Search Results

Abstract This work introduces the concept of a dual-layer specification structure for standards that separate interoperability functions, such as backward compatibility, localization, and deployment, from those essential to reliability, security, and functionality. The latter group of features, which constitute the actual standard, make up the baseline layer for instructions, while all the elements required for interoperability are specified in a second layer, known as a Protocols, Operations, Usage, and Formats (POUF) document. We applied this technique in the development of a standard for Uptane [1], a security framework for over-the-air (OTA) software updates used in many automobiles. This standard is a good candidate for a dual-layer specification because it requires communication between entities, but does not require a specific format for this communication.

Abstract Modern vehicles integrate Internet of Things (IoT) components to bring value-added services to both drivers and passengers. These components communicate with the external world through different types of interfaces including the on-board diagnostics (OBD-II) port, a mandatory interface in all vehicles in the United States and Europe. While this transformation has driven significant advancements in efficiency and safety, it has also opened a door to a wide variety of cyberattacks, as the architectures of vehicles were never designed with external connectivity in mind, and accordingly, security has never been pivotal in the design. As standardized, the OBD-II port allows not only direct access to the internal network of the vehicle but also installing software on the Electronic Control Units (ECUs).

Abstract Inspection of Composite panels is vital to the assessment of their ability to be fit for purpose. Conventional methods such as X-ray CT and Ultrasonic scanning can be used, however, these are often expensive and time consuming processes. In this paper we investigate the use of off-the-shelf Non-Destructive Test, NDT, equipment utilizing Fringe projection hardware and open source software to rapidly evaluate a series of composite panels. These results are then verified using destructive analysis of the panels to prove the reliability of the rapid NDT methods for use with carbon composite panels. This process allows us to quickly identify regions of geometric intolerance or formed defects without the use of expensive sub-surface scanning systems, enabling a fast and cost effective initial part evaluation system. The focus of this testing series is on 6mm thick pre-preg carbon-epoxy composite laminates that have been laid up using AFP and formed using TRF.

Abstract There are already a number of cybersecurity activities introduced in the development process in the automotive industry. For example, security testing of automotive components is often performed at the late stages of development. Fuzz testing is often performed as part of the security testing activity. However, since testing occurs late in the development process, it is expensive and, in some cases, may be too late to fix certain identified issues. Another challenge is that some testing requires hardware that is costly and may not be available until late in the development. We suggest fuzz testing virtual ECUs, which overcomes these challenges and allows for more efficient and effective security testing.

Abstract The purpose of this article is to reduce the adverse effects of temperature rise on the electrical connector, reduce the failure risk of electrical connector due to the mismatch of current-carrying capacity selection, and improve the service life of the electrical connector. This article takes a certain type of vehicle electric connector as the research object. An accurate contact pair model of the electrical connector is established by SOLIDWORKS software. The force and thermoelectric coupling simulation analysis of the 3D solid model with reasonable load and boundary conditions was carried out by ABAQUS software. The results show that the insertion force and positive force of the electrical connector terminal are in line with the values specified in the standard.

Abstract Automotive cybersecurity engineers now have the challenge of delivering Risk Assessments of their products using a method that is described in the new standard for automotive cybersecurity: International Organization for Standardization/Society of Automotive Engineers (ISO/SAE) 21434. The ISO standards are not treated in the same way as regulations that are mandated by governing bodies. However, the new United Nations (UN) Regulation No. 155 “Cyber Security and Cyber Security Management” actually drives a need to apply ISO/SAE 21434. This article investigates the practical aspects of performing such a Threat Analysis and Risk Assessment (TARA) from system modelling and asset identification to attack modelling and the consequences an attack will have.

Abstract The frequency of video-capturing collision events from surveillance systems are increasing in reconstruction analyses. The video that has been provided to the investigator may not always include a clear perspective of the relevant area of interest. For example, surveillance video of an incident may have captured a pre- or post-incident perspective that, while failing to capture the precise moment when the pedestrian was struck by a vehicle, still contains valuable information that can be used to assist in reconstructing the incident. When surveillance video is received, a quick and efficient technique to place the subject object or objects into a three-dimensional environment with a known rate of error would add value to the investigation.

