash with existing system requirements or established development methods, leading to low acceptance among developers, and introducing the need to have clear policies on how friction between cybersecurity and other fields is handled. ...Cybersecurity requirements often clash with existing system requirements or established development methods, leading to low acceptance among developers, and introducing the need to have clear policies on how friction between cybersecurity and other fields is handled. A cybersecurity development approach is frequently perceived as introducing impediments, that bear the risk of cybersecurity measures receiving a lower priority to reduce inconvenience. ...For an established development process and a team accustomed to this process, adding cybersecurity features to the product initially means inconvenience and reduced productivity without perceivable benefits.
In this paper, we outline past, present and future applications of automotive security for engine ECUs. Electronic immobilizers and anti-tuning countermeasures have been used for several years. Recently, OEMs and suppliers are facing more and more powerful attackers, and as a result, have introduced stronger countermeasures based on hardware security. Finally, with the advent of connected cars, it is expected that many things that currently require a physical connection will be done remotely in a near future. This includes remote diagnostics, reprogramming and engine calibration.
The scope of this SAE Recommended Practice is to require the use of the same Security Services as defined by the International Standard ISO/CD 15764, modified by the Class of Security as determined by the resource provider and referenced in Table 1, Extended Data Link Security References.
The scope of this SAE Recommended Practice is to require the use of the same Security Services as defined by the International Standard ISO/CD 15764, modified by the Class of Security as determined by the resource provider and referenced in Table 1, Extended Data Link Security References.
Austrian telematics company, Dolphin Technologies GmbH, has created a new cryptocurrency that could lead to less mobile phone-related traffic accidents. The company’s Mobilio app rewards drivers with points when they ignore their mobile phones while driving.
TIoTA, an open software consortium of over 50 members organized to support the creation of a secure, scalable, interoperable, and trusted IoT ecosystem, began the E-Mobility Challenge to link IoT devices with consumers and stakeholder companies such as operators and service, communication, and payment providers within the preexisting European electric vehicle ecosystem.
CAN bus network proved to be efficient and dynamic for small compact cars as well as heavy-duty vehicles (HDV). However, HDVs are more susceptible to malicious attacks due to lack of security in their intra-vehicle communication protocols. SAE proposed a new standard named J1939-91C for CAN-FD networks which provides methods for establishing trust and securing mutual messages with optional encryption. J1939-91C ensures message authenticity, integrity, and confidentiality by implementing complex cryptographic operations including hash functions and random key generation. In this paper, the three main phases of J1939-91C, i.e., Network Formation, Rekeying, and Message Exchange, are simulated and tested on Electronic Control Units (ECUs) supporting CAN-FD network. Numerous test vectors were generated and validated to support SAE J1939-91C. The mentioned vectors were produced by simulating different encryption and hashing algorithms with variable message and key lengths.
In conjunction with an increasing number of related laws and regulations (such as UNECE R155 and ISO 21434), these drive security requirements in different domains and areas. 2 In this paper we examine the upcoming trends in EE architectures and investigate the underlying cyber-security threats and corresponding security requirements that lead to potential requirements for “Automotive Embedded Hardware Trust Anchors” (AEHTA).
Access mechanisms to system data and/or control is a primary use case of the hardware protected security environment (hardware protected security environment) during different uses and stages of the system. The hardware protected security environment acts as a gatekeeper for these use cases and not necessarily as the executor of the function. This section is a generalization of such use cases in an attempt to extract common requirements for the hardware protected security environment that enable it to be a gatekeeper. Examples are: Creating a new key fob Re-flashing ECU firmware Reading/exporting PII out of the ECU Using a subscription-based feature Performing some service on an ECU Transferring ownership of the vehicle Some of these examples are discussed later in this section and some have detailed sections of their own. This list is by no means comprehensive.
The Mobility Open Blockchain Initiative – a global nonprofit working to create standards in blockchain, distributed ledgers, and related technologies for consumers, smart cities, and mobility – has launched the industry's first vehicle identification (VID) standard incorporating blockchain technology into a digital vehicle identification system.