Refine Your Search


Search Results

Journal Article

Physics-Based Misbehavior Detection System for V2X Communications

Abstract Vehicle to Everything (V2X) allows vehicles, pedestrians, and infrastructure to share information for the purpose of preventing accidents, enhancing road safety, and improving the efficiency and energy consumption of transportation. Although V2X messages are authenticated, their content is not validated. Sensor errors or adversarial attacks can cause messages to be perturbed and, therefore, increase the likelihood of traffic jams, compromise the decision process of other vehicles, or provoke fatal crashes. In this article, we introduce V2X Core Anomaly Detection System (VCADS), a system based on the theory presented in [1] and built for the fields provided in the periodic messages shared across vehicles (i.e., Basic Safety Messages, BSMs). VCADS uses physics-based models to constrain the values in each field and detect anomalies by finding the numerical difference between a field and independent derivations of the same field.

Automotive Engineering: November/December 2021

High on hydrogen Through its Symbio joint venture with Michelin, Faurecia expands far beyond its interior-systems base into the fuel-cell future. Simulating a faster route to ADAS and AV validation With its new cloud-based Simphera platform, dSpace responds to demand from global automated-vehicle development teams to help manage their expanding, complex workload. Innovating the methanol fuel cell Using methanol as the source fuel provides an alternative to a gaseous-hydrogen distribution and storage infrastructure, among other potential benefits. Engineering the 2022 Toyota Tundra Chief Engineer Mike Sweers talks structure, materials and a different approach to hybrid power.
Journal Article

A Systematic Mapping Study on Security Countermeasures of In-Vehicle Communication Systems

Abstract The innovations of vehicle connectivity have been increasing dramatically to enhance the safety and user experience of driving, while the rising numbers of interfaces to the external world also bring security threats to vehicles. Many security countermeasures have been proposed and discussed to protect the systems and services against attacks. To provide an overview of the current states in this research field, we conducted a systematic mapping study (SMS) on the topic area “security countermeasures of in-vehicle communication systems.” A total of 279 papers are identified based on the defined study identification strategy and criteria. We discussed four research questions (RQs) related to the security countermeasures, validation methods, publication patterns, and research trends and gaps based on the extracted and classified data. Finally, we evaluated the validity threats and the whole mapping process.
Technical Paper

Deep Learning Based Real Time Vulnerability Fixes Verification Mechanism for Automotive Firmware/Software

Software vulnerability management is one of the most critical and crucial security techniques, which analyzes the automotive software/firmware across the digital cockpit, ADAS, V2X, etc. domains for vulnerabilities, and provides security patches for the concerned Common Vulnerabilities and Exposures (CVE). The process of automotive SW/FW vulnerability management system between the OEMs and vendors happen through a channel of fixing a certain number of vulnerabilities by 1st tier supplier which needs to be verified in front of OEMs for the fixed number and type of patches in there deliverable SW/FW. The gap of verification between for the fixed patches between the OEMs and 1st tier supplier requires a reliable human independent intelligent technique to have a trustworthiness of verification.

Automotive Engineering: November/December 2020

Volkswagen reveals its 'people's' EV VW's ID.4 leads the 2021 stampede to electrification for the mass market. Answering the fuel-cell compressor question The optimum compressor device for a fuel cell depends on vehicle application - and a lot more. An Eaton expert explains. Tire pressure's impact on EV driving range A new study shows that tighter control of tire-pressure loss can lead to marked improvement in electric-vehicle efficiency. Editorial Warm socks for the EV options list Supplier Eye For suppliers, a new drumbeat New SAE wireless charging standard is EV game-changer Tula DMD aims for more-efficient e-machines Multiphysics helps transform modeling, simulation Is the camshaft being timed out? New Magna seat puts connectivity in the second row BMW reveals its first "M" performance-badged two-wheeler Volkswagen readies new-generation Golf R Q&A Discussing safety tech, standards and industry trends with Hyundai North America's Brian Latouf

Security Specification through the Systems Engineering Process for SAE V2X Standards

This document addresses the development of security material for application specifications in SAE V2X Technical Committees. The assumption in this document is that two groups with distinct missions contribute to the development of each standard: the “Application Specification Team is in charge of specifying the application functionality and the “Security Specification Team” is in charge of specifying the security. The two teams may, of course, have a significant overlap of members.

