Refine Your Search

Topic

Author

Affiliation

Search Results

Article

Lockheed Martin rolls out cybersecurity standardization model

2019-08-23
Lockheed Martin Corporation cyber security experts have released a new Cyber Resiliency Level (CRL) model. CRL a risk-based, mission-focused and cost-conscious framework that provides a structured set of methodologies and processes to help measure risk across six categories.
Article

SAE course delivers an introduction to the latest aviation cybersecurity essentials

2019-06-11
SAE International’s two-day course, DO-326A and ED-202A: An Introduction to the New and Mandatory Aviation Cyber-Security Essentials, introduces attendees to industry best practices for real-world aviation cybersecurity risk assessment, development, assurance. ...SAE International’s two-day course, DO-326A and ED-202A: An Introduction to the New and Mandatory Aviation Cyber-Security Essentials, introduces attendees to industry best practices for real-world aviation cybersecurity risk assessment, development, assurance.
Standard

Integrated Vehicle Health Management (IVHM) and Cybersecurity

2024-07-03
WIP
AIR7381
The emphasis of this document is on external Cybersecurity threats. Although many Cybersecurity threats can occur due to malicious activities by employees or flight Crew, the focus of this document is on addressing external Cybersecurity threats. ...This SAE Aerospace Information Report (AIR) provides information and exemplary guidance to understand and address Cybersecurity threats in IVHM-enabled systems. This AIR addresses specific vulnerabilities and considerations that are unique to IVHM-enabled systems. ...This AIR is not intended to cover the broader topic of Cybersecurity standards for aerospace systems, as there are specific SAE committees, such as G32, that are focused on addressing that scope.
Standard

Road vehicles - cybersecurity verification and validation

2023-05-12
WIP
ISO/SAE PAS8477
This document includes technical considerations on the planning and execution of verification and validation (“V&V”) of the cybersecurity of items and components of road vehicles, in the context of ISO/SAE 21434:2021. This document offers considerations on: • strategic approaches for V&V activities; • lists of, or references to, methods that can be applied; • distribution of V&V activities (between customer and supplier); • timing and execution thereof.
Standard

Automotive Cybersecurity Maturity Model Best Practice

2021-05-07
WIP
J3254
- Research existing maturity models - Highlight categories applicable to automotive - Identify a mapping of existing maturity model activities to 21434 work products - Covers organization and product security - Define levels of maturity for the automotive industry - Provide technical information report
Collection

Cyber Security for Cyber - Physical Vehicle Systems, 2014

2014-04-01
This technical paper collection focuses on cybersecurity for cyber-physical vehicle systems. Topics include: design, development and implementation of security-critical cyber-physical vehicle systems, cybersecurity design, development, and implementation strategies, analysis methodologies, process and life-cycle management, comparisons of system safety and cybersecurity, etc. ...Topics include: design, development and implementation of security-critical cyber-physical vehicle systems, cybersecurity design, development, and implementation strategies, analysis methodologies, process and life-cycle management, comparisons of system safety and cybersecurity, etc. ...Topics include: design, development and implementation of security-critical cyber-physical vehicle systems, cybersecurity design, development, and implementation strategies, analysis methodologies, process and life-cycle management, comparisons of system safety and cybersecurity, etc. Application areas include: security-critical automotive systems as well as other security-critical ground vehicle and aviation systems.
Standard

Road Vehicles – Cybersecurity Assurance Levels and Targeted Attack Feasibility

2022-08-11
WIP
ISO/SAE PAS8475
This document elaborates on the Cybersecurity Assurance Level (CAL) concept and introduces the Targeted Attack Feasibility (TAF) concept, both within the context of cybersecurity engineering for road vehicles in accordance with ISO/SAE 21434. ...This document elaborates on the Cybersecurity Assurance Level (CAL) concept and introduces the Targeted Attack Feasibility (TAF) concept, both within the context of cybersecurity engineering for road vehicles in accordance with ISO/SAE 21434. This document describes the conceptual models, main principles, and relationships between CAL, TAF and other concepts. ...It provides guidelines to determine and use CAL and TAF for cybersecurity engineering of items and components.
Training / Education

Introduction to Car Hacking with CANbus

2024-11-13
Therefore, engineers should ensure that systems are designed free of unreasonable risks to motor vehicle safety, including those that may result due to existence of potential cybersecurity vulnerabilities. The automotive industry is making vehicle cybersecurity an organizational priority.
Technical Paper

Strategy to Adopt ISO/SAE 21434 Cyber Security Assurance Level in the Organization