Abstract In the automotive domain, the evolution of electrical and electronic (E/E) architecture trend is toward consolidating multiple heterogeneous applications executing on individual devices onto a centralized powerful computing platform. Many forums debate the nature of this centralized computing platform. At least for another decade, automotive powertrain functions will continue their development on a multicore controller platform (MCU) instead of many core processors. Data security and the need to meet Automotive Safety Integrity Level D (ASIL-D)-compliant powertrain functions are some of the reasons for this preference. For the centralized computing platform, virtualizing the underlying MCU will facilitate the simultaneous execution of heterogeneous powertrain applications with guaranteed spatial and temporal isolation. A common problem in virtualizing the MCU is the sharing of peripherals, which are comparatively scarce.

Abstract Multi-body simulation is a well-established simulation technique in the analysis of internal combustion engines dynamics. The enhancement of multi-body simulation especially regarding flexible structures included effects of structural dynamics in the analysis and helped not only to broaden the field of application but also improved quality of the results. In connection to that there is a steady increase in the need for enhanced and refined modeling approaches for technical subsystems such as journal bearings. The paper on hand will present the elasto-hydrodynamic journal bearing module for the software FEV Virtual Engine which is a vertical application to the generic multi-body simulation suite Adams.

Abstract Present-day vehicles come with a variety of new features like the pre-crash warning, the vehicle-to-vehicle communication, semi-autonomous driving systems, telematics, drive by wire. They demand very high bandwidth from in-vehicle networks. Various ECUs present inside the automotive transmits useful information via automotive multiplexing. Transmission of data in real-time achieves optimum functionality. The high bandwidth and high-speed requirement can be achieved either by using multiple buses or by implementing higher bandwidth. But, by doing so, the cost of the network as well as the complexity of the wiring increases. Another option is to implement higher layer protocol which can reduce the amount of data transferred by using data reduction (DR) techniques, thus reducing the bandwidth usage. The implementation cost is minimal as the changes are required in the software only and not in hardware.

Abstract Autonomous vehicles (AVs) rely heavily upon their perception subsystems to “see” the environment in which they operate. Unfortunately, the effect of variable weather conditions presents a significant challenge to object detection algorithms, and thus, it is imperative to test the vehicle extensively in all conditions which it may experience. However, the development of robust AV subsystems requires repeatable, controlled testing—while real weather is unpredictable and cannot be scheduled. Real-world testing in adverse conditions is an expensive and time-consuming task, often requiring access to specialist facilities. Simulation is commonly relied upon as a substitute, with increasingly visually realistic representations of the real world being developed.

Letter from the Special Issue Editors

Abstract Formula Student Driverless (FSD) challenges engineering students to develop autonomous single-seater race cars in a quest to bring about more graduates who are well prepared to solve the real-world problems associated with autonomous driving. In this article, we present the software stack of KA-RaceIng’s entry to the 2019 competitions. We cover the essential modules of the system, including perception, localization, mapping, motion planning, and control. Furthermore, development methods are outlined, and an overview of the system architecture is given. We conclude by presenting selected runtime measurements, data logs, and competition results to provide an insight into the performance of the final prototype.

Abstract Identity-Anonymized CAN (IA-CAN) protocol is a secure CAN protocol, which provides the sender authentication by inserting a secret sequence of anonymous IDs (A-IDs) shared among the communication nodes. To prevent malicious attacks from the IA-CAN protocol, a secure and robust system error recovery mechanism is required. This article presents a central management method of IA-CAN, named the IA-CAN with a global A-ID, where a gateway plays a central role in the session initiation and system error recovery. Each ECU self-diagnoses the system errors, and (if an error happens) it automatically resynchronizes its A-ID generation by acquiring the recovery information from the gateway. We prototype both a hardware version of an IA-CAN controller and a system for the IA-CAN with a global A-ID using the controller to verify our concept.

