Refine Your Search

Topic

Author

Affiliation

Search Results

Technical Paper

Wireless CAN adaptation for ZCU based using Zigbee protocol for efficient data transmission and data security

2024-10-17
2024-28-0036
This paper explores the integration of Wireless Controller Area Network (CAN) technology with the Zigbee protocol to enhance data transmission efficiency and security in Zonal Control Unit (ZCU) based systems. By combining Zigbee's wireless capabilities with CAN's established reliability, this integration aims to address these challenges while ensuring robust security measures. The integration of Wireless CAN with Zigbee protocol offers a promising solution to overcome the limitations of traditional wired communication architectures. Utilizing Zigbee's low-power, short-range wireless protocol facilitates seamless communication between ZCU modules, eliminating the need for physical connections and enhancing system flexibility. The adoption of Wireless CAN with Zigbee protocol presents an innovative solution for achieving efficient data transmission and robust data security in ZCU-based systems.
Technical Paper

Automotive security solution using Hardware Security Module (HSM)

2024-10-17
2024-28-0037
., intelligent vehicles with advance safe and secure features but all these advancements come with significant threat of cybersecurity risk. Therefore, providing an automobile that is safe and secure through cyber-attack is also got equal importance. ...In this paper, we will discuss some of the challenges and key application of cybersecurity in the automotive sector. We will also discuss some possible approaches to address these challenges and enhance the security and privacy of automotive systems. ...Certain Automotive cybersecurity applications include Secure ECU communication, Digital signature generation and verification, Secure V2X, In-vehicle infotainment (IVI) security, Secure key management and storage, Secure remote vehicle access and control, and Secure over-the-air (OTA) updates.
Technical Paper

Contextual Study of Security and Privacy in V2X Communication for Architecture & Networking products

2024-10-17
2024-28-0038
In recent times there has been an upward trend in "Connected Vehicles", which has significantly improved not only the driving experience but also the "ownership of the car". The use of state-of-the-art wireless technologies, such as vehicle-to-everything (V2X) connectivity, is crucial for its dependability and safety. V2X also effectively extends the information flow between the transportation ecosystem pedestrians, public infrastructure (traffic management system) and parking infrastructure, charging and fuel stations, Etc. V2X has a lot of potential to enhance traffic flow, boost traffic safety, and provide drivers and operators with new services. One of the fundamental issues is maintaining trustworthy and quick communication between cars and infrastructure. While establishing stable connectivity, reducing interference, and controlling the fluctuating quality of wireless transmissions, we have to ensure the Security and Privacy of V2I.
Research Report

Automated Vehicles and Infrastructure Enablers: Cybersecurity

2024-08-26
EPR2024018
Automated Vehicles and Infrastructure Enablers: Cybersecurity focuses on considerations regarding cybersecurity and AVs from the perspective of V2X infrastructure, including electric charging infrastructure. ...While weaponizing automated vehicles (AVs) seems unlikely, cybersecurity breaches may disrupt automated driving systems’ navigation, operation, and safety—especially with the proliferation of vehicle-to-everything (V2X) technologies. ...Effective cybersecurity standards, physical and digital security practices, and well-thought-out design can provide a layered approach to avoiding and mitigating cyber breaches for advanced driver assistance systems and AVs alike.
Technical Paper

Cybersecurity Approval Criteria: Application of UN R155

2024-07-02
2024-01-2983
The UN R155 regulation is the first automotive cybersecurity regulation and has made security a mandatory approval criterion for new vehicle types. ...These recommendations aim to enhance the comprehensiveness of the security assessment associated with UN R155, fostering a more uniform approach to evaluating cybersecurity in the context of vehicle type approvals.
Technical Paper

Enabling the Security of Global Time in Software-Defined-Vehicles (SGTS, MACsec)

2024-07-02
2024-01-2978
., driver assistance functions, intrusion detection system, vehicle diagnostics, external device authentication during vehicle diagnostics, vehicle-to-grid and so on). The cybersecurity attacks targeting the global time result in false time, accuracy degradation, and denial of service as stated in IETF RFC 7384 [2].
Research Report

