Refine Your Search

Search Results

Viewing 1 to 5 of 5
Technical Paper

Cyber-security for Engine ECUs: Past, Present and Future

2015-09-01
2015-01-1998
In this paper, we outline past, present and future applications of automotive security for engine ECUs. Electronic immobilizers and anti-tuning countermeasures have been used for several years. Recently, OEMs and suppliers are facing more and more powerful attackers, and as a result, have introduced stronger countermeasures based on hardware security. Finally, with the advent of connected cars, it is expected that many things that currently require a physical connection will be done remotely in a near future. This includes remote diagnostics, reprogramming and engine calibration.
Technical Paper

Securing J1939 Communications Using Strong Encryption with FIPS 140-2

2017-03-28
2017-01-0020
Since 2001, all sensitive information of U.S. Federal Agencies has been protected by strong encryption mandated by the Federal Information Processing Standards (FIPS) 140-2 Security Requirements. The requirements specify a formal certification process. The process ensures that validated encryption modules have implemented the standard, and have passed a rigorous testing and review processes. Today, this same strong security protection has become possible for vehicle networks using modern, cost-effective encryption in hardware. This paper introduces the motivation and context for the encryption diagnostics security in terms of all vehicles in general, not just trucks which use SAE J1939 communications. Several practical scenarios for using such encryption hardware and the advantages of using hardware compared to software private-key encryption and public-key encryption are described.
Journal Article

Improvement of the Resilience of a Cyber-Physical Remote Diagnostic Communication System against Cyber Attacks

2019-04-02
2019-01-0112
In the near future, vehicles will operate autonomously and communicate with their environment. This communication includes Vehicle-to-Vehicle (V2V), Vehicle-to-Infrastructure (V2I) communication, and comunication with cloud-based servers (V2C). To improve the resilience of remote diagnostic communication between a vehicle and external test equipment against cyberattacks, it is imperative to understand and analyze the functionality and vulnerability of each communication system component, including the wired and wireless communication channels. This paper serves as a continuation of the SAE Journal publication on measures to prevent unauthorized access to the in-vehicle E/E system [9], explains the components of a cyber-physical system (CPS) for remote diagnostic communication, analyzes their vulnerability against cyberattacks and explains measures to improve the resiliance.
Journal Article

Chip and Board Level Digital Forensics of Cummins Heavy Vehicle Event Data Recorders

2020-04-14
2020-01-1326
Crashes involving Cummins powered heavy vehicles can damage the electronic control module (ECM) containing heavy vehicle event data recorder (HVEDR) records. When ECMs are broken and data cannot be extracted using vehicle diagnostics tools, more invasive and low-level techniques are needed to forensically preserve and decode HVEDR data. A technique for extracting non-volatile memory contents using non-destructive board level techniques through the available in-circuit debugging port is presented. Additional chip level data extraction techniques can also provide access to the HVEDR data. Once the data is obtained and preserved in a forensically sound manner, the binary record is decoded to reveal typical HVDER data like engine speed, vehicle speed, accelerator pedal position, and other status data. The memory contents from the ECM can be written to a surrogate and decoded with traditional maintenance and diagnostic software.
X