Refine Your Search

Topic

Author

Affiliation

Search Results

SAE MOBILUS Subscription

Cybersecurity

2017-05-01
Specific topics include: Automotive vehicle electronics Embedded systems architecture (cyber-physical) Data communication Hardware security design Vulnerability of embedded devices Software assurance Security technologies Intrusion detection Incident response Wireless security Penetration testing Security governance & risk management By purchasing this collection, you have full access to the publications included in the SAE MOBILUS Cybersecurity Knowledge Hub.
Standard

Cybersecurity Guidebook for Cyber-Physical Vehicle Systems

2016-01-14
CURRENT
J3061_201601
This recommended practice provides guidance on vehicle Cybersecurity and was created based off of, and expanded on from, existing practices which are being implemented or reported in industry, government and conference papers. ...Other proprietary Cybersecurity development processes and standards may have been established to support a specific manufacturer’s development processes, and may not be comprehensively represented in this document, however, information contained in this document may help refine existing in-house processes, methods, etc. ...This recommended practice establishes a set of high-level guiding principles for Cybersecurity as it relates to cyber-physical vehicle systems. This includes: Defining a complete lifecycle process framework that can be tailored and utilized within each organization’s development processes to incorporate Cybersecurity into cyber-physical vehicle systems from concept phase through production, operation, service, and decommissioning.
Training / Education

Introduction to Automotive Cybersecurity

2019-05-16
This course has been developed for the Chinese auto industry to provide engineers and software developers involved in V2X and related industries with important knowledge about vehicle cybersecurity, including basic cybersecurity practices, interpretation of SAE J3061 standards, connected vehicle attack & defense approaches and the Security Development Lifecycle (SDL).
Technical Paper

Cybersecurity Testing and Validation

2017-03-28
2017-01-1655
We also consider the necessary scope and depth of cybersecurity testing and suggest examples of how this can be related to cybersecurity requirements, goals and integrity levels, as determined by the threat analysis and risk assessment. ...An essential part of an effective cybersecurity engineering process is testing the implementation of a system for vulnerabilities and validating the effectiveness of countermeasures. ...The SAE J3061 Cybersecurity Guidebook for Cyber-Physical Vehicle Systems provides a recommended framework which organizations can use to implement a cybersecurity engineering process, which includes activities such as integration and testing, penetration testing and verification/validation of cybersecurity requirements at the hardware, software and system levels.
Training / Education

Cybersecurity An Introduction for the Automotive Sector

The automotive industry is the new "battleground" for cybersecurity. Following the path of desktops/laptops, tablets, and mobile phones, the automotive industry is now the "hot" area for both academic researchers and hackers. ...What does cybersecurity mean? Who is attacking and why? What must we change? What can stay the same? What is the larger organization's role in cyber?
Book

Cybersecurity for Commercial Vehicles

2018-08-28
It delivers details on key subject areas including: • SAE International Standard J3061; the cybersecurity guidebook for cyber-physical vehicle systems • The differences between automotive and commercial vehicle cybersecurity. • Forensics for identifying breaches in cybersecurity. • Platooning and fleet implications. • Impacts and importance of secure systems for today and for the future. ...This book provides a thorough view of cybersecurity to encourage those in the commercial vehicle industry to be fully aware and concerned that their fleet and cargo could be at risk to a cyber-attack. ...It delivers details on key subject areas including: • SAE International Standard J3061; the cybersecurity guidebook for cyber-physical vehicle systems • The differences between automotive and commercial vehicle cybersecurity. • Forensics for identifying breaches in cybersecurity. • Platooning and fleet implications. • Impacts and importance of secure systems for today and for the future.
Collection

