Refine Your Search

Topic

Author

Affiliation

Search Results

Training / Education

Fundamentals of High Voltage xEV, Safety, and PPE

2024-04-15
Do you know what personal protective equipment (PPE), tools, and instruments are needed to keep you safe around high voltage (HV) vehicles? Are you aware of how to protect yourself or your employees when working around high voltage systems and platforms? Safety is paramount when working around any type of high voltage. As electric vehicles (EV) and EV fleets become more prevalent, the critical need for OEMs, suppliers, companies, and organizations to provide comprehensive safety training for teams working with or around xEV systems and platforms increases.
Technical Paper

Cyber Security Rating Framework and its Application to J1939-1C Standard

2024-04-09
2024-01-2803
Cyber Security Rating Framework and its Application to J1939-1C Standard Present day automotives are becoming smart and more software driven. Conversely every line of code equals to a possible threat to the vehicle, passenger as well as the OEM. To hit the brakes on the alarming increase in cyber-threats, Government bodies have introduced standards and regulations globally. UNECE's WP.29 R155 & R156 regulations and ISO/SAE 21434 standards are mandatory for all OEMS. However, the gap is a framework and a standard that provides guidance and common criteria for automakers to measure the vehicle's level of compliance and compute a publicly accepted cyber security rating. This paper addresses the above requirement and discusses the Cyber Security Rating Framework (CSRF) that establishes a standard for rating vehicle cyber security by standardizing the measurement criteria, parameter vectors, process and tools.
Technical Paper

Vehicle E/E Architecture and Key Technologies Enabling Software-Defined Vehicle

2024-04-09
2024-01-2035
This paper gives a definition of the SDV concept, provides views from different aspects, discusses the latest progress in vehicle E/E architecture, especially the centralized and zone-based architecture, and various technologies including High-Performance Computing (HPC) platform, vehicle Operating System (OS), Over-The-Air (OTA) Update, advanced communication, connectivity, cybersecurity, and cloud service, etc. that enable SDV.
Technical Paper

The Interference of Functional Safety and Cyber Security in the Context of Fail-Operational Systems

2024-04-09
2024-01-2808
The development of highly automated driving functions (AD) recently drives the demand for so called Fail-Operational systems for native driving functions like steering and braking of vehicles. Fail-Operational systems shall guarantee the availability of driving functions even in presence of failures. This can also mean a degradation of system performance or limiting a system’s remaining operating period. In either case, the goal is independency from a human driver as a permanently situation-aware safety fallback solution to provide a certain level of autonomy. In parallel, the connectivity of modern vehicles is rapidly increasing and especially in vehicles with highly automated functions, there is high demand for connected functions, Infotainment (web conference, Internet, Shopping) and Entertainment (Streaming, Gaming) to entertain the passengers, who are no longer occupied with driving tasks.
Technical Paper

A Comprehensive Training Approach for Automotive Cybersecurity Engineering

2024-04-09
2024-01-2800
The publication of ISO/SAE DIS 21434 “Road vehicles — Cybersecurity engineering” represents a major step forward for cybersecurity engineering in the automotive domain. ...While ISO/SAE 21434 is the first international standard for automotive cybersecurity there is also a new type approval regulation on automotive cybersecurity (UN R155) for the European market. ...Thus the challenges for embedded automotive systems engineers are increasing while frameworks, tools, and shared concepts for cybersecurity engineering and training are scarce. Furthermore, cybersecurity training in the automotive domain includes very detailed domain knowledge and challenges related to cybersecurity and embedded systems engineering.
Technical Paper

Applying Concolic Testing to the Automotive Domain

2024-04-09
2024-01-2802
Symbolic code execution is a powerful cybersecurity testing approach that facilitates the systematic exploration of all paths within a program to uncover previously unknown cybersecurity vulnerabilities. ...Symbolic code execution is a powerful cybersecurity testing approach that facilitates the systematic exploration of all paths within a program to uncover previously unknown cybersecurity vulnerabilities. This is achieved through a Satisfiability Modulo Theory (SMT) solver, which operates on symbolic values for program inputs instead of using their concrete counterparts.
Technical Paper

Integrating Functional and Component-Level Threat Analyses in Automotive Systems: A Holistic Approach to Risk Assessment

2024-04-09
2024-01-2797
This method's detailed approach ensures that cybersecurity requirements can be readily implemented as a part of feature design, addressing the concerns of feature owners directly. ...Unified Threat Modeling: Leveraging techniques from systems engineering and cybersecurity domains to create a single, unified, and analytical threat model that takes into account both functional and component perspectives. 2.
Technical Paper

Vehicle Cyber Engineering (VCE) Test Bed with Cyber Security Labs as a Service (CLaaS)

2024-04-09
2024-01-2796
The VCE Test Beds have been connected with an AWS cloud based “Cyber-Security Labs as a Service “ (CLaaS) system which allows students and researcher to access the test beds from anyplace that they have a secure internet connection. ...VCE students are assigned predefined virtual machines to perform designated cybersecurity experiments. The ClaaS system has a very low administrative overhead associated with experiment setup and management.
Technical Paper

Security Requirements for Vehicle Security Gateways

2024-04-09
2024-01-2806
The NMFTA's Vehicle Cybersecurity Requirements Woking Group (VCRWG), comprised of fleets, OEMs and cybersecurity experts, has worked the past few years to produce security requirements for Vehicle Network Gateways. ...Vehicle Network Gateways play an important role in vehicle cybersecurity they are the component responsible for assuring vehicle network operations in the presence of untrustworthy devices on the aftermarket or diagnostics connectors.
Technical Paper

Evaluating Network Security Configuration (NSC) Practices in Vehicle-related Android Applications

2024-04-09
2024-01-2881
The growth of vehicle connectivity has raised heightened concerns about user security and data privacy. This rise highlights the important role of mobile applications for vehicles, as vehicles not only provide digital convenience but become key to public safety and trust. Despite their importance, these vehicle apps also suffer from the same vulnerabilities that affect the broader Android ecosystem, particularly being susceptible to man-in-the-middle attacks due to insecure custom SSL/TLS implementations. In response, Google introduced the Network Security Configuration (NSC) as a configuration-based solution to improve the security of certificate validation practices. NSC was initially developed to enhance the security of Android applications by providing developers with a framework to customize network security settings. However, recent studies have shown that it is often not being leveraged appropriately to enhance security.
X