Refine Your Search

Topic

Author

Affiliation

Search Results

Technical Paper

Introducing Attribute-Based Access Control to AUTOSAR

2016-04-05
2016-01-0069
Cyber security concerns in the automotive industry have been constantly increasing as automobiles are more computerized and networked. AUTOSAR is the standard architecture for automotive software development, addressing various aspects including security. The current version of AUTOSAR is concerned with only cryptography-based security for secure authentication at the communication level. However, there has been an increasing need for authorization security to control access on software resources such as data and services in the automobile. In this paper, we introduce attribute-based access control (ABAC) to AUTOSAR to address authorization in automotive software.
Technical Paper

Event-Triggered Robust Control of an Integrated Motor-Gearbox Powertrain System for a Connected Vehicle under CAN and DOS-Induced Delays

2020-02-24
2020-01-5016
This paper deals with an integrated motor-transmission (IMT) speed tracking control of the connected vehicle when there are controller area network (CAN)-induced delays and denial of service (DOS)-induced delays. A connected vehicle equipped with an IMT system may be attacked through the external network. Therefore, there are two delays on the CAN of the connected vehicle, which are CAN-induced and cyber-attack delays. A DOS attack generates huge delays in CAN and even makes the control system invalid. To address this problem, a robust dynamic output-feedback controller of the IMT speed tracking system considering event-triggered detectors resisting CAN-induced delays and DOS-induced delays is designed. The event-triggered detector is used to reduce the CAN-induced network congestion with appropriate event trigger conditions on the controller input and output channels. CAN-induced delays and DOS-induced delays are modeled by polytopic inclusions using the Taylor series expansion.
Research Report

Unsettled Issues in Remote Operation for On-road Driving Automation

2021-12-15
EPR2021028
On-road vehicles equipped with driving automation features—where a human might not be needed for operation on-board—are entering the mainstream public space. However, questions like “How safe is safe enough?” and “What to do if the system fails?” persist. This is where remote operation comes in, which is an additional layer to the automated driving system where a human remotely assists the so-called “driverless” vehicle in certain situations. Such remote-operation solutions introduce additional challenges and potential risks as the entire vehicle-network-human now needs to work together safely, effectively, and practically. Unsettled Issues in Remote Operation for On-road Driving Automation highlights technical questions (e.g., network latency, bandwidth, cyber security) and human aspects (e.g., workload, attentiveness, situational awareness) of remote operation and introduces evolving solutions.
Technical Paper

Connected Vehicles - A Testing Approach and Methodology

2021-09-22
2021-26-0450
With the introduction of Connected Vehicles, it is possible to extend the limited horizon of vehicles on the road by collective perceptions, where vehicles periodically share their information with other vehicles and servers using cloud. Nevertheless, by the time the connected vehicle spread expands, it is critical to understand the validation techniques which can be used to ensure a flawless transfer of data and connectivity. Connected vehicles are mainly characterized by the smartphone application which is provided to the end customers to access the connectivity features in the vehicle. The end result which is delivered to the customer is through the integrated telematics unit in the vehicle which communicates through a communication layer with the cloud platform. The cloud server in turn interacts with the final application layer of the mobile application given to the customer.
Technical Paper

Cyber Security in the Automotive Domain – An Overview

2017-03-28
2017-01-1652
Driven by the growing internet and remote connectivity of automobiles, combined with the emerging trend to automated driving, the importance of security for automotive systems is massively increasing. Although cyber security is a common part of daily routines in the traditional IT domain, necessary security mechanisms are not yet widely applied in the vehicles. At first glance, this may not appear to be a problem as there are lots of solutions from other domains, which potentially could be re-used. But substantial differences compared to an automotive environment have to be taken into account, drastically reducing the possibilities for simple reuse. Our contribution is to address automotive electronics engineers who are confronted with security requirements. Therefore, it will firstly provide some basic knowledge about IT security and subsequently present a selection of automotive specific security use cases.
Technical Paper

The Use of Interactive Web Based Program Applications for In-Depth Vehicle Noise Path Analysis

