Refine Your Search

Topic

Author

Affiliation

Search Results

Technical Paper

Contextual Study of Security and Privacy in V2X Communication for Architecture & Networking products

2024-10-17
2024-28-0038
In recent times there has been an upward trend in "Connected Vehicles", which has significantly improved not only the driving experience but also the "ownership of the car". The use of state-of-the-art wireless technologies, such as vehicle-to-everything (V2X) connectivity, is crucial for its dependability and safety. V2X also effectively extends the information flow between the transportation ecosystem pedestrians, public infrastructure (traffic management system) and parking infrastructure, charging and fuel stations, Etc. V2X has a lot of potential to enhance traffic flow, boost traffic safety, and provide drivers and operators with new services. One of the fundamental issues is maintaining trustworthy and quick communication between cars and infrastructure. While establishing stable connectivity, reducing interference, and controlling the fluctuating quality of wireless transmissions, we have to ensure the Security and Privacy of V2I.
Technical Paper

Cyber Security in the Automotive Domain – An Overview

2017-03-28
2017-01-1652
Driven by the growing internet and remote connectivity of automobiles, combined with the emerging trend to automated driving, the importance of security for automotive systems is massively increasing. Although cyber security is a common part of daily routines in the traditional IT domain, necessary security mechanisms are not yet widely applied in the vehicles. At first glance, this may not appear to be a problem as there are lots of solutions from other domains, which potentially could be re-used. But substantial differences compared to an automotive environment have to be taken into account, drastically reducing the possibilities for simple reuse. Our contribution is to address automotive electronics engineers who are confronted with security requirements. Therefore, it will firstly provide some basic knowledge about IT security and subsequently present a selection of automotive specific security use cases.
Technical Paper

Cybersecurity Approval Criteria: Application of UN R155

2024-07-02
2024-01-2983
The UN R155 regulation is the first automotive cybersecurity regulation and has made security a mandatory approval criterion for new vehicle types. ...These recommendations aim to enhance the comprehensiveness of the security assessment associated with UN R155, fostering a more uniform approach to evaluating cybersecurity in the context of vehicle type approvals.
Journal Article

Cybersecurity Metrics for Automotive Systems

2021-04-06
2021-01-0138
With the increased need for cybersecurity in automotive systems due to the development of more advanced technologies and corresponding increased threat vectors, coupled with the upcoming International Organization for Standardization and the Society for Automotive Engineers (ISO/SAE) 21434 cybersecurity standard for automotive systems and cybersecurity regulations in The United Nations Economic Commission for Europe World Forum for Harmonization of Vehicle Regulations (UNECE WP.29), it is becoming increasingly important for auto manufacturers and suppliers to have a clear and common understanding and agreement of cybersecurity metrics for the development and deployment of vehicles. ...Cybersecurity for automotive systems is challenging, and one of the major challenges is how to measure this specific system property. ...With the increased need for cybersecurity in automotive systems due to the development of more advanced technologies and corresponding increased threat vectors, coupled with the upcoming International Organization for Standardization and the Society for Automotive Engineers (ISO/SAE) 21434 cybersecurity standard for automotive systems and cybersecurity regulations in The United Nations Economic Commission for Europe World Forum for Harmonization of Vehicle Regulations (UNECE WP.29), it is becoming increasingly important for auto manufacturers and suppliers to have a clear and common understanding and agreement of cybersecurity metrics for the development and deployment of vehicles.
Technical Paper

Cybersecurity Rating Framework and Its Application to J1939-91C Standard

2024-04-09
2024-01-2803
UNECE R155 explicitly references ISO/SAE 21434 and mandates a certified cybersecurity management system (CSMS) as a prerequisite for automotive manufacturers to achieve vehicle type approval and sell new vehicle types. ...However, the gap in the CSMS framework is a lack in a standardized system that provides guidance and common criteria for automakers to measure a vehicle’s level of compliance and compute a publicly accepted cybersecurity rating. To help establish increased consumer confidence, OEMs and smart mobility stakeholders could take additional proactive steps to ensure the safety and security of their products. ...This paper addresses the above requirement and discusses the cybersecurity rating framework (CSRF) that could establish a framework for rating vehicle cybersecurity by standardizing the measurement criteria, parameter vectors, process, and tools.
Technical Paper

Cybersecurity Testing and Validation

2017-03-28
2017-01-1655
We also consider the necessary scope and depth of cybersecurity testing and suggest examples of how this can be related to cybersecurity requirements, goals and integrity levels, as determined by the threat analysis and risk assessment. ...An essential part of an effective cybersecurity engineering process is testing the implementation of a system for vulnerabilities and validating the effectiveness of countermeasures. ...The SAE J3061 Cybersecurity Guidebook for Cyber-Physical Vehicle Systems provides a recommended framework which organizations can use to implement a cybersecurity engineering process, which includes activities such as integration and testing, penetration testing and verification/validation of cybersecurity requirements at the hardware, software and system levels.
Journal Article

Cybersecurity Vulnerabilities for Off-Board Commercial Vehicle Diagnostics

2023-04-11
2023-01-0040
The lack of inherent security controls makes traditional Controller Area Network (CAN) buses vulnerable to Machine-In-The-Middle (MitM) cybersecurity attacks. Conventional vehicular MitM attacks involve tampering with the hardware to directly manipulate CAN bus traffic.
Research Report

