Refine Your Search

Topic

Search Results

Technical Paper

Cybersecurity Testing and Validation

2017-03-28
2017-01-1655
We also consider the necessary scope and depth of cybersecurity testing and suggest examples of how this can be related to cybersecurity requirements, goals and integrity levels, as determined by the threat analysis and risk assessment. ...An essential part of an effective cybersecurity engineering process is testing the implementation of a system for vulnerabilities and validating the effectiveness of countermeasures. ...The SAE J3061 Cybersecurity Guidebook for Cyber-Physical Vehicle Systems provides a recommended framework which organizations can use to implement a cybersecurity engineering process, which includes activities such as integration and testing, penetration testing and verification/validation of cybersecurity requirements at the hardware, software and system levels.
Technical Paper

Secure CAN Logging

2021-04-06
2021-01-0136
However, CAN protocols are vulnerable from a cybersecurity perspective in that they have no mechanism for authentication or authorization. Attacks on vehicle CAN systems present a risk to driver privacy and possibly driver safety. ...Therefore, developing new tools and techniques to detect cybersecurity threats within CAN networks is a critical research topic. A key component of this research is compiling a large database of representative CAN data from operational vehicles on the road.
Technical Paper

Lessons Learned in Inter-Organization Virtual Integration

2018-10-30
2018-01-1944
The SAE AS2C Standard AS5506C Architecture Analysis and Description Language (AADL) is a modeling language for predictive analysis of real-time software reliant, safety and cybersecurity critical systems that provides both the precision of formal modeling and the tool-agnostic freedom of a text-based representation. ...AADL supports multiple domains of architectural analysis such as timing, latency, resources, safety, scheduling, and cybersecurity. Adventium Labs conducted an exercise to determine the applicability of software engineering practices (e.g., continuous integration (CI), application programming interface (API) sharing, test driven development (TDD)) to the AADL-based Architecture Centric Virtual Integration Process (ACVIP).
Technical Paper

Introducing Attribute-Based Access Control to AUTOSAR

2016-04-05
2016-01-0069
Cyber security concerns in the automotive industry have been constantly increasing as automobiles are more computerized and networked. AUTOSAR is the standard architecture for automotive software development, addressing various aspects including security. The current version of AUTOSAR is concerned with only cryptography-based security for secure authentication at the communication level. However, there has been an increasing need for authorization security to control access on software resources such as data and services in the automobile. In this paper, we introduce attribute-based access control (ABAC) to AUTOSAR to address authorization in automotive software.
Technical Paper

Proposal of HILS-Based In-Vehicle Network Security Verification Environment

2018-04-03
2018-01-0013
We propose a security-testing framework to analyze attack feasibilities for automotive control software by integrating model-based development with model checking techniques. Many studies have pointed out the vulnerabilities in the Controller Area Network (CAN) protocol, which is widely used in in-vehicle network systems. However, many security attacks on automobiles did not explicitly consider the transmission timing of CAN packets to realize vulnerabilities. Additionally, in terms of security testing for automobiles, most existing studies have only focused on the generation of the testing packets to realize vulnerabilities, but they did not consider the timing of invoking a security testing. Therefore, we focus on the transmit timing of CAN packets to realize vulnerabilities. In our experiments, we have demonstrated the classification of feasible attacks at the early development phase by integrating the model checking techniques into a virtualized environment.
Technical Paper

Test Method for the SAE J3138 Automotive Cyber Security Standard

2020-04-14
2020-01-0142
This paper will provide an Overview of Automotive Cyber Security Standards related to the Vehicle OBD-II Data Link. The OBD-II Connector Attack Tree is described with respect to the SAE J3138 requirements for Intrusive vs. non-Intrusive Services. A proposed test method for SAE J3138 is described including hardware and software scripting. Finally, example test results are reviewed and compared with a potential threat boundary.
Technical Paper

UAS Behaviour and Consistency Monitoring System for Countering Cyber Security Threats

