Browse Publications Collections E-JOURNAL-11

SAE International Journal of Transportation Cybersecurity and Privacy

Discontinued from 2022

Thomas M. Forest, General Motors Research & Development, USA
Kevin Harnett, Department of Transportation (DOT)/Volpe National Transportation Systems Center, USA
Dr. André Weimerskirch, Lear Corporation, USA

Indexed in

Author Resources
Published Volumes

Aims and Scope
The SAE International Journal of Transportation Cybersecurity and Privacy is a scholarly publication of original high-quality scientific articles focusing on the Cyber Physical System (CPS) related areas of transportation cybersecurity and privacy. Articles can present methods, tools, implementations, and applications of research in transportation cybersecurity and privacy around technologies, cybersecurity engineering process, and security economics and environment. The natural scope includes passenger vehicles and commercial and heavy-duty vehicles, as well as aerospace systems. Additional transportation systems, such as rail and maritime systems, are also in scope.

Cybersecurity and Privacy Technologies

  • Cybersecurity of sensors and cyber-physical systems
  • Design of resilient architectures and applications
  • Privacy and data protection issues in transportation systems
  • Hardware security and secure hardware modules
  • Security of vehicular communications (on-board, between vehicles, and between vehicles and infrastructure)
  • Security of application platforms
  • Intrusion and anomaly detection systems
  • Forensics and analytics
  • Security of legally mandated applications (e.g., event data recorders, flight data recorders, tachographs, etc.)
  • Security of cloud-based infrastructure
  • Security of road pricing, restricted area access and vehicle monitoring
  • Security of vehicle theft deterrent, immobilization, and theft response solutions
  • Security of vehicular rights control and audit (e.g., feature activation)
  • Security of emergent technologies (e.g., automated driving, unmanned aerial vehicle, and electric vehicles)
  • Anti-reverse engineering

Cybersecurity and Privacy Engineering Process

  • Cybersecurity engineering process
  • Privacy by design
  • Security throughout the system life-cycle
  • Vehicle-related information sharing and vulnerability coordination
  • Software assurance and formal methods
  • Security standardization
  • Supply chain integrity and traceability
  • Communication of cybersecurity risks, impacts, and priorities
  • Cybersecurity assurance testing
  • Information and processes to drive organizational awareness
  • Incident response
  • Collaboration and engagement of stakeholders
  • Reverse engineering and penetration testing

Cybersecurity Economics and Environment

  • Security economics of both attackers and defenders
  • Security of vehicle-driven business, maintenance, and service models
  • Understanding and harnessing the hacker mindset
  • Right to repair issues
  • Impact of privacy/security requirements that vary by jurisdiction

This journal is a member of COPE (Committee on Publication Ethics). The journal’s publication processes and ethics policies follow COPE guidelines.

Editorial Board


Thomas M. Forest, General Motors Research & Development, USA: Thomas M. Forest (Tom) is a Senior Technical Fellow with General Motors Research & Development in Warren, Michigan. Tom is a member of the Electrical & Controls Systems Research Laboratory, working primarily in the areas of vehicle cybersecurity, vehicle electrical architecture, in-vehicle networking, and safety-critical systems. Since 2011 Tom has been the chairman of the SAE Vehicle Electrical Systems Security Committee and has over 30 years of experience in automotive electrical system design.

Kevin Harnett, Department of Transportation (DOT)/Volpe National Transportation Systems Center, USA: Kevin Harnett is a Program Manager for the United States Department of Transportation (DOT) at the Volpe National Transportation Systems Center located in Cambridge, Massachusetts. Mr. Harnett has over 36 years of combined project management, technical consulting, and implementation skills. Kevin is a Cybersecurity Program Manager (PM) with experience providing technical leadership in planning, implementing, and managing high-priority programs involving cybersecurity and risk management for the DOT, Federal Aviation Administration (FAA), National Highway and Traffic Safety (NHTSA), DOD/USAF, Defense Information Systems Agency (DISA), NASA, DHS, and other agencies. From 2010-2014, Kevin supported NHTSA on their “Research Planning for Cybersecurity of Automotive Safety—Critical Electronic Control Systems” Program and the development of a Vehicle Cybersecurity Threat/Risk Model, Assessment of the Automotive Information Sharing and Analysis Center (Auto ISAC) Model Paper, Vehicle Cybersecurity Testing laboratory, and Vehicle Cybersecurity Guidance. Since October 2014, Kevin has supported DHS Science and Technology (S&T) Cybersecurity Division (CSD) on three major programs focusing on automotive cybersecurity: Automotive Cybersecurity Industry Consortium (ACIC), Cybersecurity for Government Vehicles Program, and Automotive Cybersecurity Tools Research. In support of DHS, Kevin has been evaluating OBD-2 dongles/telematics systems, Open Source CAN tools, CAN Bus, Bluetooth, etc., and state-of-the-art Automotive Cybersecurity countermeasures, such as Intrusion Detection System (IDS), Intrusion Prevention Systems (IPS), Firewalls, etc. in the Volpe Cybersecurity Vehicle Testing Lab. Since 2016, Kevin is also supporting the National Motor Freight Traffic Association (NMFTA) on a new program called Heavy Vehicle Cybersecurity (HVCS), Kevin is evaluating OEM heavy vehicles and telematics system vulnerabilities.

Dr. André Weimerskirch, Lear Corporation, USA: André Weimerskirch is VP Cyber Security at Lear Corporation. Before that, André established the transportation cybersecurity group at the University of Michigan Transportation Research Institute (UMTRI) and co-founded the embedded systems security company ESCRYPT, which was sold to Bosch in 2012.

André is active in all areas of automotive and transportation cybersecurity and privacy, is a main designer of the vehicle-to-vehicle security system, which will likely be the largest security system ever deployed; has published numerous articles in the area of automotive and embedded cybersecurity; and is co-founder of the American workshop on embedded security in cars (escar USA). André is vice chair of the SAE Vehicle Electrical System Security Committee, co-chairs the Michigan Mobility Transformation Center (MTC) cybersecurity working group, co-organizes the SAE ComVEC heavy vehicle cybersecurity session, and is a member of the joint SAE/ISO Cybersecurity Working Group.

Board Members
Lisa Boran, Ford, USA
Joshua Corman, Founder—I Am the Cavalry, USA
Andy Davis, NCC, UK
Jeremy Daily, The University of Tulsa, USA
Karim El Defrawy, Southwest Research Institute, USA
Benjamin Glas, Porsche, Germany
Jorge Guajardo, Robert Bosch Research and Technology Center, USA
Karl Heimer, Principal, Heimer & Associates, LLC, USA
Dr. Daniel Johnson, Cybersecurity Fellow, Honeywell Aerospace, USA
Urban Jonson, NMFTA, Inc. USA
Suzanne Lightman, NIST, USA
Bill Mazzara, FCA Group, USA
Ira McDonald, High North, USA
Dariusz Mikulski, TARDEC, USA
Brian Murray, ZF TRW, USA
Aleksey Nogin, HRL Laboratories, USA
Hisashi Oguma, Toyota ITC Ltd, Japan
Christof Paar, Germany
Dr. David Pierce, Sr Staff Product Security, GE Aviation, USA
Neal Probert, Nissan, USA
Craig Smith, Rapid7, USA
Anuja Sonalker, STEER Auto Cyber, USA
Alan Tatourian, Intel USA
Eric Thayer, Assured Information Security, Inc., USA


Subscribers can view annotate, and download all of SAE's content. Learn More »