Considering the increasing demand for vehicle intelligence, more and more students, engineers and researchers are involved in this field. It can be challenging, however, to gain an understanding of the growing variety of intelligent vehicle technologies and how they must function together effectively as a system. This course provides an overview of state-of-the-art intelligent vehicles, presents a systematic framework for intelligent technologies and vehicle-level architecture, and introduces testing methodologies to evaluate individual and integrated intelligent functions.
This course has been developed for the Chinese auto industry to provide engineers and software developers involved in V2X and related industries with important knowledge about vehicle cybersecurity, including basic cybersecurity practices, interpretation of SAE J3061 standards, connected vehicle attack & defense approaches and the Security Development Lifecycle (SDL).
The V-model has been central to rigorous vehicle engineering for decades. However, there are three factors that could be used to argue whether the V-model is still a good fit for the automotive industry as we move into the connected autonomous vehicle (CAV) era. The first is the shift during development towards simulation to reduce costs, which means that testing runs can be done quickly, reminiscent of the software development AGILE methodology. The second is the need to monitor vehicles after production due to ever-increasing software functionality on a vehicle. This is for two reasons: firstly, the software over the lifetime of the vehicle would need updating, and secondly, monitoring is required for incident response in the event of a cyber-attack. Since the V-model traditionally doesn't consider the product after the vehicle enters the market, there is an absence of a widely accepted model to follow.
Therefore, modern cybersecurity validation is highly stressed for finding security vulnerabilities and robustness issues early and systematically at every stage of the product development process. ...The integration of a sophisticated fuzz testing program within the overall cybersecurity validation strategy allows for accommodating towards these challenging demands. In this paper, we review a general automotive cybersecurity engineering process containing functional testing, vulnerability scanning and penetration testing, and highlight which of its shortcomings can be complemented by fuzz testing. ...In this paper, we review a general automotive cybersecurity engineering process containing functional testing, vulnerability scanning and penetration testing, and highlight which of its shortcomings can be complemented by fuzz testing.
We present in this paper the context surrounding cybersecurity metrics from literature and highlight the first potential steps towards a common understanding of how much cybersecurity is enough. With the increased need for cybersecurity in automotive systems due to the development of more advanced technologies and corresponding increased threat vectors, coupled with the new ISO/SAE 21434 cybersecurity standard for automotive systems and cybersecurity regulations in UNECE WP.29, it is becoming increasingly important for auto manufacturers and suppliers to have a clear and common understanding and agreement of cybersecurity metrics for the development and deployment of vehicles. ...With the increased need for cybersecurity in automotive systems due to the development of more advanced technologies and corresponding increased threat vectors, coupled with the new ISO/SAE 21434 cybersecurity standard for automotive systems and cybersecurity regulations in UNECE WP.29, it is becoming increasingly important for auto manufacturers and suppliers to have a clear and common understanding and agreement of cybersecurity metrics for the development and deployment of vehicles. ...Cybersecurity for automotive systems is challenging and one of the major challenges is how to measure this system property.
However, CAN protocols are vulnerable from a cybersecurity perspective in that they have no mechanism for authentication or authorization. Attacks on vehicle CAN systems present a risk to driver privacy and possibly driver safety. ...Therefore, developing new tools and techniques to detect cybersecurity threats within CAN networks is a critical research topic. A key component of this research is compiling a large database of representative CAN data from operational vehicles on the road.
Recent developments in the commercialization of mobility services have brought unprecedented connectivity to the automotive sector. While the adoption of connected features provides significant benefits to vehicle owners, adversaries may leverage zero-day attacks to target the expanded attack surface and make unauthorized access to sensitive data. Protecting new generations of automotive controllers against malicious intrusions requires solutions that do not depend on conventional countermeasures, which often fall short when pitted against sophisticated exploitation attempts. In this paper, we describe some of the latent risks in cur-rent automotive systems along with a well-engineered multi-layer defense strategy. Further, we introduce a novel and comprehensive attack and performance test framework which considers state-of-the-art memory corruption attacks, counter-measures and evaluation methods.
Software vulnerability management is one of the most critical and crucial security techniques, which analyzes the automotive software/firmware across the digital cockpit, ADAS, V2X, etc. domains for vulnerabilities, and provides security patches for the concerned Common Vulnerabilities and Exposures (CVE). The process of automotive SW/FW vulnerability management system between the OEMs and vendors happen through a channel of fixing a certain number of vulnerabilities by 1st tier supplier which needs to be verified in front of OEMs for the fixed number and type of patches in there deliverable SW/FW. The gap of verification between for the fixed patches between the OEMs and 1st tier supplier requires a reliable human independent intelligent technique to have a trustworthiness of verification.
This paper presents the results of a study of the malware, which will affect the Internet of Things (IoT) and its implications for aviation. First, the Delphi methodology is used in order to identify the type of malware which will be more prevalent in IoT devices. Second, several models are developed using system dynamics to study the propagation of malware, and recent cases are simulated (e.g., Sartori Botnet) to study the dynamics of propagation and potential schemes of protection. Third, a generic risk management framework is presented and discussed. Then, guidelines for the aviation industry are considered.
The international standards D-326A (U.S.) and ED-202A (Europe) titled "Airworthiness Security Process Specification" are the cornerstones of the "DO-326/ED-202 Set" and they are the only Acceptable Means of Compliance (AMC) by FAA & EASA for aviation cyber-security airworthiness certification, as of 2019. The "DO-326/ED-202 Set" also includes companion documents DO-356A/ED-203A: "Airworthiness Security Methods and Considerations" & DO-355/ED-204: "Information Security Guidance for Continuing Airworthiness" (U.S. & Europe) and ED-201: "Aeronautical Information System Security (AISS) Framework Guidance" & ED-205: "Process Standard for Security Certification / Declaration of Air Traffic Management / Air Navigation Services (ATM/ANS) Ground Systems“ (Europe only).