Search Results

COMVEC™ conference is the only North American event that addresses vehicles and equipment spanning on-highway, off-highway, agricultural, construction, industrial, military, and mining sectors.

 Sometimes mandatory, often voluntary, security frameworks are created to provide federal and commercial organizations with an effective roadmap for securing information technology (IT) systems. The goal is to reduce risk levels and prevent or mitigate cyberattacks. To accomplish this task, security frameworks typically provide a series of documented, agreed upon, and understood policies, procedures, and processes necessary to secure the confidentiality, integrity, and availability of information systems and data.

The purpose of this document is to facilitate an understanding of aircraft information security and to develop aircraft information security operational concepts. This common understanding is important since a number of subcommittees and working groups within the aeronautical industry are considering aircraft information security. This document also provides an aircraft information security process framework relating to airline operational needs that, when implemented by an airline and its suppliers, will enable the safe and secure dispatch of the aircraft in a timely manner. This framework facilitates development of cost-effective aircraft information security and provides a common language for understanding security needs.

With the introduction of Connected Vehicles, it is possible to extend the limited horizon of vehicles on the road by collective perceptions, where vehicles periodically share their information with other vehicles and servers using cloud. Nevertheless, by the time the connected vehicle spread expands, it is critical to understand the validation techniques which can be used to ensure a flawless transfer of data and connectivity. Connected vehicles are mainly characterized by the smartphone application which is provided to the end customers to access the connectivity features in the vehicle. The end result which is delivered to the customer is through the integrated telematics unit in the vehicle which communicates through a communication layer with the cloud platform. The cloud server in turn interacts with the final application layer of the mobile application given to the customer.

This SAE Recommended Practice establishes a uniform practice for protecting vehicle components from "unauthorized" access through a vehicle data link connector (DLC). The document defines a security system for motor vehicle and tool manufacturers. It will provide flexibility to tailor systems to the security needs of the vehicle manufacturer. The vehicle modules addressed are those that are capable of having solid state memory contents accessed or altered through the data link connector. Improper memory content alteration could potentially damage the electronics or other vehicle modules; risk the vehicle compliance to government legislated requirements; or risk the vehicle manufacturer's security interests. This document does not imply that other security measures are not required nor possible.

This SAE Recommended Practice establishes a uniform practice for protecting vehicle components from "unauthorized" access through a vehicle data link connector (DLC). The document defines a security system for motor vehicle and tool manufacturers. It will provide flexibility to tailor systems to the security needs of the vehicle manufacturer. The vehicle modules addressed are those that are capable of having solid state memory contents accessed or altered through the data link connector. Improper memory content alteration could potentially damage the electronics or other vehicle modules; risk the vehicle compliance to government legislated requirements; or risk the vehicle manufacturer's security interests. This document does not imply that other security measures are not required nor possible.

This SAE Recommended Practice establishes a uniform practice for protecting vehicle components from "unauthorized" access through a vehicle data link connector (DLC). The document defines a security system for motor vehicle and tool manufacturers. It will provide flexibility to tailor systems to the security needs of the vehicle manufacturer. The vehicle modules addressed are those that are capable of having solid state memory contents accessed or altered through the data link connector. Improper memory content alteration could potentially damage the electronics or other vehicle modules; risk the vehicle compliance to government legislated requirements; or risk the vehicle manufacturer's security interests. This document does not imply that other security measures are not required nor possible.

A broad range of information is being delivered to and used within modern vehicles. Information-based applications are becoming more highly integrated into the automobile. Security services are necessary to provide appropriate protection for this information. Encryption, digital signature, and hash functionalities enable information security services such as confidentiality, authentication, integrity and non-repudiation. However, the consumer of in-vehicle information services will not accept security services that introduce any inconvenience to their activities. This paper will discuss various security service methods and security management systems and propose methods to integrate these services acceptably into vehicle-based applications.

The 2022 COMVEC™ technical program focused on the commercial vehicle industry's crucial topics such as electrification, connectivity, off-highway, cybersecurity, autonomous and more!

The 2022 COMVEC™ technical program focused on the commercial vehicle industry's crucial topics such as electrification, connectivity, off-highway, cybersecurity, autonomous and more!