Automotive Engineering: October 2020

FEV and the Art of EV Testing The legendary powertrain-engineering group has expanded its global footprint into EV testing and development to keep pace with changing technologies and customer demand. EVs expand the testing envelope Horiba builds on its core test-systems expertise as it pivots to battery packs, e-motors, fuel cells and their ancillary technologies. Symphony in the key of C8 Tenneco and GM solve multiple technical challenges to engineer the mid-engine Corvette's sweet-sounding active exhaust system. More air for the hydrogen fuel cell New electric-blower technology aims to enhance HFC efficiency. Aeristech engineering boss Luke Read explains.
Journal Article

Assuring Vehicle Update Integrity Using Asymmetric Public Key Infrastructure (PKI) and Public Key Cryptography (PKC)

Abstract Over the past forty years, the Electronic Control Unit (ECU) technology has grown in both sophistication and volume in the automotive sector, and modern vehicles may comprise hundreds of ECUs. ECUs typically communicate via a bus-based network architecture to collectively support a broad range of safety-critical capabilities, such as obstacle avoidance, lane management, and adaptive cruise control. However, this technology evolution has also brought about risks: if ECU firmware is compromised, then vehicle safety may be compromised. Recent experiments and demonstrations have shown that ECU firmware is not only poorly protected but also that compromised firmware may pose safety risks to occupants and bystanders.
Journal Article

Pseudonym Issuing Strategies for Privacy-Preserving V2X Communication

Abstract Connected vehicle technology consisting of Vehicle-to-Vehicle (V2V) and Vehicle-to-Infrastructure (V2I) communication falls under the umbrella of V2X, or Vehicle-to-Everything, communication. This enables vehicles and infrastructure to exchange safety-related information to enable smarter, safer roads. If driver alerts are raised or automated action is taken as a result of these messages, it is critical that messages are trustworthy and reliable. To this end, the Security Credential Management System (SCMS) and Cooperative Intelligent Transportation Systems (C-ITS) Credential Management System (CCMS) have been proposed to enable authentication and authorization of V2X messages without compromising individual user privacy. This is accomplished by issuing each vehicle a large set of “pseudonyms,” unrelated to any real-world identity. During operation, the vehicle periodically switches pseudonyms, thereby changing its identity to others in the network.

Unmanned Systems (UxS) Control Segment (UCS) Architecture: Architecture Technical Governance

This Technical Governance is part of the SAE UCS Architecture Library and is primarily concerned with the UCS Architecture Model (AS6518) starting at Revision A and its user extensions. Users of the Model may extend it in accordance with AS6513 to meet the needs of their UCS Products. UCS Products include software components, software configurations and systems that provide or consume UCS services. For further information, refer to AS6513 Revision A or later. Technical Governance is part of the UCS Architecture Framework. This framework governs the UCS views expressed as Packages and Diagrams in the UCS Architecture Model.
Journal Article

uACPC: Client-Initiated Privacy-Preserving Activation Codes for Pseudonym Certificates Model

Abstract With the adoption of Vehicle-to-everything (V2X) technology, security and privacy of vehicles are paramount. To avoid tracking while preserving vehicle/driver’s privacy, modern vehicular public key infrastructure provision vehicles with multiple short-term pseudonym certificates. However, provisioning a large number of pseudonym certificates can lead to an enormous growth of Certificate Revocation Lists (CRLs) during its revocation process. One possible approach to avoid such CRL growth is by relying on activation code (AC)-based solutions. In such solutions, the vehicles are provisioned with batches of encrypted certificates, which are decrypted periodically via the ACs (broadcasted by the back-end system). When the system detects a revoked vehicle, it simply does not broadcast the respective vehicle’s AC. As a result, revoked vehicles do not receive their respective AC and are prevented from decrypting their certificates.
Technical Paper

Safety Development Trend of the Intelligent and Connected Vehicle

Automotive safety is always the focus of consumers, the selling point of products, the focus of technology. In order to achieve automatic driving, interconnection with the outside world, human-automatic system interaction, the security connotation of intelligent and connected vehicles (ICV) changes: information security is the basis of its security. Functional safety ensures that the system is operating properly. Behavioral safety guarantees a secure interaction between people and vehicles. Passive security should not be weakened, but should be strengthened based on new constraints. In terms of information safety, the threshold for attacking cloud, pipe, and vehicle information should be raised to ensure that ICV system does not fail due to malicious attacks. The cloud is divided into three cloud platforms according to functions: ICVs private cloud, TSP cloud, public cloud.
Technical Paper