2014-09-16
2014-01-2131
Upon their arrival, Unmanned Autonomous Systems (UAS) brought with them many benefits for those involved in a military campaign. They can use such systems to reconnoiter dangerous areas, provide 24-hr aerial security surveillance for force protection purposes or even attack enemy targets all the while avoiding friendly human losses in the process. Unfortunately, these platforms also carry the inherent risk of being built on innately vulnerable cybernetic systems. From software which can be tampered with to either steal data, damage or even outright steal the aircraft, to the data networks used for communications which can be jammed or even eavesdropped on to gain access to sensible information. All this has the potential to turn the benefits of UAS into liabilities and although the last decade has seen great advances in the development of protection and countermeasures against the described threats and beyond the risk still endures.
Technical Paper

Selftrust - A Practical Approach for Trust Establishment

2020-04-14
2020-01-0720
In recent years, with increase in external connectivity (V2X, telematics, mobile projection, BYOD) the automobile is becoming a target of cyberattacks and intrusions. Any such intrusion reduces customer trust in connected cars and negatively impacts brand image (like the recent Jeep Cherokee hack). To protect against intrusion, several mechanisms are available. These range from a simple secure CAN to a specialized symbiote defense software. A few systems (e.g. V2X) implement detection of an intrusion (defined as a misbehaving entity). However, most of the mechanisms require a system-wide change which adds to the cost and negatively impacts the performance. In this paper, we are proposing a practical and scalable approach to intrusion detection. Some benefits of our approach include use of existing security mechanisms such as TrustZone® and watermarking with little or no impact on cost and performance. In addition, our approach is scalable and does not require any system-wide changes.
Technical Paper

Safety Development Trend of the Intelligent and Connected Vehicle

2020-04-14
2020-01-0085
Automotive safety is always the focus of consumers, the selling point of products, the focus of technology. In order to achieve automatic driving, interconnection with the outside world, human-automatic system interaction, the security connotation of intelligent and connected vehicles (ICV) changes: information security is the basis of its security. Functional safety ensures that the system is operating properly. Behavioral safety guarantees a secure interaction between people and vehicles. Passive security should not be weakened, but should be strengthened based on new constraints. In terms of information safety, the threshold for attacking cloud, pipe, and vehicle information should be raised to ensure that ICV system does not fail due to malicious attacks. The cloud is divided into three cloud platforms according to functions: ICVs private cloud, TSP cloud, public cloud.
Journal Article

Safe and Secure Software Updates Over The Air for Electronic Brake Control Systems

2016-09-18
2016-01-1948
Vehicle manufacturers are suffering from increasing expenses for fixing software issues. This fact is mainly driving their desire to use mobile communication channels for doing Software Updates Over The Air (SOTA). Software updates today are typically done at vehicle service stations by connecting the vehicles’ electronic network via the On Board Diagnostic (OBD) interface to a service computer. These operations are done under the control of trained technicians. SOTA means that the update process must get handled by the driver. Two critical aspects need to get considered when doing SOTA at Electronic Brake Control (EBC) systems. Both will determine the acceptance of SOTA by legal authorities and by the passengers: The safety and security of the vehicle The availability of the vehicle for the passengers The security aspect includes the necessity to protect the vehicle and the manufacturers IP from unwanted attacks.
Technical Paper

Is the Age of the Automotive V-model Over?

2021-04-06
2021-01-0065
The V-model has been central to rigorous vehicle engineering for decades. However, there are three factors that could be used to argue whether the V-model is still a good fit for the automotive industry as we move into the connected autonomous vehicle (CAV) era. The first is the shift during development towards simulation to reduce costs, which means that testing runs can be done quickly, reminiscent of the software development AGILE methodology. The second is the need to monitor vehicles after production due to ever-increasing software functionality on a vehicle. This is for two reasons: firstly, the software over the lifetime of the vehicle would need updating, and secondly, monitoring is required for incident response in the event of a cyber-attack. Since the V-model traditionally doesn't consider the product after the vehicle enters the market, there is an absence of a widely accepted model to follow.
Technical Paper

Deep Learning based Real Time Vulnerability fixes Verification Mechanism for Automotive firmware/Software

