Refine Your Search

Topic

Author

Affiliation

Search Results

Technical Paper

Enhanced Penetration Testing for Automotive Cybersecurity

2022-12-16
2022-01-7123
Automotive electronics and enterprise IT are converging and thus open the doors for advanced hacking. With their immediate safety impact, cyberattacks on such systems will endanger passengers. Today, there are various methods of security verification and validation in the automotive industry. However, we realize that vulnerability detection is incomplete and inefficient with classic security testing. In this article, we show how an enhanced Grey-Box Penetration Test (GBPT) needs less test cases while being more effective in terms of coverage and indicating less false positives.
Technical Paper

Common Vulnerability Considerations as an Integral Part of the Automotive Cybersecurity Engineering Process

2022-10-05
2022-28-0304
To build secure systems of road vehicles, the cybersecurity engineering standard ISO21434[11] suggests the evaluation of vulnerabilities throughout engineering process, such as attack path analysis, system requirement stage, software architecture, design, and implementation and testing phases. ...With my analysis and practices, it is appropriate to include the common vulnerabilities that ought to be an integral part of the automotive cybersecurity engineering process. In this paper, the author would like to provide a list of vulnerabilities that might be a suggestion for threat analysis and risk assessment and propose two solutions that may be adopted directly in the V-model for security-relevant software development.
Magazine

Aerospace & Defense Technology: September 2022

2022-09-01
The Sky is No Longer the Limit Celebrating 75 Years of Air Force Technology Air Force Technology Timeline Leveraging New Technologies for Mil/Aero Electronic Systems MOSA Enclosure Design for Military Systems Three Challenges to 5G's Military Success How to Specify and Select RF Filters Investigation of Requirements and Capabilities of Next-Generation Mine Warfare Unmanned Underwater Vehicles Model-based systems engineering (MBSE) tools, including functional flow block diagrams and functional hierarchies, are used to logically define mine countermeasure (MCM) UUV operations and support the development of alternative concepts of operations. On the Pulsed Laser Ablation of Metals and Semiconductors A comparison of effects across disparate experimental regimes through the study of pulsed laser ablation over several orders of magnitude in pulse duration, fluence, and material properties.
Magazine

Automotive Engineering: July/August 2022

2022-08-01
R1T Exposed! A comprehensive teardown of Rivian's pioneering electric pickup reveals praiseworthy build quality, innovative thinking…and some lapses in manufacturability. EVs drive NVH materials innovation Skateboard platforms, high-frequency motor noise push lower dB thresholds and new countermeasure solutions. Optimizing design for additive manufacturing Avoiding the pitfalls of 3D printing requires knowing the process limitations - and how to work around them. An expert at a leading AM specialist shares insights on getting it right. Real-time processors help drive the zonal E/E revolution With its new generation of software-compatible processors, NXP aims to accelerate systems consolidation and performance.
Standard

GUIDANCE FOR USAGE OF DIGITAL CERTIFICATES

2022-07-01
CURRENT
ARINC842-3
The purpose of this document is to provide operational guidance for key life-cycle management, which refers to the phases through which digital certificates and associated cryptographic keys progress, from creation through usage to retirement. Additionally, this document provides implementation guidance for online certificate provisioning of aircraft systems. The scope includes both the onboard part (aircraft system) as well as the ground part (PKI provider and Ground Infrastructure). Consideration of both onboard and ground provides the benefit of security considerations being included in the process flow and chain of custody. Specifically, the management to and from the aircraft is defined within a workflow.
Standard

Requirements for Probe Data Collection Applications

2022-06-09
CURRENT
J2945/C_202206
Connected vehicles can provide data from multiple sensors that monitor both the vehicle and the environment through which the vehicle is passing. The data, when shared, can be used to enhance and optimize transportation operations and management—specifically, traffic flow and infrastructure maintenance. This document describes an interface between vehicle and infrastructure for collecting vehicle/probe data. That data may represent a single point in time or may be accumulated over defined periods of time or distance, or may be triggered based on circumstance. The purpose of this document is to define an interoperable means of collecting the vehicle/probe data in support of the use cases defined herein. There are many additional use cases that may be realized based on the interface defined in this document. Note that vehicle diagnostics are not included within the scope of this document, but diagnostics-related features may be added to probe data in a future supplemental document.
Magazine

