Search Results

The lack of inherent security controls makes traditional Controller Area Network (CAN) buses vulnerable to Machine-In-The-Middle (MitM) cybersecurity attacks. Conventional vehicular MitM attacks involve tampering with the hardware to directly manipulate CAN bus traffic.

What standardization is needed to ensure that quantum technologies do not pose an unacceptable risk from an automotive cybersecurity perspective? Click here to access the full SAE EDGETM Research Report portfolio.

A ranked list of value exchanges is created based on the impact of cybersecurity on the stakeholder map. System level-losses are identified from high impact value exchanges, which can then be fed into the step 1 of STPA-Sec analysis.

Since the early 1990’s, commercial vehicles have suffered from repeated vulnerability exploitations that resulted in a need for improved automotive cybersecurity. This paper outlines the strategies and challenges of implementing an automotive Zero Trust Architecture (ZTA) to secure intra-vehicle networks. ...This research successfully met the four requirements and demonstrated that using ZT principles in an on-vehicle network greatly improved the cybersecurity posture with manageable impact to system performance and deployment.

While current cybersecurity endeavors in the heavy-duty (HD) vehicle space focus on securing conventional communication technologies such as the controller area network (CAN), there is a notable deficiency in defensive research concerning legacy technologies, particularly those utilized between trucks and trailers. ...To the best of current knowledge, this publication marks the first presentation of cybersecurity defense research on the SAE J1708/J1587 protocol stack.

Using a wireless medium for tractor-trailer communication will bring new cybersecurity challenges and requirements which requires new development and lifecycle considerations.

The article also focus on innovative approaches that have recently adopted my many cybersecurity professionals for secured operation of ITS involving block-chain, artificial intelligence, and Machine Learning.

The aircraft lifecycle involves thousands of transactions and an enormous amount of data being exchanged across the stakeholders in the aircraft ecosystem. This data pertains to various aircraft life cycle stages such as design, manufacturing, certification, operations, maintenance, and disposal of the aircraft. All participants in the aerospace ecosystem want to leverage the data to deliver insight and add value to their customers through existing and new services while protecting their own intellectual property. The exchange of data between stakeholders in the ecosystem is involved and growing exponentially. This necessitates the need for standards on data interoperability to support efficient maintenance, logistics, operations, and design improvements for both commercial and military aircraft ecosystems. A digital thread defines an approach and a system which connects the data flows and represents a holistic view of an asset data across its lifecycle.

This paper is the second in the series of documents designed to record the progress of a series of SAE documents - SAE J2836™, J2847, J2931, & J2953 - within the Plug-In Electric Vehicle (PEV) Communication Task Force. This follows the initial paper number 2010-01-0837, and continues with the test and modeling of the various PLC types for utility programs described in J2836/1™ & J2847/1. This also extends the communication to an off-board charger, described in J2836/2™ & J2847/2 and includes reverse energy flow described in J2836/3™ and J2847/3. The initial versions of J2836/1™ and J2847/1 were published early 2010. J2847/1 has now been re-opened to include updates from comments from the National Institute of Standards Technology (NIST) Smart Grid Interoperability Panel (SGIP), Smart Grid Architectural Committee (SGAC) and Cyber Security Working Group committee (SCWG).

In the past, research on blockchain technology has addressed security and privacy concerns within intelligent transportation systems for critical V2I and V2V communications that form the backbone of Internet of Vehicles. Within trucking industry, a recent trend has been observed towards the use of blockchain technology for operations. Industry stakeholders are particularly looking forward to refining status quo contract management and vehicle maintenance processes through blockchains. However, the use of blockchain technology for enhancing vehicle performance in fleets, especially while considering the fact that modern-day intelligent vehicles are prone to cyber security threats, is an area that has attracted less attention. In this paper, we demonstrate a case study that makes use of blockchains to securely optimize the fuel economy of fleets that do package pickup and delivery (P&D) in urban areas.