2022-03-29
2022-01-0121
The recent standard, ISO/SAE 21434, is introduced to address the cybersecurity requirements for the development of electrical and electronic components in the road vehicles. ...This standard has introduced a new classification scheme, cybersecurity assurance level (CAL), that helps in validating the process rigor needed for mitigating different threat scenarios. ...CAL values can be determined at the earlier stages of the SDLC (cybersecurity concept phase) through the knowledge of attack vectors and attack severity specific to a system.
Technical Paper

Information Security Risk Management of Vehicles

2018-04-03
2018-01-0015
The results of this work is allowed to identify a number of cybersecurity threats of the automated security-critical automotive systems, which reduces the efficiency of operation, road safety and system safety. ...According to the evaluating criterion of board electronics, the presence of poorly-protected communication channels, the 75% of the researched modern vehicles do not meet the minimum requirements of cybersecurity due to the danger of external blocking of vital systems. The revealed vulnerabilities of the security-critical automotive systems lead to the necessity of developing methods for mechanical and electronic protection of the modern vehicle. ...The law of normal distribution of the mid-points of the expert evaluation of the cyber-security of a modern vehicle has been determined. Based on the system approach, ranking of the main cybersecurity treats is performed.
Technical Paper

Security Requirements for Vehicle Security Gateways

2024-04-09
2024-01-2806
The NMFTA’s Vehicle Cybersecurity Requirements Woking Group (VCRWG), comprised of fleets, OEMs and cybersecurity experts, has worked the past few years to produce security requirements for Vehicle Network Gateways. ...Vehicle Network Gateways play an important role in vehicle cybersecurity – they are the component responsible for assuring vehicle network operations in the presence of untrustworthy devices on the aftermarket or diagnostics connectors.
Standard

Permanently or Semi-Permanently Installed Diagnostic Communication Devices, Security Guidelines

2020-03-04
CURRENT
J3005-2_202003
The scope of the document is to define the cyber-security best practices to reduce interference with normal vehicle operation, or to minimize risk as to unauthorized access of the vehicle's control, diagnostic, or data storage system; access by equipment (i.e., permanently or semi-permanently installed diagnostic communication device, also known as dongle, etc.) which is either permanently or semi-permanently connected to the vehicle's OBD diagnostic connector, either SAE J1939-13, SAE J1962, or other future protocol; or hardwired directly to the in-vehicle network.
Technical Paper

An Adaptable Security by Design Approach for Ensuring a Secured Remote Monitoring Teleoperation (RMTO) of an Autonomous Vehicle

2023-04-11
2023-01-0579
The separation of cybersecurity considerations in RMTO is barely considered, as so far, most available research and activities are mainly focused on AV. ...The main focus of this paper is addressing RMTO cybersecurity utilising an adaptable security-by-design approach, although security-by-design is still in the infant state within automotive cybersecurity. ...The main focus of this paper is addressing RMTO cybersecurity utilising an adaptable security-by-design approach, although security-by-design is still in the infant state within automotive cybersecurity. An adaptable security-by-design approach for RMTO covers Security Engineering Life-cycle, Logical Security Layered Concept, and Security Architecture.
Technical Paper

Integrated Safety and Security Development in the Automotive Domain

2017-03-28
2017-01-1661
The recently released SAE J3061 guidebook for cyber-physical vehicle systems provides high-level principles for automotive organizations for identifying and assessing cybersecurity threats and for designing cybersecurity aware systems in close relation to the ISO 26262 standard for the functional safety of road vehicles. ...., infotainment, car-2-car or car-2-infrastructure communication) as well as new advances toward advanced driver assistance systems (ADAS) or even autonomous driving functions make cybersecurity another key factor to be taken into account by vehicle suppliers and manufacturers. ...Although these can capitalize on experiences from many other domains, they still have to face several unique challenges when gearing up for specific cybersecurity challenges. A key challenge is related to the increasing interconnection of automotive systems with networks (such as Car2X).
Journal Article

Towards a Blockchain Framework for Autonomous Vehicle System Integrity

2021-05-05
Ensuring cybersecurity in an ECU network is challenging as there is no centralized authority in the vehicle to provide security as a service. ...While progress has been made to address cybersecurity vulnerabilities, many of these approaches have focused on enterprise, software-centric systems and require more computational resources than typically available for onboard vehicular devices.
Journal Article

Delivering Threat Analysis and Risk Assessment Based on ISO 21434: Practical and Tooling Considerations

2020-12-31
Abstract Automotive cybersecurity engineers now have the challenge of delivering Risk Assessments of their products using a method that is described in the new standard for automotive cybersecurity: International Organization for Standardization/Society of Automotive Engineers (ISO/SAE) 21434. ...Abstract Automotive cybersecurity engineers now have the challenge of delivering Risk Assessments of their products using a method that is described in the new standard for automotive cybersecurity: International Organization for Standardization/Society of Automotive Engineers (ISO/SAE) 21434.
X