Automotive Engineering: June 2022

2022-06-02
Supplier Eye Inflation ignites another supplier squeeze Toyota reinvesting in collaborative safety research SAE and NREL partner to strengthen EV-charging cybersecurity Expanding the 'bubble' of cabin acoustics 2022 Ford F-150 Lightning redefines the pickup paradigm GM's Hummer EV is like nothing else
Standard

Cyber-Physical Systems Security Engineering Plan (CPSSEP)

2022-06-02
CURRENT
JA7496_202206
This SAE Standard establishes practices to: a Manage risk and ensure security of a cyber-physical system (CPS) throughout its life cycle by utilizing systems engineering principles; b Assess the impact of cyber-physical systems security (CPSS) objectives and requirements; c Assess the security risks to CPS technical effectiveness and functions, and address weaknesses and vulnerabilities; d Address various domains of consideration (see 3.1) that take into account operating conditions of the system, command and control, configuration management (refer to SAE EIA649), etc., that could negatively impact CPSS or CPS-designed purpose; e Perform design validation and verification to assess security and risk of the CPS.
Technical Paper

Medical Cargo Delivery using Blockchain Enabled Unmanned Aircraft Systems

2022-05-26
2022-26-0003
Significant growth of Unmanned Aerial Vehicles (UAV) has unlocked many services and applications opportunities in the healthcare sector. Aerial transportation of medical cargo delivery can be an effective and alternative way to ground-based transport systems in times of emergency. To improve the security and the trust of such aerial transportation systems, Blockchain can be used as a potential technology to manage, operate and monitor the entire process. In this paper, we present a blockchain network solution based on Ethereum for the transportation of medical cargo such as blood, medicines, vaccines, etc. The smart contract solution developed in solidity language was tested using the Truffle program. Ganache blockchain test network was employed to host the blockchain network and test the operation of the proposed blockchain model. The suitability of the model is validated in real-time using a UAV and all the flight data are captured and uploaded into the blockchain.
Standard

Processes for Application-Specific Qualification of Electrical, Electronic, and Electromechanical Parts and Sub-Assemblies for Use in Aerospace, Defense, and High Performance Systems

2022-05-19
WIP
ARP6379A
This document describes a process for use by ADHP integrators of EEE parts and sub-assemblies (items) that have been targeted for other applications. This document does not describe specific tests to be conducted, sample sizes to be used, nor results to be obtained; instead, it describes a process to define and accomplish application-specific qualification; that provides confidence to both the ADHP integrators, and the integrators’ customers, that the item will performs its function(s) reliably in the ADHP application.
Magazine

Automotive Engineering: May 2022

2022-05-01
Honda airs it out Honda's aerodynamic and NVH development gets a breath of fresh air from its first full-scale wind tunnel in North America. Two-wheeled tech: The latest in motorcycle applications Drawing heavily from automotive advances, the latest in connectivity, safety and convenience are infiltrating the moto world. Nobium: magic metal for battery anodes? Increased cell capacity and rapid recharging in thermal extremes are potential benefits of electrode chemistries fortified by the humble element Nb. Editorial Reconsidering hybrids Supplier Eye Preparing for a lumpy EV transition SAE WCX 2022: ICE won't melt amid shift to EVs ICE life-extension: searching for more solutions Stellantis' Hurricane is coming Bringing back the hot hatch: 2023 Toyota GR Corolla 2022 Jeep Grand Cherokee plugs in Q&A Eunjoo Hopkins, vehicle synthesis manager for the 2022 Jeep Grand Cherokee 4xe, talks about meeting vehicle-integration "science goals" for the hybridized 2022 Grand Cherokee.
Technical Paper