2017-06-05
2017-01-1868
The authors previously presented at SAE 2015, the use of acoustic diagnostic network algorithms (Acoustic DNA) for the measurement and analysis of noise paths in motor vehicles. To further the understanding of the huge amount of data created in this method, especially by the end user or customer, a secure web based application platform has been engineered. The current paper presents operating aspects of the web based approach, including cyber security, multi device accessibility and intuitive user interface together with an innovative optimization toolbox from which both noise sources and vehicle body systems can be modified to be target compliant.
Technical Paper

Securing Connected Vehicles End to End

2014-04-01
2014-01-0300
As vehicles become increasingly connected with the external world, they face a growing range of security vulnerabilities. Researchers, hobbyists, and hackers have compromised security keys used by vehicles' electronic control units (ECUs), modified ECU software, and hacked wireless transmissions from vehicle key fobs and tire monitoring sensors. Malware can infect vehicles through Internet connectivity, onboard diagnostic interfaces, devices tethered wirelessly or physically to the vehicle, malware-infected aftermarket devices or spare parts, and onboard Wi-Fi hotspot. Once vehicles are interconnected, compromised vehicles can also be used to attack the connected transportation system and other vehicles. Securing connected vehicles impose a range of unique new challenges. This paper describes some of these unique challenges and presents an end-to-end cloud-assisted connected vehicle security framework that can address these challenges.
Technical Paper

Attacking Ground Vehicles with Ransomware: Watch the Horizon

2022-03-29
2022-01-0358
Ransomware is not a new method of malware infection. This historically had been experienced in the enterprise in nearly every industry. This has been especially problematic in the medical and manufacturing fields. As the attackers saturate the specifically targeted industries, the attackers will expand their target industries. One of these which has not been significantly explored by the ransomware groups are the embedded systems and automobile environment. This set of targets is massive and provides for a vast attack potential. While this has not experienced this attack methodology at length, the research and efforts are creeping towards this as a natural extension of the business. The research focusses on the history of ransomware, uses in the enterprise, possible attack vectors with ground vehicles, and defenses to be explored and implemented to secure automobiles, fleets, and the industries.
Technical Paper

Trust-Based Control and Scheduling for UGV Platoon under Cyber Attacks

2019-04-02
2019-01-1077
Unmanned ground vehicles (UGVs) may encounter difficulties accommodating environmental uncertainties and system degradations during harsh conditions. However, human experience and onboard intelligence can may help mitigate such cases. Unfortunately, human operators have cognition limits when directly supervising multiple UGVs. Ideally, an automated decision aid can be designed that empowers the human operator to supervise the UGVs. In this paper, we consider a connected UGV platoon under cyber attacks that may disrupt safety and degrade performance. An observer-based resilient control strategy is designed to mitigate the effects of vehicle-to-vehicle (V2V) cyber attacks. In addition, each UGV generates both internal and external evaluations based on the platoons performance metrics. A cloud-based trust-based information management system collects these evaluations to detect abnormal UGV platoon behaviors.
Technical Paper

Safe and Secure Development: Challenges and Opportunities

2018-04-03
2018-01-0020
The ever-increasing complexity and connectivity of driver assist functions pose challenges for both Functional Safety and Cyber Security. Several of these challenges arise not only due to the new functionalities themselves but due to numerous interdependencies between safety and security. Safety and security goals can conflict, safety mechanisms might be intentionally triggered by attackers to impact functionality negatively, or mechanisms can compete for limited resources like processing power or memory to name just some conflict potentials. But there is also the potential for synergies, both in the implementation as well as during the development. For example, both disciplines require mechanisms to check data integrity, are concerned with freedom from interference and require architecture based analyses. So far there is no consensus in the industry on how to best deal with these interdependencies in automotive development projects.
Technical Paper

