Search Results

As a result of the ever-increasing application of cyber-physical components in the automotive industry, cybersecurity has become an urgent topic. Adapting technologies and communication protocols like Ethernet and WiFi in connected vehicles yields many attack scenarios. ...Consequently, ISO/SAE 21434 and UN R155 (2021) define a standard and regulatory framework for automotive cybersecurity, Both documents follow a risk management-based approach and require a threat modeling methodology for risk analysis and identification. ...Initially, we transform cybersecurity guidelines to attack trees, and then we use their formal interpretations to assess the vehicle’s design.

The hypervisor offers many benefits to the vehicle architecture, both operationally and with cybersecurity. The proposed mitigant provides the structure to partition the various VMs. This allows for the different functions to be managed within their own distinct VM. ...While the cybersecurity applications are numerous, there are also the operational benefits. The hypervisor is designed to not only manage the VMs, but also to increase the efficiency of these via resource management.

The SAE AS2C Standard AS5506C Architecture Analysis and Description Language (AADL) is a modeling language for predictive analysis of real-time software reliant, safety and cybersecurity critical systems that provides both the precision of formal modeling and the tool-agnostic freedom of a text-based representation. ...AADL supports multiple domains of architectural analysis such as timing, latency, resources, safety, scheduling, and cybersecurity. Adventium Labs conducted an exercise to determine the applicability of software engineering practices (e.g., continuous integration (CI), application programming interface (API) sharing, test driven development (TDD)) to the AADL-based Architecture Centric Virtual Integration Process (ACVIP).

The paper includes a description of cybersecurity measures to protect the vehicle against malicious attacks.

., driver assistance functions, intrusion detection system, vehicle diagnostics, external device authentication during vehicle diagnostics, vehicle-to-grid and so on). The cybersecurity attacks targeting the global time result in false time, accuracy degradation, and denial of service as stated in IETF RFC 7384.

It is essential to note that cybersecurity threats not only arise from inherent protocol defects but also consider software implementation vulnerabilities.

In addition, due to the cyber-security risk, the security functions to ensure the integrity of the message has to be considered.

The caveat to these additional capabilities is issues like cybersecurity, complexity, etc. This paper is an exploration into FuSa and CAVs and will present a systematic approach to understand challenges and propose potential framework, Intelligent Vehicle Monitoring for Safety and Security (IVMSS) to handle faults/malfunctions in CAVs, and specifically autonomous systems.

With the introduction of Connected Vehicles, it is possible to extend the limited horizon of vehicles on the road by collective perceptions, where vehicles periodically share their information with other vehicles and servers using cloud. Nevertheless, by the time the connected vehicle spread expands, it is critical to understand the validation techniques which can be used to ensure a flawless transfer of data and connectivity. Connected vehicles are mainly characterized by the smartphone application which is provided to the end customers to access the connectivity features in the vehicle. The end result which is delivered to the customer is through the integrated telematics unit in the vehicle which communicates through a communication layer with the cloud platform. The cloud server in turn interacts with the final application layer of the mobile application given to the customer.

The authors previously presented at SAE 2015, the use of acoustic diagnostic network algorithms (Acoustic DNA) for the measurement and analysis of noise paths in motor vehicles. To further the understanding of the huge amount of data created in this method, especially by the end user or customer, a secure web based application platform has been engineered. The current paper presents operating aspects of the web based approach, including cyber security, multi device accessibility and intuitive user interface together with an innovative optimization toolbox from which both noise sources and vehicle body systems can be modified to be target compliant.

The car door handle is an essential component of any vehicle, as it plays a crucial role in providing access to the cabin and ensuring safety of the passenger. The primary function of the car door handle is to allow entry and exit from the vehicle while preventing unauthorized access. In addition to this, car door handles also play a critical role in ensuring passenger safety by keeping the door closed during accidents or when there is a significant amount of G-force acting on the vehicle. A typical car door handle comprises several components including the structure, cover, bowden lever, bracket, pins and other child parts. The structure provides the ergonomics and rigidity for grabbing the handle, while the cover gives the handle an aesthetic appearance. The Bowden lever facilitates the unlatching of the door and the intermediate parts ensure that the handle operates smoothly.

We propose a security-testing framework to analyze attack feasibilities for automotive control software by integrating model-based development with model checking techniques. Many studies have pointed out the vulnerabilities in the Controller Area Network (CAN) protocol, which is widely used in in-vehicle network systems. However, many security attacks on automobiles did not explicitly consider the transmission timing of CAN packets to realize vulnerabilities. Additionally, in terms of security testing for automobiles, most existing studies have only focused on the generation of the testing packets to realize vulnerabilities, but they did not consider the timing of invoking a security testing. Therefore, we focus on the transmit timing of CAN packets to realize vulnerabilities. In our experiments, we have demonstrated the classification of feasible attacks at the early development phase by integrating the model checking techniques into a virtualized environment.

Cyber security is becoming increasingly critical in the car industry. Not only the entry points to the external world in the car need to be protected against potential attack, but also the on-board communication in the car require to be protected against attackers who may try to send unauthorized CAN messages. However, the current CAN network was not designed with security in mind. As a result, the extra measures have to be taken to address the key security properties of the secure CAN communication, including data integrity, authenticity, confidentiality and freshness. While integrity and authenticity can be achieved by using a relatively straightforward algorithms such as CMAC (Cipher-based Message Authentication Code) and Confidentiality can be handled by a symmetric encryption algorithm like AES128 (128-bit Advanced Encryption Standard), it has been recognized to be more challenging to achieve the freshness of CAN message.