The results of this work is allowed to identify a number of cybersecurity threats of the automated security-critical automotive systems, which reduces the efficiency of operation, road safety and system safety. ...According to the evaluating criterion of board electronics, the presence of poorly-protected communication channels, the 75% of the researched modern vehicles do not meet the minimum requirements of cybersecurity due to the danger of external blocking of vital systems. The revealed vulnerabilities of the security-critical automotive systems lead to the necessity of developing methods for mechanical and electronic protection of the modern vehicle. ...The law of normal distribution of the mid-points of the expert evaluation of the cyber-security of a modern vehicle has been determined. Based on the system approach, ranking of the main cybersecurity treats is performed.

As mobility software becomes increasingly complex and connected, so does the risk of human error and system safety. To combat this, New York-based software company AdaCore will work with Nvidia Corporation of Santa Clara, California to apply open-source Ada and SPARK programming languages for select software security firmware elements in highly-complex, safety-critical systems like Nvidia’s DRIVE AGX automated and autonomous vehicle solutions.

The 2022 COMVEC™ technical program focused on the commercial vehicle industry's crucial topics such as electrification, connectivity, off-highway, cybersecurity, autonomous and more!

Annual conference government policy, regulatory makers, automotive industry neutral forum discuss US government regulation, technology, customer acceptance future vehicle design. industry event safety, emission control, fuel efficiency, automated vehicles.

We propose a security-testing framework to analyze attack feasibilities for automotive control software by integrating model-based development with model checking techniques. Many studies have pointed out the vulnerabilities in the Controller Area Network (CAN) protocol, which is widely used in in-vehicle network systems. However, many security attacks on automobiles did not explicitly consider the transmission timing of CAN packets to realize vulnerabilities. Additionally, in terms of security testing for automobiles, most existing studies have only focused on the generation of the testing packets to realize vulnerabilities, but they did not consider the timing of invoking a security testing. Therefore, we focus on the transmit timing of CAN packets to realize vulnerabilities. In our experiments, we have demonstrated the classification of feasible attacks at the early development phase by integrating the model checking techniques into a virtualized environment.

Software needs security. That's a consequence of using software to control critical systems. It's difficult because software is inherently a complex artifact, even when the code just consists of a single sequential program in a single programming language, with well-defined inputs and outputs. Of course, actual software rarely if ever has such a simple structure. Security needs software. That's a consequence of the complexity just mentioned. No process can ensure security at scale unless it is automated by using software itself: programming languages, verification tools, software platforms.

It is deemed that currently the intelligent connected vehicle (ICV) is in its early stage of development, and it will go through multiple development stages in the future to realize its final goal—autonomous driving. Based on the existing ICV researches, this paper believes that ICV can be used to improve the efficiency and safety of freeway. The current research of ICV has two main directions: one focuses on the traffic flow characteristics of vehicles with different attributes, the other is concerned with using ICV to reduce congestion. From the policies issued by countries around the world and the development plans promoted by major vehicle manufacturers, the future development trends and challenges of ICV are analyzed. ICV must overcome all the shortcomings to achieve its final goal, including insufficient hardware capabilities or excessive cost, and the degree of intelligence that needs to be improved.

Their associated information technology and cyber physical systems—along with an exponentially resultant number of interconnections—present a massive cybersecurity challenge. Unlike the physical security challenge, which was treated in earnest throughout the last decades, cyber-attacks on airports keep coming, but most airport lack essential means to confront such cyber-attacks. ...These missing means are not technical tools, but rather holistic regulatory directives, technical and process standards, guides, and best practices for airports cybersecurity—even airport cybersecurity concepts and basic definitions are missing in certain cases. Unsettled Topics Concerning Airport Cybersecurity Standards and Regulation offers a deeper analysis of these issues and their causes, focusing on the unique characteristics of airports in general, specific cybersecurity challenges, missing definitions, and conceptual infrastructure for the standardization and regulation of airports cybersecurity. ...Unsettled Topics Concerning Airport Cybersecurity Standards and Regulation offers a deeper analysis of these issues and their causes, focusing on the unique characteristics of airports in general, specific cybersecurity challenges, missing definitions, and conceptual infrastructure for the standardization and regulation of airports cybersecurity.