Integration and Optimization of Geneva Mechanism in the Car Door Handle

2024-01-16
2024-26-0285
The car door handle is an essential component of any vehicle, as it plays a crucial role in providing access to the cabin and ensuring safety of the passenger. The primary function of the car door handle is to allow entry and exit from the vehicle while preventing unauthorized access. In addition to this, car door handles also play a critical role in ensuring passenger safety by keeping the door closed during accidents or when there is a significant amount of G-force acting on the vehicle. A typical car door handle comprises several components including the structure, cover, bowden lever, bracket, pins and other child parts. The structure provides the ergonomics and rigidity for grabbing the handle, while the cover gives the handle an aesthetic appearance. The Bowden lever facilitates the unlatching of the door and the intermediate parts ensure that the handle operates smoothly.
Technical Paper

Considerations for Requirements and Specifications of a Digital Thread in Aircraft Data Life Cycle Management

2024-03-05
2024-01-1946
The aircraft lifecycle involves thousands of transactions and an enormous amount of data being exchanged across the stakeholders in the aircraft ecosystem. This data pertains to various aircraft life cycle stages such as design, manufacturing, certification, operations, maintenance, and disposal of the aircraft. All participants in the aerospace ecosystem want to leverage the data to deliver insight and add value to their customers through existing and new services while protecting their own intellectual property. The exchange of data between stakeholders in the ecosystem is involved and growing exponentially. This necessitates the need for standards on data interoperability to support efficient maintenance, logistics, operations, and design improvements for both commercial and military aircraft ecosystems. A digital thread defines an approach and a system which connects the data flows and represents a holistic view of an asset data across its lifecycle.
Journal Article

Threat Analysis and Risk Assessment in Automotive Cyber Security

2013-04-08
2013-01-1415
The process of hazard analysis and risk assessment (H&R or HARA) is well-established in standards and methods for functional safety, such as the automotive functional safety standard ISO 26262. Considering the parallel discipline of cyber security, it is necessary to establish an analogous process of threat analysis and risk assessment (T&R) in order to identify potential security attacks and the risk associated with these attacks if they were successful. While functional safety H&R processes could be used for threat analysis, these methods need extension and adaptation to the cyber security domain. This paper describes how such a method has been developed based on the approach described in ISO 26262 and the related MISRA Safety Analysis Guidelines. In particular key differences are described in the understanding of the severity of a security attack, and the factors that contribute to the probability of a successful attack.
Technical Paper

Wireless CAN adaptation for ZCU based using Zigbee protocol for efficient data transmission and data security

2024-10-17
2024-28-0036
This paper explores the integration of Wireless Controller Area Network (CAN) technology with the Zigbee protocol to enhance data transmission efficiency and security in Zonal Control Unit (ZCU) based systems. By combining Zigbee's wireless capabilities with CAN's established reliability, this integration aims to address these challenges while ensuring robust security measures. The integration of Wireless CAN with Zigbee protocol offers a promising solution to overcome the limitations of traditional wired communication architectures. Utilizing Zigbee's low-power, short-range wireless protocol facilitates seamless communication between ZCU modules, eliminating the need for physical connections and enhancing system flexibility. The adoption of Wireless CAN with Zigbee protocol presents an innovative solution for achieving efficient data transmission and robust data security in ZCU-based systems.
Technical Paper

Reliability-Oriented Distributed Test Strategy for FOTA/SOTA Enabled Edge Device

2021-09-22
2021-26-0476
In order to enhance customer experience [5] and to reduce time to market, the manufacturers are constantly in need of being able to update software/firmware of the Electronic Control units (ECU) when the vehicle is in field operations. The updates could be a bug fix or a new feature release. Until the recent years, the updation of software/firmware used to be done using a physical hardwired connection to the Vehicle in a workshop. However, with the element of connectivity being added to the vehicle, the updation of software can be done remotely and wirelessly over the air using a feature called Flash over the air (FOTA) [2] and Software over the air (SOTA) [2]. In order to safeguard the telematics [3] ECU from tampering or hacking, the manufacturers are doing away with the ports on the underlying hardware through which manual flashing used to be done. This means that, the only option available to flash or update the ECU is using FOTA/SOTA.
Technical Paper