Multiple approaches have been created to enhance intra-vehicle communications security over the past three decades since the introduction of the Controller Area Network (CAN) protocol. The twin pair differential-mode communications bus is tremendously robust in the face of interference, yet physical access to the bus offers a variety of potential attack vectors whereby false messages and/or denial of service are achievable. This paper evaluates extensions of a Physical-layer (PHY) common-mode watermark-based authentication technique recently developed to improve authentication on the CAN bus by considering the watermark as a side-channel communications means for high value information. We also propose and analyze higher layer algorithms, with benefits and pitfalls, for employing the watermark as a physical-layer firewall.

To help address the issue of message authentication on the Controller Area Network (CAN) bus, researchers at Virginia Tech and Ford Motor Company have developed a proof-of-concept time-evolving watermark-based authentication mechanism that offers robust, cryptographically controlled confirmation of a CAN message's authenticity. This watermark is injected as a common-mode signal on both CAN-HI and CAN-LO bus voltages and has been proven using a low-cost software-defined radio (SDR) testbed. This paper extends prior analysis on the design and proof-of-concept to consider robustness testing over the range of voltages, both steady state drifts and transients, as are commonly witnessed within a vehicle. Overall performance results, along with a dynamic watermark amplitude control, validate the concept as being a practical near-term approach at improving authentication confidence of messages on the CAN bus.

Autonomous vehicles might one day be able to implement privacy preserving driving patterns which humans may find too difficult to implement. In order to measure the difference between location privacy achieved by humans versus location privacy achieved by autonomous vehicles, this paper measures privacy as trajectory anonymity, as opposed to single location privacy or continuous privacy. This paper evaluates how trajectory privacy for randomized driving patterns could be twice as effective for autonomous vehicles using diverted paths compared to Google Map API generated shortest paths. The result shows vehicles mobility patterns could impact trajectory and location privacy. Moreover, the results show that the proposed metric outperforms both K-anonymity and KDT-anonymity.

Cyber assurance of heavy trucks is a major concern with new designs as well as with supporting legacy systems. Many cyber security experts and analysts are used to working with traditional information technology (IT) networks and are familiar with a set of technologies that may not be directly useful in the commercial vehicle sector. To help connect security researchers to heavy trucks, a remotely accessible testbed has been prototyped for experimentation with security methodologies and techniques to evaluate and improve on existing technologies, as well as developing domain-specific technologies. The testbed relies on embedded Linux-based node controllers that can simulate the sensor inputs to various heavy vehicle electronic control units (ECUs). The node controller also monitors and affects the flow of network information between the ECUs and the vehicle communications backbone.

It is deemed that currently the intelligent connected vehicle (ICV) is in its early stage of development, and it will go through multiple development stages in the future to realize its final goal—autonomous driving. Based on the existing ICV researches, this paper believes that ICV can be used to improve the efficiency and safety of freeway. The current research of ICV has two main directions: one focuses on the traffic flow characteristics of vehicles with different attributes, the other is concerned with using ICV to reduce congestion. From the policies issued by countries around the world and the development plans promoted by major vehicle manufacturers, the future development trends and challenges of ICV are analyzed. ICV must overcome all the shortcomings to achieve its final goal, including insufficient hardware capabilities or excessive cost, and the degree of intelligence that needs to be improved.

By looking into the vehicle-infrastructure cooperation (VIC) which is oriented towards intelligent, networked and integrated development, this paper analyzes and proposes the essence and development direction of Intelligent Vehicle Infrastructure Cooperation Systems (I-VICS). With an in-depth analysis of technologies of core importance to VIC and influence factors that constrain VIC development as a whole, the paper comes up with a technological route for VIC, and identifies a direction for vehicle-infrastructure cooperative development that progresses from primary to intermediate cooperation, then to advanced cooperation, and finally to full-fledged cooperation. Policy recommendations aiming at strengthening top-level design, building an integrated vehicle-infrastructure-cloud platform, expediting independence of key techs, building robust standards and regulations for VIC, enhancing workforce development as well as greater efforts at market promotion are put forward.