Refine Your Search

Topic

Search Results

Viewing 1 to 14 of 14
Technical Paper

Information Security Risk Management of Vehicles

2018-04-03
2018-01-0015
The results of this work is allowed to identify a number of cybersecurity threats of the automated security-critical automotive systems, which reduces the efficiency of operation, road safety and system safety. ...According to the evaluating criterion of board electronics, the presence of poorly-protected communication channels, the 75% of the researched modern vehicles do not meet the minimum requirements of cybersecurity due to the danger of external blocking of vital systems. The revealed vulnerabilities of the security-critical automotive systems lead to the necessity of developing methods for mechanical and electronic protection of the modern vehicle. ...The law of normal distribution of the mid-points of the expert evaluation of the cyber-security of a modern vehicle has been determined. Based on the system approach, ranking of the main cybersecurity treats is performed.
Technical Paper

Hypervisor Implementation in Vehicle Networks

2020-04-14
2020-01-1334
The hypervisor offers many benefits to the vehicle architecture, both operationally and with cybersecurity. The proposed mitigant provides the structure to partition the various VMs. This allows for the different functions to be managed within their own distinct VM. ...While the cybersecurity applications are numerous, there are also the operational benefits. The hypervisor is designed to not only manage the VMs, but also to increase the efficiency of these via resource management.
Technical Paper

Optimizing CAN Bus Security with In-Place Cryptography

2019-01-16
2019-01-0098
In-vehicle networks used for inter-ECU communication, most commonly the CAN bus, were not designed with cybersecurity in mind, and as a result, communication by corrupt devices connected to the bus is not authenticated.
Technical Paper

State of the Art Survey on Comparison of Physical Fingerprinting-Based Intrusion Detection Techniques for In-Vehicle Security

2020-04-14
2020-01-0721
Controller area network (CAN) is used as a legacy protocol for in-vehicle communication. However, it lacks basic security features such as message authentication, integrity, confidentiality, etc., because the sender information in the message is missing. Hence, it is prone to different attacks like spoofing attacks, denial of service attacks, man in the middle and masquerade attacks. Researchers have proposed various techniques to detect and prevent these attacks, which can be split into two classes: (a) MAC-based techniques and (b) intrusion detection-based techniques. Further, intrusion detection systems can be divided into four categories: (i) message parameter- based, (ii) entropy-based, (iii) machine Learning-based and (iv) fingerprinting-based. This paper details state-of- the-art survey of fingerprinting-based intrusion detection techniques. In addition, the advantages and limitations of different fingerprinting-based intrusion detection techniques methods will be discussed.
Technical Paper

Communication Requirements for Plug-In Electric Vehicles

2011-04-12
2011-01-0866
This paper is the second in the series of documents designed to record the progress of a series of SAE documents - SAE J2836™, J2847, J2931, & J2953 - within the Plug-In Electric Vehicle (PEV) Communication Task Force. This follows the initial paper number 2010-01-0837, and continues with the test and modeling of the various PLC types for utility programs described in J2836/1™ & J2847/1. This also extends the communication to an off-board charger, described in J2836/2™ & J2847/2 and includes reverse energy flow described in J2836/3™ and J2847/3. The initial versions of J2836/1™ and J2847/1 were published early 2010. J2847/1 has now been re-opened to include updates from comments from the National Institute of Standards Technology (NIST) Smart Grid Interoperability Panel (SGIP), Smart Grid Architectural Committee (SGAC) and Cyber Security Working Group committee (SCWG).
Technical Paper

Research on CAN Network Security Aspects and Intrusion Detection Design

2017-09-23
2017-01-2007
With the rapid development of vehicle intelligent and networking technology, the IT security of automotive systems becomes an important area of research. In addition to the basic vehicle control, intelligent advanced driver assistance systems, infotainment systems will all exchange data with in-vehicle network. Unfortunately, current communication network protocols, including Controller Area Network (CAN), FlexRay, MOST, and LIN have no security services, such as authentication or encryption, etc. Therefore, the vehicle are unprotected against malicious attacks. Since CAN bus is actually the most widely used field bus for in-vehicle communications in current automobiles, the security aspects of CAN bus is focused on. Based on the analysis of the current research status of CAN bus network security, this paper summarizes the CAN bus potential security vulnerabilities and the attack means.
Technical Paper

Proposal of HILS-Based In-Vehicle Network Security Verification Environment

2018-04-03
2018-01-0013
We propose a security-testing framework to analyze attack feasibilities for automotive control software by integrating model-based development with model checking techniques. Many studies have pointed out the vulnerabilities in the Controller Area Network (CAN) protocol, which is widely used in in-vehicle network systems. However, many security attacks on automobiles did not explicitly consider the transmission timing of CAN packets to realize vulnerabilities. Additionally, in terms of security testing for automobiles, most existing studies have only focused on the generation of the testing packets to realize vulnerabilities, but they did not consider the timing of invoking a security testing. Therefore, we focus on the transmit timing of CAN packets to realize vulnerabilities. In our experiments, we have demonstrated the classification of feasible attacks at the early development phase by integrating the model checking techniques into a virtualized environment.
Technical Paper