2021-04-06
2021-01-0183
Software vulnerability management is one of the most critical and crucial security techniques, which analyzes the automotive software/firmware across the digital cockpit, ADAS, V2X, etc. domains for vulnerabilities, and provides security patches for the concerned Common Vulnerabilities and Exposures (CVE). The process of automotive SW/FW vulnerability management system between the OEMs and vendors happen through a channel of fixing a certain number of vulnerabilities by 1st tier supplier which needs to be verified in front of OEMs for the fixed number and type of patches in there deliverable SW/FW. The gap of verification between for the fixed patches between the OEMs and 1st tier supplier requires a reliable human independent intelligent technique to have a trustworthiness of verification.
Technical Paper

Securing J1939 Communications Using Strong Encryption with FIPS 140-2

2017-03-28
2017-01-0020
Since 2001, all sensitive information of U.S. Federal Agencies has been protected by strong encryption mandated by the Federal Information Processing Standards (FIPS) 140-2 Security Requirements. The requirements specify a formal certification process. The process ensures that validated encryption modules have implemented the standard, and have passed a rigorous testing and review processes. Today, this same strong security protection has become possible for vehicle networks using modern, cost-effective encryption in hardware. This paper introduces the motivation and context for the encryption diagnostics security in terms of all vehicles in general, not just trucks which use SAE J1939 communications. Several practical scenarios for using such encryption hardware and the advantages of using hardware compared to software private-key encryption and public-key encryption are described.
Technical Paper

An Analysis of Secure Software Development Lifecycle from an Automotive Development Perspective

2016-04-05
2016-01-0040
The modern vehicle development is highly dependent on software. The software development plays an extremely important role in vehicle safety and security. In order to ensure software high quality and safety standards, we have investigated the secure software development process and analyzed the works in this area. Based on our analysis, we have identified the similarities and differences between the secure software development process and the existing vehicle development process. We then made suggestions on how to adopt the secure software development process in the overall vehicle development process.
Technical Paper

Recognizing Manipulated Electronic Control Units

2015-04-14
2015-01-0202
Combatting the modification of automotive control systems is a current and future challenge for OEMs and suppliers. ‘Chip-tuning’ is a manifestation of manipulation of a vehicle's original setup and calibration. With the increase in automotive functions implemented in software and corresponding business models, chip tuning will become a major concern. Recognizing and reporting of tuned control units in a vehicle is required for technical as well as legal reasons. This work approaches the problem by capturing the behavior of relevant control units within a machine learning system called a recognition module. The recognition module continuously monitors vehicle's sensor data. It comprises a set of classifiers that have been trained on the intended behavior of a control unit before the vehicle is delivered. When the vehicle is on the road, the recognition module uses the classifier together with current data to ascertain that the behavior of the vehicle is as intended.
Technical Paper

Hardware/Software Co-Design of an Automotive Embedded Firewall

2017-03-28
2017-01-1659
The automotive industry experiences a major change as vehicles are gradually becoming a part of the Internet. Security concepts based on the closed-world assumption cannot be deployed anymore due to a constantly changing adversary model. Automotive Ethernet as future in-vehicle network and a new E/E Architecture have different security requirements than Ethernet known from traditional IT and legacy systems. In order to achieve a high level of security, a new multi-layer approach in the vehicle which responds to special automotive requirements has to be introduced. One essential layer of this holistic security concept is to restrict non-authorized access by the deployment of embedded firewalls. This paper addresses the introduction of automotive firewalls into the next-generation domain architecture with a focus on partitioning of its features in hardware and software.
Technical Paper

Experimental Setup Enabling Self-Confrontation Interviews for Modelling Naturalistic Driving Behavior

2019-04-02
2019-01-1082
Behavioral models of traffic actors have a potential of unlocking sophisticated safety features and mitigating several challenges of urban automated driving. Intuitively, volunteers driving on routes of daily commuting in their private vehicles are the preferred source of information to be captured by data collection system. Such dataset can then serve as a basis for identifying efficient methods of context representation and parameterization of behavioral models. This paper describes the experimental setup supporting the development of driver behavioral models within the SIMUSAFE project. In particular, the paper presents an IoT data acquisition and analysis infrastructure supporting self-confrontation interviews with drivers. The proposed retrofit system was installed in private vehicles of volunteers in two European cities. Wherever possible, the setup used open source software and electronic components available on consumer market.
X