Attacking Ground Vehicles with Ransomware: Watch the Horizon

2022-03-29
2022-01-0358
Ransomware is not a new method of malware infection. This historically had been experienced in the enterprise in nearly every industry. This has been especially problematic in the medical and manufacturing fields. As the attackers saturate the specifically targeted industries, the attackers will expand their target industries. One of these which has not been significantly explored by the ransomware groups are the embedded systems and automobile environment. This set of targets is massive and provides for a vast attack potential. While this has not experienced this attack methodology at length, the research and efforts are creeping towards this as a natural extension of the business. The research focusses on the history of ransomware, uses in the enterprise, possible attack vectors with ground vehicles, and defenses to be explored and implemented to secure automobiles, fleets, and the industries.
Technical Paper

Future of Automotive Embedded Hardware Trust Anchors (AEHTA)

2022-03-29
2022-01-0122
In conjunction with an increasing number of related laws and regulations (such as UNECE R155 and ISO 21434), these drive security requirements in different domains and areas. 2 In this paper we examine the upcoming trends in EE architectures and investigate the underlying cyber-security threats and corresponding security requirements that lead to potential requirements for “Automotive Embedded Hardware Trust Anchors” (AEHTA).
Technical Paper

Strategy to Adopt ISO/SAE 21434 Cyber Security Assurance Level in the Organization

2022-03-29
2022-01-0121
The recent standard, ISO/SAE 21434, is introduced to address the cybersecurity requirements for the development of electrical and electronic components in the road vehicles. ...This standard has introduced a new classification scheme, cybersecurity assurance level (CAL), that helps in validating the process rigor needed for mitigating different threat scenarios. ...CAL values can be determined at the earlier stages of the SDLC (cybersecurity concept phase) through the knowledge of attack vectors and attack severity specific to a system.
Research Report

Unsettled Issues in Remote Operation for On-road Driving Automation

2021-12-15
EPR2021028
On-road vehicles equipped with driving automation features—where a human might not be needed for operation on-board—are entering the mainstream public space. However, questions like “How safe is safe enough?” and “What to do if the system fails?” persist. This is where remote operation comes in, which is an additional layer to the automated driving system where a human remotely assists the so-called “driverless” vehicle in certain situations. Such remote-operation solutions introduce additional challenges and potential risks as the entire vehicle-network-human now needs to work together safely, effectively, and practically. Unsettled Issues in Remote Operation for On-road Driving Automation highlights technical questions (e.g., network latency, bandwidth, cyber security) and human aspects (e.g., workload, attentiveness, situational awareness) of remote operation and introduces evolving solutions.
Magazine

Automotive Engineering: November/December 2021

2021-12-01
High on hydrogen Through its Symbio joint venture with Michelin, Faurecia expands far beyond its interior-systems base into the fuel-cell future. Simulating a faster route to ADAS and AV validation With its new cloud-based Simphera platform, dSpace responds to demand from global automated-vehicle development teams to help manage their expanding, complex workload. Innovating the methanol fuel cell Using methanol as the source fuel provides an alternative to a gaseous-hydrogen distribution and storage infrastructure, among other potential benefits. Engineering the 2022 Toyota Tundra Chief Engineer Mike Sweers talks structure, materials and a different approach to hybrid power.
Journal Article

A Systematic Mapping Study on Security Countermeasures of In-Vehicle Communication Systems

2021-11-16
Abstract The innovations of vehicle connectivity have been increasing dramatically to enhance the safety and user experience of driving, while the rising numbers of interfaces to the external world also bring security threats to vehicles. Many security countermeasures have been proposed and discussed to protect the systems and services against attacks. To provide an overview of the current states in this research field, we conducted a systematic mapping study (SMS) on the topic area “security countermeasures of in-vehicle communication systems.” A total of 279 papers are identified based on the defined study identification strategy and criteria. We discussed four research questions (RQs) related to the security countermeasures, validation methods, publication patterns, and research trends and gaps based on the extracted and classified data. Finally, we evaluated the validity threats and the whole mapping process.
X