Abstract Secure boot, although known for more than 20 years, frequent attacks from hackers that show numerous ways to bypass the security mechanism, including electronic control units (ECUs) of the automotive industry. This paper investigates the major causes of security weaknesses of secure boot implementations. Based on penetration test experiences, we start from an attacker’s perspective to identify and outline common implementation weaknesses. Then, from a Tier-One perspective, we analyze challenges in the research and development process of ECUs between original equipment manufacturers (OEMs) and suppliers that amplify the probability of such weakness. The paper provides recommendations to increase the understanding of implementing secure boot securely on both sides and derives a set of reference requirements as a starting point for secure boot ECU requirements.

Abstract Over the past forty years, the Electronic Control Unit (ECU) technology has grown in both sophistication and volume in the automotive sector, and modern vehicles may comprise hundreds of ECUs. ECUs typically communicate via a bus-based network architecture to collectively support a broad range of safety-critical capabilities, such as obstacle avoidance, lane management, and adaptive cruise control. However, this technology evolution has also brought about risks: if ECU firmware is compromised, then vehicle safety may be compromised. Recent experiments and demonstrations have shown that ECU firmware is not only poorly protected but also that compromised firmware may pose safety risks to occupants and bystanders.

Abstract In this article, a novel hybrid metaheuristic based on passing vehicle search (PVS) cultural algorithm (CA) is proposed. This contribution has a twofold aim: First is to present the new hybrid PVS-CA. Second is to prove the effectiveness of the proposed algorithm for adaptive signal timing optimization. For this, a system that can adapt efficiently to the real-time traffic situation based on priority signal control is developed. Hence, Transit Signal Priority (TSP) techniques have been used to adjust signal phasing in order to serve emergency vehicles (EVs) and manage the tram priority in a coordinated tram intersection. The system used in this study provides cyclic signal operation based on a real-time control approach, including an optimization process and a database to manage the sensor data from detectors for real-time predictions of EV and tram arrival time.

Abstract Automotive software is increasingly complex and critical to safe vehicle operation, and related embedded systems must remain up to date to ensure long-term system performance. Update mechanisms and data modification tools introduce opportunities for malicious actors to compromise these cyber-physical systems, and for trusted actors to mistakenly install incompatible software versions. A distributed and stratified “black box” audit trail for automotive software and data provenance is proposed to assure users, service providers, and original equipment manufacturers (OEMs) of vehicular software integrity and reliability. The proposed black box architecture is both layered and diffuse, employing distributed hash tables (DHT), a parity system and a public blockchain to provide high resilience, assurance, scalability, and efficiency for automotive and other high-assurance systems.

Abstract The European Union’s pro-ecological policy imposes a requirement to use biofuel additives in diesel fuel which is supposed to support the sustainable development of transport and limit its negative impact on the natural environment. The study presents an analysis of the exhaust gas components and the amount of solid particles carried out for internal combustion engines fueled with mixtures of diesel fuel and fatty acid methyl esters. Additionally, the computer software of the tested power units was modified by changing the amount of fuel to be supplied and the air intake. The goal of the tests was to find out how the fuel mixture and reprogramming of the computer control systems would impact the emission of exhaust gas components. Based on the tests, it was found that an additive of fatty acid methyl esters to diesel does have an influence on the tested unit parameters.

Abstract Designers of automotive systems find themselves pulled in an impossible number of directions. Systems must use the most advanced security features, but at the same time run on low-cost and resource-constrained hardware. Ultimately, an engineering trade-off will eventually be made regarding how encryption and key management is used on these systems, potentially leaving them vulnerable to attack. In this paper, we detail the applicability of side-channel power analysis and fault injection on automotive electronic systems, showing how these dangerous techniques can be used to break an otherwise secure system. We build a small example network using AES-CCM to implement an encrypted, authenticated CAN protocol. We demonstrate how open-source hardware and software can easily recover the encryption keys from some of these nodes with side-channel power analysis, and we recover a full firmware image from one device with a fault-injection attack using the same tools.