Cybersecurity and Digital Trust Issues in Connected and Automated Vehicles

2024-04-22
EPR2024009
On the other hand, the potential risks associated with CAV deployment related to technical vulnerabilities are safety and cybersecurity issues that may arise from flawed hardware and software. Cybersecurity and Digital Trust Issues in Connected and Automated Vehicles elaborates on these topics as unsettled cybersecurity and digital trust issues in CAVs and follows with recommendations to fill in the gaps in this evolving field. ...Cybersecurity and Digital Trust Issues in Connected and Automated Vehicles elaborates on these topics as unsettled cybersecurity and digital trust issues in CAVs and follows with recommendations to fill in the gaps in this evolving field. ...This report also highlights the importance of establishing robust cybersecurity protocols and fostering digital trust in these vehicles to ensure safe and secure deployment in our modern transportation system.
Technical Paper

Evaluating Network Security Configuration (NSC) Practices in Vehicle-Related Android Applications

2024-04-09
2024-01-2881
Android applications have historically faced vulnerabilities to man-in-the-middle attacks due to insecure custom SSL/TLS certificate validation implementations. In response, Google introduced the Network Security Configuration (NSC) as a configuration-based solution to improve the security of certificate validation practices. NSC was initially developed to enhance the security of Android applications by providing developers with a framework to customize network security settings. However, recent studies have shown that it is often not being leveraged appropriately to enhance security. Motivated by the surge in vehicular connectivity and the corresponding impact on user security and data privacy, our research pivots to the domain of mobile applications for vehicles. As vehicles increasingly become repositories of personal data and integral nodes in the Internet of Things (IoT) ecosystem, ensuring their security moves beyond traditional issues to one of public safety and trust.
Technical Paper

Cybersecurity in the Context of Fail-Operational Systems

2024-04-09
2024-01-2808
The development of highly automated driving functions (AD) recently rises the demand for so called Fail-Operational systems for native driving functions like steering and braking of vehicles. Fail-Operational systems shall guarantee the availability of driving functions even in presence of failures. This can also mean a degradation of system performance or limiting a system’s remaining operating period. In either case, the goal is independency from a human driver as a permanently situation-aware safety fallback solution to provide a certain level of autonomy. In parallel, the connectivity of modern vehicles is increasing rapidly and especially in vehicles with highly automated functions, there is a high demand for connected functions, Infotainment (web conference, Internet, Shopping) and Entertainment (Streaming, Gaming) to entertain the passengers, who should no longer occupied with driving tasks.
Technical Paper

Security Requirements for Vehicle Security Gateways

2024-04-09
2024-01-2806
The NMFTA’s Vehicle Cybersecurity Requirements Woking Group (VCRWG), comprised of fleets, OEMs and cybersecurity experts, has worked the past few years to produce security requirements for Vehicle Network Gateways. ...Vehicle Network Gateways play an important role in vehicle cybersecurity – they are the component responsible for assuring vehicle network operations in the presence of untrustworthy devices on the aftermarket or diagnostics connectors.
Technical Paper

Vehicle Cyber Engineering (VCE) Testbed with CLaaS (Cyber-Security Labs as a Service)

2024-04-09
2024-01-2796
The VCE Laboratory testbeds are connected with an Amazon Web Services (AWS) cloud-based Cyber-security Labs as a Service (CLaaS) system, which allows students and researchers to access the testbeds from any place that has a secure internet connection. ...VCE students are assigned predefined virtual machines to perform designated cyber-security experiments. The CLaaS system has low administrative overhead associated with experiment setup and management. ...VCE Laboratory CLaaS experiments have been developed for demonstrating man-in-the-middle cyber-security attacks from actual compromised hardware or software connected with the TestCube.
Technical Paper

Trucking Forward: Intrusion Detection for SAE J1708/J1587 Networks in Heavy-Duty Vehicles

2024-04-09
2024-01-2805
While current cybersecurity endeavors in the heavy-duty (HD) vehicle space focus on securing conventional communication technologies such as the controller area network (CAN), there is a notable deficiency in defensive research concerning legacy technologies, particularly those utilized between trucks and trailers. ...To the best of current knowledge, this publication marks the first presentation of cybersecurity defense research on the SAE J1708/J1587 protocol stack.
Technical Paper