Cybersecurity and Digital Trust Issues in Connected and Automated Vehicles

2024-04-22
EPR2024009
On the other hand, the potential risks associated with CAV deployment related to technical vulnerabilities are safety and cybersecurity issues that may arise from flawed hardware and software. Cybersecurity and Digital Trust Issues in Connected and Automated Vehicles elaborates on these topics as unsettled cybersecurity and digital trust issues in CAVs and follows with recommendations to fill in the gaps in this evolving field. ...Cybersecurity and Digital Trust Issues in Connected and Automated Vehicles elaborates on these topics as unsettled cybersecurity and digital trust issues in CAVs and follows with recommendations to fill in the gaps in this evolving field. ...This report also highlights the importance of establishing robust cybersecurity protocols and fostering digital trust in these vehicles to ensure safe and secure deployment in our modern transportation system.
Technical Paper

Cybersecurity by Agile Design

2023-04-11
2023-01-0035
ISO/SAE 21434 [1] Final International Standard was released September 2021 to great fanfare and is the most prominent standard in Automotive Cybersecurity. As members of the Joint Working Group (JWG) the authors spent 5 years developing the 84 pages of precise wording acceptable to hundreds of contributors. ...The application to Agile may require interpreting the standard from another angle, which could involve reordering the sequence of activities and work products, breaking down the acceptable criteria of some work products to allow rapid iterations, and verifications of meta data or intermediate work products. In cybersecurity engineering, Agile has its unique strength compared to the V-model method, as its cyclical nature is better aligned with best practices for Cybersecurity Frameworks. ...In cybersecurity engineering, Agile has its unique strength compared to the V-model method, as its cyclical nature is better aligned with best practices for Cybersecurity Frameworks.
Technical Paper

Cybersecurity in EV’s: Approach for Systematic Secured SW Development through ISO/SAE 21434 & ASPICE

2023-04-11
2023-01-0046
Cybersecurity (CS) is crucial and significantly important in every product that is connected to the network/internet. ...Hence making it very important to guarantee that every single connected device shall have cybersecurity measures implemented to ensure the safety of the entire system. Looking into the forecasted worldwide growth in the electric vehicles (EV’s) segment, CS researchers have recently identified several vulnerabilities that exist in EV’s, electric vehicle supply equipment (EVSE) devices, communications to EVs, and upstream services, such as EVSE vendor cloud services, third party systems, and grid operators. ...Additional processes have been defined in the process reference and assessment model for the CS engineering in order to incorporate the cybersecurity related processes in the ASPICE scope. This paper aims at providing a model & brief overview to establish a correlation between the ASPICE, ISO/SAE 21434 and the ISO 26262 functional safety (FS) standards for development of a secured cybersecurity software with all the considerations that an organization can undertake.
Technical Paper

Cybersecurity in the Context of Fail-Operational Systems

2024-04-09
2024-01-2808
The development of highly automated driving functions (AD) recently rises the demand for so called Fail-Operational systems for native driving functions like steering and braking of vehicles. Fail-Operational systems shall guarantee the availability of driving functions even in presence of failures. This can also mean a degradation of system performance or limiting a system’s remaining operating period. In either case, the goal is independency from a human driver as a permanently situation-aware safety fallback solution to provide a certain level of autonomy. In parallel, the connectivity of modern vehicles is increasing rapidly and especially in vehicles with highly automated functions, there is a high demand for connected functions, Infotainment (web conference, Internet, Shopping) and Entertainment (Streaming, Gaming) to entertain the passengers, who should no longer occupied with driving tasks.
Technical Paper

Deep Learning Based Automotive Requirements Analysis

2023-04-11
2023-01-0864
Automotive system functionalities spread over a wide range of sub-domains ranging from non-driving related components to complex autonomous driving related components. The requirements to design and develop these components span across software, hardware, firmware, etc. elements. The successful development of these components to achieve the needs from the stockholders requires accurate understanding and traceability of the requirements of these component systems. The high-level customer requirements transformation into low level granularity requires an efficient requirement engineer. The manual understanding of the customer requirements from the requirement documents are influenced by the context and the knowledge gap of the requirement engineer in understanding and transforming the requirements.
Technical Paper

Deep Learning Based Real Time Vulnerability Fixes Verification Mechanism for Automotive Firmware/Software

2021-04-06
2021-01-0183
Software vulnerability management is one of the most critical and crucial security techniques, which analyzes the automotive software/firmware across the digital cockpit, ADAS, V2X, etc. domains for vulnerabilities, and provides security patches for the concerned Common Vulnerabilities and Exposures (CVE). The process of automotive SW/FW vulnerability management system between the OEMs and vendors happen through a channel of fixing a certain number of vulnerabilities by 1st tier supplier which needs to be verified in front of OEMs for the fixed number and type of patches in there deliverable SW/FW. The gap of verification between for the fixed patches between the OEMs and 1st tier supplier requires a reliable human independent intelligent technique to have a trustworthiness of verification.
Journal Article

Design Approach for Secure Networks to Introduce Data Analytics within the Aircraft Cabin

2019-09-16
2019-01-1853
In the past, aircraft network design did not demand for information security considerations. The aircraft systems were simple, obscure, proprietary and, most importantly for security, the systems have been either physically isolated or they have been connected by directed communication links. The union of the aircraft systems thus formed a federated network. These properties are in sharp contrast with today’s system designs, which rest upon platform-based solutions with shared resources being interconnected by a massively meshed and shared communication network. The resulting connectivity and the high number of interfaces require an in-depth security analysis as the systems also provide functions that are required for the safe operation of the aircraft. This network design evolution, however, resulted in an iterative and continuous adaption of existing network solutions as these have not been developed from scratch.
X