Scalable Decentralized Solution for Secure Vehicle-to-Vehicle Communication

The automotive industry is set for a rapid transformation in the next few years in terms of communication. The kind of growth the automotive industry is poised for in fields of connected cars is both fascinating and alarming at the same time. The communication devices equipped to the cars and the data exchanges done between vehicles to vehicles are prone to a lot of cyber-related attacks. The signals that are sent using Vehicular Adhoc Network (VANET) between vehicles can be eavesdropped by the attackers and it may be used for various attacks such as the man in the middle attack, DOS attack, Sybil attack, etc. These attacks can be prevented using the Blockchain technology, where each transaction is logged in a decentralized immutable Blockchain ledger. This provides authenticity and integrity to the signals. But the use of Blockchain Platforms such as Ethereum has various drawbacks like scalability which makes it infeasible for connected car system.
Technical Paper

Challenges in Integrating Cybersecurity into Existing Development Processes

Strategies designed to deal with these challenges differ in the way in which added duties are assigned and cybersecurity topics are integrated into the already existing process steps. Cybersecurity requirements often clash with existing system requirements or established development methods, leading to low acceptance among developers, and introducing the need to have clear policies on how friction between cybersecurity and other fields is handled. ...Cybersecurity requirements often clash with existing system requirements or established development methods, leading to low acceptance among developers, and introducing the need to have clear policies on how friction between cybersecurity and other fields is handled. A cybersecurity development approach is frequently perceived as introducing impediments, that bear the risk of cybersecurity measures receiving a lower priority to reduce inconvenience. ...For an established development process and a team accustomed to this process, adding cybersecurity features to the product initially means inconvenience and reduced productivity without perceivable benefits.
Technical Paper

Selftrust - A Practical Approach for Trust Establishment

In recent years, with increase in external connectivity (V2X, telematics, mobile projection, BYOD) the automobile is becoming a target of cyberattacks and intrusions. Any such intrusion reduces customer trust in connected cars and negatively impacts brand image (like the recent Jeep Cherokee hack). To protect against intrusion, several mechanisms are available. These range from a simple secure CAN to a specialized symbiote defense software. A few systems (e.g. V2X) implement detection of an intrusion (defined as a misbehaving entity). However, most of the mechanisms require a system-wide change which adds to the cost and negatively impacts the performance. In this paper, we are proposing a practical and scalable approach to intrusion detection. Some benefits of our approach include use of existing security mechanisms such as TrustZone® and watermarking with little or no impact on cost and performance. In addition, our approach is scalable and does not require any system-wide changes.

Hardware Protected Security for Ground Vehicles

Access mechanisms to system data and/or control is a primary use case of the hardware protected security environment (hardware protected security environment) during different uses and stages of the system. The hardware protected security environment acts as a gatekeeper for these use cases and not necessarily as the executor of the function. This section is a generalization of such use cases in an attempt to extract common requirements for the hardware protected security environment that enable it to be a gatekeeper. Examples are: Creating a new key fob Re-flashing ECU firmware Reading/exporting PII out of the ECU Using a subscription-based feature Performing some service on an ECU Transferring ownership of the vehicle Some of these examples are discussed later in this section and some have detailed sections of their own. This list is by no means comprehensive.

Service Specific Permissions and Security Guidelines for Connected Vehicle Applications

SAE is developing a number of standards, including the SAE J2945/x and SAE J3161/x series, that specify a set of applications using message sets from the SAE J2735 data dictionary. (“Application” is used here to mean “a collection of activities including interactions between different entities in the service of a collection of related goals and associated with a given IEEE Provider Service Identifier (PSID)”). Authenticity and integrity of the communications for these applications are ensured using digital signatures and IEEE 1609.2 digital certificates, which also indicate the permissions of the senders using Provider Service Identifiers (PSIDs) and Service Specific Permissions (SSPs). The PSID is a globally unique identifier associated with an application specification that unambiguously describes how to build interoperable instances of that application.