Cybersecurity for Cyber-Physical Vehicle Systems, 2017

2017-03-28
This paper focuses on cybersecurity for cyber-physical vehicle systems. Topics include: design, development and implementation of security-critical cyber-physical vehicle systems, cybersecurity design, development, and implementation strategies, analysis methodologies, process and life-cycle management, comparisons of system safety and cybersecurity, etc. ...Topics include: design, development and implementation of security-critical cyber-physical vehicle systems, cybersecurity design, development, and implementation strategies, analysis methodologies, process and life-cycle management, comparisons of system safety and cybersecurity, etc. ...Topics include: design, development and implementation of security-critical cyber-physical vehicle systems, cybersecurity design, development, and implementation strategies, analysis methodologies, process and life-cycle management, comparisons of system safety and cybersecurity, etc. Application areas include: security-critical automotive systems, as well as other security-critical ground vehicle and aviation systems.
Collection

Cybersecurity for Cyber-Physical Vehicle Systems, 2018

2018-04-03
This paper focuses on cybersecurity for cyber-physical vehicle systems. Topics include: design, development and implementation of security-critical cyber-physical vehicle systems, cybersecurity design, development, and implementation strategies, analysis methodologies, process and life-cycle management, comparisons of system safety and cybersecurity, etc. ...Topics include: design, development and implementation of security-critical cyber-physical vehicle systems, cybersecurity design, development, and implementation strategies, analysis methodologies, process and life-cycle management, comparisons of system safety and cybersecurity, etc. ...Topics include: design, development and implementation of security-critical cyber-physical vehicle systems, cybersecurity design, development, and implementation strategies, analysis methodologies, process and life-cycle management, comparisons of system safety and cybersecurity, etc. Application areas include: security-critical automotive systems, as well as other security-critical ground vehicle and aviation systems.
Video

SAE Eye on Engineering: Cybersecurity in Cars

2018-08-20
In this episode of SAE Eye on Engineering, Editor-in-Chief Lindsay Brooke looks at cybersecurity concerns in cars. SAE Eye on Engineering also airs Monday mornings on WJR 760 AM Detroit's Paul W.
SAE MOBILUS Subscription

SAE International Journal of Transportation Cybersecurity and Privacy

2017-01-01
Articles can present methods, tools, implementations, and applications of research in transportation cybersecurity and privacy around technologies, cybersecurity engineering process, and security economics and environment. ...Additional transportation systems, such as rail and maritime systems, are also in scope. Cybersecurity and Privacy Technologies • Cybersecurity of sensors and cyber-physical systems • Design of resilient architectures and applications • Privacy and data protection issues in transportation systems • Hardware security and secure hardware modules • Security of vehicular communications (on-board, between vehicles, and between vehicles and infrastructure) • Security of application platforms • Intrusion and anomaly detection systems • Forensics and analytics • Security of legally mandated applications (e.g., event data recorders, flight data recorders, tachographs, etc.) • Security of cloud-based infrastructure • Security of road pricing, restricted area access and vehicle monitoring • Security of vehicle theft deterrent, immobilization, and theft response solutions • Security of vehicular rights control and audit (e.g., feature activation) • Security of emergent technologies (e.g., automated driving, unmanned aerial vehicle, and electric vehicles) • Anti-reverse engineering Cybersecurity and Privacy Engineering Process • Cybersecurity engineering process • Privacy by design • Security throughout the system life-cycle • Vehicle-related information sharing and vulnerability coordination • Software assurance and formal methods • Security standardization • Supply chain integrity and traceability • Communication of cybersecurity risks, impacts, and priorities • Cybersecurity assurance testing • Information and processes to drive organizational awareness • Incident response • Collaboration and engagement of stakeholders • Reverse engineering and penetration testing Cybersecurity Economics and Environment • Security economics of both attackers and defenders • Security of vehicle-driven business, maintenance, and service models • Understanding and harnessing the hacker mindset • Right to repair issues • Impact of privacy/security requirements that vary by jurisdiction Editorial Board Co-Editors Thomas M. ...., automated driving, unmanned aerial vehicle, and electric vehicles) • Anti-reverse engineering Cybersecurity and Privacy Engineering Process • Cybersecurity engineering process • Privacy by design • Security throughout the system life-cycle • Vehicle-related information sharing and vulnerability coordination • Software assurance and formal methods • Security standardization • Supply chain integrity and traceability • Communication of cybersecurity risks, impacts, and priorities • Cybersecurity assurance testing • Information and processes to drive organizational awareness • Incident response • Collaboration and engagement of stakeholders • Reverse engineering and penetration testing Cybersecurity Economics and Environment • Security economics of both attackers and defenders • Security of vehicle-driven business, maintenance, and service models • Understanding and harnessing the hacker mindset • Right to repair issues • Impact of privacy/security requirements that vary by jurisdiction Editorial Board Co-Editors Thomas M.
Technical Paper