CAN bus network proved to be efficient and dynamic for small compact cars as well as heavy-duty vehicles (HDV). However, HDVs are more susceptible to malicious attacks due to lack of security in their intra-vehicle communication protocols. SAE proposed a new standard named J1939-91C for CAN-FD networks which provides methods for establishing trust and securing mutual messages with optional encryption. J1939-91C ensures message authenticity, integrity, and confidentiality by implementing complex cryptographic operations including hash functions and random key generation. In this paper, the three main phases of J1939-91C, i.e., Network Formation, Rekeying, and Message Exchange, are simulated and tested on Electronic Control Units (ECUs) supporting CAN-FD network. Numerous test vectors were generated and validated to support SAE J1939-91C. The mentioned vectors were produced by simulating different encryption and hashing algorithms with variable message and key lengths.

With the development of vehicle intelligence and the Internet of Vehicles, how to protect the safety of the vehicle network system has become a focus issue that needs to be solved urgently. The Controller Area Network (CAN) bus is currently a very widely used vehicle-mounted bus, and its security largely determines the degree of vehicle-mounted information security. The CAN bus lacks adequate protection mechanisms and is vulnerable to external attacks such as replay attacks, modifying attacks, and so on. On the basis of the existing work, this paper proposes an authentication method that combines Hash-based Message Authentication Code (HMAC)-SHA256 and Tiny Encryption Algorithm (TEA) algorithms. This method is based on dynamic identity authentication in challenge/response made and combined with the characteristics of the CAN bus itself as it achieves the identity authentication between the gateway and multiple electronic control units (ECUs).

Vehicles have more connectivity options now-a-days and these increasing connection options are giving more chances for an intruder to exploit the system. So, the vehicle manufacturers need to make the ECU in the vehicle more secure. To make the system secure, the embedded system must secure all the assets in the system. Examples of assets are Software, Kernel or Operating system, cryptographic Keys, Passwords, user data, etc. In this, securing the Kernel is extremely important as an intruder can even exploit the operating system characteristics just by changing the kernel code without introducing a trojan in the system. Also, the Kernel is the one entity that manages all permissions, so, if the kernel is hacked, these permissions also get compromised. The proposed approach is to make the kernel secure by doing the integrity check periodically of the kernel code loaded into the main memory of the system.

Access control enforces security policies for controlling critical resources. For V2X (Vehicle to Everything) autonomous military vehicle fleets, network middleware systems such as ROS (Robotic Operating System) expose system resources through networked publisher/subscriber and client/server paradigms. Without proper access control, these systems are vulnerable to attacks from compromised network nodes, which may perform data poisoning attacks, flood packets on a network, or attempt to gain lateral control of other resources. Access control for robotic middleware systems has been investigated in both ROS1 and ROS2. Still, these implementations do not have mechanisms for evaluating a policy's consistency and completeness or writing expressive policies for distributed fleets. We explore an RBAC (Role-Based Access Control) mechanism layered onto ROS environments that uses local permission caches with precomputed truth tables for fast policy evaluation.

Upon their arrival, Unmanned Autonomous Systems (UAS) brought with them many benefits for those involved in a military campaign. They can use such systems to reconnoiter dangerous areas, provide 24-hr aerial security surveillance for force protection purposes or even attack enemy targets all the while avoiding friendly human losses in the process. Unfortunately, these platforms also carry the inherent risk of being built on innately vulnerable cybernetic systems. From software which can be tampered with to either steal data, damage or even outright steal the aircraft, to the data networks used for communications which can be jammed or even eavesdropped on to gain access to sensible information. All this has the potential to turn the benefits of UAS into liabilities and although the last decade has seen great advances in the development of protection and countermeasures against the described threats and beyond the risk still endures.

Autonomous driving represents the ultimate goal of future automobile development. As a collaborative application that integrates vehicles, road infrastructure, network and cloud, autonomous driving business requires a high-degree dynamic cooperation among multiple resources such as data, computing and communications that are distributed throughout the system. In order to meet the anticipated high demand for resources and performance requirements of autonomous driving, and to ensure the safety and comfort of the vehicle users and pedestrians, a top concern of autonomous driving is to understand the system requirements for resources and conduct an in-depth analysis of the autonomous driving business. In this context, this paper presents a comprehensive analysis of the typical business for autonomous driving and establishes an analysis model for five common capabilities, i.e. collection, transmission, intelligent computing, human-machine interaction (HMI), and security.

Software vulnerability management is one of the most critical and crucial security techniques, which analyzes the automotive software/firmware across the digital cockpit, ADAS, V2X, etc. domains for vulnerabilities, and provides security patches for the concerned Common Vulnerabilities and Exposures (CVE). The process of automotive SW/FW vulnerability management system between the OEMs and vendors happen through a channel of fixing a certain number of vulnerabilities by 1st tier supplier which needs to be verified in front of OEMs for the fixed number and type of patches in there deliverable SW/FW. The gap of verification between for the fixed patches between the OEMs and 1st tier supplier requires a reliable human independent intelligent technique to have a trustworthiness of verification.