Selftrust - A Practical Approach for Trust Establishment

2020-04-14
2020-01-0720
In recent years, with increase in external connectivity (V2X, telematics, mobile projection, BYOD) the automobile is becoming a target of cyberattacks and intrusions. Any such intrusion reduces customer trust in connected cars and negatively impacts brand image (like the recent Jeep Cherokee hack). To protect against intrusion, several mechanisms are available. These range from a simple secure CAN to a specialized symbiote defense software. A few systems (e.g. V2X) implement detection of an intrusion (defined as a misbehaving entity). However, most of the mechanisms require a system-wide change which adds to the cost and negatively impacts the performance. In this paper, we are proposing a practical and scalable approach to intrusion detection. Some benefits of our approach include use of existing security mechanisms such as TrustZone® and watermarking with little or no impact on cost and performance. In addition, our approach is scalable and does not require any system-wide changes.
Journal Article

Safe and Secure Software Updates Over The Air for Electronic Brake Control Systems

2016-09-18
2016-01-1948
Vehicle manufacturers are suffering from increasing expenses for fixing software issues. This fact is mainly driving their desire to use mobile communication channels for doing Software Updates Over The Air (SOTA). Software updates today are typically done at vehicle service stations by connecting the vehicles’ electronic network via the On Board Diagnostic (OBD) interface to a service computer. These operations are done under the control of trained technicians. SOTA means that the update process must get handled by the driver. Two critical aspects need to get considered when doing SOTA at Electronic Brake Control (EBC) systems. Both will determine the acceptance of SOTA by legal authorities and by the passengers: The safety and security of the vehicle The availability of the vehicle for the passengers The security aspect includes the necessity to protect the vehicle and the manufacturers IP from unwanted attacks.
Technical Paper

A Safety and Security Testbed for Assured Autonomy in Vehicles

2020-04-14
2020-01-1291
Connectivity and autonomy in vehicles promise improved efficiency, safety and comfort. The increasing use of embedded systems and the cyber element bring with them many challenges regarding cyberattacks which can seriously compromise driver and passenger safety. Beyond penetration testing, assessment of the security vulnerabilities of a component must be done through the design phase of its life cycle. This paper describes the development of a benchtop testbed which allows for the assurance of safety and security of components with all capabilities from Model-in-loop to Software-in-loop to Hardware-in-loop testing. Environment simulation is obtained using the AV simulator, CARLA which provides realistic scenarios and sensor information such as Radar, Lidar etc. MATLAB runs the vehicle, powertrain and control models of the vehicle allowing for the implementation and testing of customized models and algorithms.
Technical Paper

Securing J1939 Communications Using Strong Encryption with FIPS 140-2

2017-03-28
2017-01-0020
Since 2001, all sensitive information of U.S. Federal Agencies has been protected by strong encryption mandated by the Federal Information Processing Standards (FIPS) 140-2 Security Requirements. The requirements specify a formal certification process. The process ensures that validated encryption modules have implemented the standard, and have passed a rigorous testing and review processes. Today, this same strong security protection has become possible for vehicle networks using modern, cost-effective encryption in hardware. This paper introduces the motivation and context for the encryption diagnostics security in terms of all vehicles in general, not just trucks which use SAE J1939 communications. Several practical scenarios for using such encryption hardware and the advantages of using hardware compared to software private-key encryption and public-key encryption are described.
Technical Paper

CAN Crypto FPGA Chip to Secure Data Transmitted Through CAN FD Bus Using AES-128 and SHA-1 Algorithms with A Symmetric Key

2017-03-28
2017-01-1612
Robert Bosch GmBH proposed in 2012 a new version of communication protocol named as Controller area network with Flexible Data-Rate (CANFD), that supports data frames up to 64 bytes compared to 8 bytes of CAN. With limited data frame size of CAN message, and it is impossible to be encrypted and secured. With this new feature of CAN FD, we propose a hardware design - CAN crypto FPGA chip to secure data transmitted through CAN FD bus by using AES-128 and SHA-1 algorithms with a symmetric key. AES-128 algorithm will provide confidentiality of CAN message and SHA-1 algorithm with a symmetric key (HMAC) will provide integrity and authentication of CAN message. The design has been modeled and verified by using Verilog HDL – a hardware description language, and implemented successfully into Xilinx FPGA chip by using simulation tool ISE (Xilinx).
Technical Paper

Dyno-in-the-Loop: An Innovative Hardware-in-the-Loop Development and Testing Platform for Emerging Mobility Technologies

2020-04-14
2020-01-1057
Today’s transportation is quickly transforming with the nascent advent of connectivity, automation, shared-mobility, and electrification. These technologies will not only affect our safety and mobility, but also our energy consumption, and environment. As a result, it is of unprecedented importance to understand the overall system impacts due to the introduction of these emerging technologies and concepts. Existing modeling tools are not able to effectively capture the implications of these technologies, not to mention accurately and reliably evaluating their effectiveness with a reasonable scope. To address these gaps, a dynamometer-in-the-loop (DiL) development and testing approach is proposed which integrates test vehicle(s), chassis dynamometer, and high fidelity traffic simulation tools, in order to achieve a balance between the model accuracy and scalability of environmental analysis for the next generation of transportation systems.
X