Applying Concolic Testing to the Automotive Domain

2024-04-09
2024-01-2802
Symbolic code execution is a powerful cybersecurity testing approach that facilitates the systematic exploration of all paths within a program to uncover previously unknown cybersecurity vulnerabilities. ...Symbolic code execution is a powerful cybersecurity testing approach that facilitates the systematic exploration of all paths within a program to uncover previously unknown cybersecurity vulnerabilities. This is achieved through a Satisfiability Modulo Theory (SMT) solver, which operates on symbolic values for program inputs instead of using their concrete counterparts.
Technical Paper

A Comprehensive Training Approach for Automotive Cybersecurity Engineering

2024-04-09
2024-01-2800
A significant milestone in advancing cybersecurity within the automotive industry is the release of the first international standard for automotive cybersecurity ISO/SAE 21434:2021 ‘Road Vehicles — Cybersecurity Engineering’. A recently published type approval regulation for automotive cybersecurity (UN R155) is also tailored for member countries of the UNECE WP.29 alliance. ...Thus, the challenges for embedded automotive systems engineers are increasing while frameworks, tools and shared concepts for cybersecurity engineering and training are scarce. Hence, cybersecurity training in the automotive domain necessitates an understanding of domain-specific intricacies and the unique challenges at the intersection of cybersecurity and embedded systems engineering, elevating the need for improving the skill set and knowledge of automotive cybersecurity engineers. ...Hence, cybersecurity training in the automotive domain necessitates an understanding of domain-specific intricacies and the unique challenges at the intersection of cybersecurity and embedded systems engineering, elevating the need for improving the skill set and knowledge of automotive cybersecurity engineers. This paper delves into an automotive cybersecurity training concept aimed at enhancing the proficiency of development engineers.
Technical Paper

A Zero Trust Architecture for Automotive Networks

2024-04-09
2024-01-2793
Since the early 1990’s, commercial vehicles have suffered from repeated vulnerability exploitations that resulted in a need for improved automotive cybersecurity. This paper outlines the strategies and challenges of implementing an automotive Zero Trust Architecture (ZTA) to secure intra-vehicle networks. ...This research successfully met the four requirements and demonstrated that using ZT principles in an on-vehicle network greatly improved the cybersecurity posture with manageable impact to system performance and deployment.
Technical Paper

Cybersecurity Rating Framework and Its Application to J1939-91C Standard

2024-04-09
2024-01-2803
UNECE R155 explicitly references ISO/SAE 21434 and mandates a certified cybersecurity management system (CSMS) as a prerequisite for automotive manufacturers to achieve vehicle type approval and sell new vehicle types. ...However, the gap in the CSMS framework is a lack in a standardized system that provides guidance and common criteria for automakers to measure a vehicle’s level of compliance and compute a publicly accepted cybersecurity rating. To help establish increased consumer confidence, OEMs and smart mobility stakeholders could take additional proactive steps to ensure the safety and security of their products. ...This paper addresses the above requirement and discusses the cybersecurity rating framework (CSRF) that could establish a framework for rating vehicle cybersecurity by standardizing the measurement criteria, parameter vectors, process, and tools.
Technical Paper

Integrating Functional and Component-Level Threat Analyses in Automotive Systems: A Holistic Approach to Risk Assessment

2024-04-09
2024-01-2797
This method's detailed approach ensures that cybersecurity requirements can be readily implemented as a part of feature design, addressing the concerns of feature owners directly. ...This paper will discuss the merits of asset based approach to cybersecurity over attack based recognizing the inherent strengths and limitations of both methods and underscores the need for a unified approach.
Technical Paper

Automated TARA Framework for Cybersecurity Compliance of Heavy Duty Vehicles

2024-04-09
2024-01-2809
Consequently, rise of this technological trend is bringing forth safety and cybersecurity challenges in form of new threats, hazards and vulnerabilities. As per the recent UN vehicle regulation 155, several risk-based security models and assessment frameworks have been proposed to counter the growing cybersecurity issues, however, the high budgetary cost to develop the tool and train personnel along with high risk of leakage of trade secrets, hinders the automotive manufacturers from adapting these third party solutions. ...As per the recent UN vehicle regulation 155, several risk-based security models and assessment frameworks have been proposed to counter the growing cybersecurity issues, however, the high budgetary cost to develop the tool and train personnel along with high risk of leakage of trade secrets, hinders the automotive manufacturers from adapting these third party solutions.
X