Cyber-security for Engine ECUs: Past, Present and Future

2015-09-01
2015-01-1998
In this paper, we outline past, present and future applications of automotive security for engine ECUs. Electronic immobilizers and anti-tuning countermeasures have been used for several years. Recently, OEMs and suppliers are facing more and more powerful attackers, and as a result, have introduced stronger countermeasures based on hardware security. Finally, with the advent of connected cars, it is expected that many things that currently require a physical connection will be done remotely in a near future. This includes remote diagnostics, reprogramming and engine calibration.
Training / Education

Keys to Creating a Cybersecurity Process from the J3061 Process Framework

This allows an organization to develop an internal cybersecurity process consistent with its other processes in order to build cybersecurity robustness into their cyber- physical systems. ...Connected vehicles are increasingly seen as a potential target for cybersecurity attacks. A key differentiator for the automotive industry is the use of cyber-physical systems, where a successful cybersecurity attack could affect physical entities.
Training / Education

Keys to Creating a Cybersecurity Process from the J3061 Process Framework

This allows an organization to develop an internal cybersecurity process consistent with its other processes in order to build cybersecurity robustness into their cyber-physical systems. ...This web seminar will define key concepts in cybersecurity and discuss what a cybersecurity process consists of and why one is needed for the development of cyber-physical vehicle systems.
Journal Article

Cybersecurity Considerations for Heavy Vehicle Event Data Recorders

2018-12-14
Abstract Trust in the digital data from heavy vehicle event data recorders (HVEDRs) is paramount to using the data in legal contests. Ensuring the trust in the HVEDR data requires an examination of the ways the digital information can be attacked, both purposefully and inadvertently. The goal or objective of an attack on HVEDR data will be to have the data omitted in a case. To this end, we developed an attack tree and establish a model for violating the trust needed for HVEDR data. The attack tree provides context for mitigations and also for functional requirements. A trust model is introduced as well as a discussion on what constitutes forensically sound data. The main contribution of this article is an attack tree-based model of both malicious and accidental events contributing to compromised event data recorder (EDR) data. A comprehensive list of mitigations for HVEDR systems results from this analysis.
Technical Paper

Mitigating Unknown Cybersecurity Threats in Performance Constrained Electronic Control Units

2018-04-03
2018-01-0016
Traditional Cybersecurity solutions fall short in meeting automotive ECU constraints such as zero false positives, intermittent connectivity, and low performance impact. ...We integrated Autonomous Security on a BeagleBone Black (BBB) system to evaluate the feasibility of mitigating Cybersecurity risks against potential threats. We identified key metrics that should be measured, such as level of security, ease of integration and system performance impact.
Technical Paper

Research on Vehicle Cybersecurity Based on Dedicated Security Hardware and ECDH Algorithm

2017-09-23
2017-01-2005
Vehicle cybersecurity consists of internal security and external security. Dedicated security hardware will play an important role in car’s internal and external security communication. ...For certain AURIX MCU consisting of HSM, the experiment result shows that cheaper 32-bit HSM’s AES calculating speed is 25 times of 32-bit main controller, so HSM is an effective choice to realize cybersecurity. After comparing two existing methods that realize secure CAN communication, A Modified SECURE CAN scheme is proposed, and differences of the three schemes are analyzed.
X