Scalable Decentralized Solution for Secure Vehicle-to-Vehicle Communication

2020-04-14
2020-01-0724
The automotive industry is set for a rapid transformation in the next few years in terms of communication. The kind of growth the automotive industry is poised for in fields of connected cars is both fascinating and alarming at the same time. The communication devices equipped to the cars and the data exchanges done between vehicles to vehicles are prone to a lot of cyber-related attacks. The signals that are sent using Vehicular Adhoc Network (VANET) between vehicles can be eavesdropped by the attackers and it may be used for various attacks such as the man in the middle attack, DOS attack, Sybil attack, etc. These attacks can be prevented using the Blockchain technology, where each transaction is logged in a decentralized immutable Blockchain ledger. This provides authenticity and integrity to the signals. But the use of Blockchain Platforms such as Ethereum has various drawbacks like scalability which makes it infeasible for connected car system.
Technical Paper

Research on CAN Network Security Aspects and Intrusion Detection Design

2017-09-23
2017-01-2007
With the rapid development of vehicle intelligent and networking technology, the IT security of automotive systems becomes an important area of research. In addition to the basic vehicle control, intelligent advanced driver assistance systems, infotainment systems will all exchange data with in-vehicle network. Unfortunately, current communication network protocols, including Controller Area Network (CAN), FlexRay, MOST, and LIN have no security services, such as authentication or encryption, etc. Therefore, the vehicle are unprotected against malicious attacks. Since CAN bus is actually the most widely used field bus for in-vehicle communications in current automobiles, the security aspects of CAN bus is focused on. Based on the analysis of the current research status of CAN bus network security, this paper summarizes the CAN bus potential security vulnerabilities and the attack means.
Technical Paper

Communication Requirements for Plug-In Electric Vehicles

2011-04-12
2011-01-0866
This paper is the second in the series of documents designed to record the progress of a series of SAE documents - SAE J2836™, J2847, J2931, & J2953 - within the Plug-In Electric Vehicle (PEV) Communication Task Force. This follows the initial paper number 2010-01-0837, and continues with the test and modeling of the various PLC types for utility programs described in J2836/1™ & J2847/1. This also extends the communication to an off-board charger, described in J2836/2™ & J2847/2 and includes reverse energy flow described in J2836/3™ and J2847/3. The initial versions of J2836/1™ and J2847/1 were published early 2010. J2847/1 has now been re-opened to include updates from comments from the National Institute of Standards Technology (NIST) Smart Grid Interoperability Panel (SGIP), Smart Grid Architectural Committee (SGAC) and Cyber Security Working Group committee (SCWG).
Technical Paper

Proposal of HILS-Based In-Vehicle Network Security Verification Environment

2018-04-03
2018-01-0013
We propose a security-testing framework to analyze attack feasibilities for automotive control software by integrating model-based development with model checking techniques. Many studies have pointed out the vulnerabilities in the Controller Area Network (CAN) protocol, which is widely used in in-vehicle network systems. However, many security attacks on automobiles did not explicitly consider the transmission timing of CAN packets to realize vulnerabilities. Additionally, in terms of security testing for automobiles, most existing studies have only focused on the generation of the testing packets to realize vulnerabilities, but they did not consider the timing of invoking a security testing. Therefore, we focus on the transmit timing of CAN packets to realize vulnerabilities. In our experiments, we have demonstrated the classification of feasible attacks at the early development phase by integrating the model checking techniques into a virtualized environment.
Journal Article

Ensuring Fuel Economy Performance of Commercial Vehicle Fleets Using Blockchain Technology

2019-04-02
2019-01-1078
In the past, research on blockchain technology has addressed security and privacy concerns within intelligent transportation systems for critical V2I and V2V communications that form the backbone of Internet of Vehicles. Within trucking industry, a recent trend has been observed towards the use of blockchain technology for operations. Industry stakeholders are particularly looking forward to refining status quo contract management and vehicle maintenance processes through blockchains. However, the use of blockchain technology for enhancing vehicle performance in fleets, especially while considering the fact that modern-day intelligent vehicles are prone to cyber security threats, is an area that has attracted less attention. In this paper, we demonstrate a case study that makes use of blockchains to securely optimize the fuel economy of fleets that do package pickup and delivery (P&D) in urban areas.
X