Refine Your Search

Topic

Author

Search Results

Technical Paper

Cyber-security for Engine ECUs: Past, Present and Future

2015-09-01
2015-01-1998
In this paper, we outline past, present and future applications of automotive security for engine ECUs. Electronic immobilizers and anti-tuning countermeasures have been used for several years. Recently, OEMs and suppliers are facing more and more powerful attackers, and as a result, have introduced stronger countermeasures based on hardware security. Finally, with the advent of connected cars, it is expected that many things that currently require a physical connection will be done remotely in a near future. This includes remote diagnostics, reprogramming and engine calibration.
Technical Paper

An Integrated View on Automotive SPICE, Functional Safety and Cyber-Security

2020-04-14
2020-01-0145
This increases the attractiveness of an attack on vehicles and thus introduces new risks for vehicle cybersecurity. Thus, just as safety became a critical part of the development in the late 20th century, the automotive domain must now consider cybersecurity as an integral part of the development of modern vehicles. ...Thus, just as safety became a critical part of the development in the late 20th century, the automotive domain must now consider cybersecurity as an integral part of the development of modern vehicles. Aware of this fact, the automotive industry has, therefore, recently taken multiple efforts in designing and producing safe and secure connected and automated vehicles. ...As the domain geared up for the cybersecurity challenges, they leveraged experiences from many other domains, but must face several unique challenges.
Technical Paper

Mitigating Unknown Cybersecurity Threats in Performance Constrained Electronic Control Units

2018-04-03
2018-01-0016
Traditional Cybersecurity solutions fall short in meeting automotive ECU constraints such as zero false positives, intermittent connectivity, and low performance impact. ...We integrated Autonomous Security on a BeagleBone Black (BBB) system to evaluate the feasibility of mitigating Cybersecurity risks against potential threats. We identified key metrics that should be measured, such as level of security, ease of integration and system performance impact.
Technical Paper

Research on Vehicle Cybersecurity Based on Dedicated Security Hardware and ECDH Algorithm

2017-09-23
2017-01-2005
Vehicle cybersecurity consists of internal security and external security. Dedicated security hardware will play an important role in car’s internal and external security communication. ...For certain AURIX MCU consisting of HSM, the experiment result shows that cheaper 32-bit HSM’s AES calculating speed is 25 times of 32-bit main controller, so HSM is an effective choice to realize cybersecurity. After comparing two existing methods that realize secure CAN communication, A Modified SECURE CAN scheme is proposed, and differences of the three schemes are analyzed.
Technical Paper

Wireless Charging for EV/HEV with Prescriptive Analytics, Machine Learning, Cybersecurity and Blockchain Technology: Ongoing and Future Trends

2019-04-02
2019-01-0790
Due to the rapid development in the technological aspect of the autonomous vehicle (AV), there is a compelling need for research in the field vehicle efficiency and emission reduction without affecting the performance, safety and reliability of the vehicle. Electric vehicle (EV) with rechargeable battery has been proved to be a practical solution for the above problem. In order to utilize the maximum capacity of the battery, a proper power management and control mechanism need to be developed such that it does not affect the performance, reliability and safety of vehicle. Different optimization techniques along with deterministic dynamic programming (DDP) approach are used for the power distribution and management control. The battery-operated electric vehicle can be recharged either by plug-in a wired connection or by the inductive mean (i.e. wirelessly) with the help of the electromagnetic field energy.
Technical Paper

Information Security Risk Management of Vehicles

2018-04-03
2018-01-0015
The results of this work is allowed to identify a number of cybersecurity threats of the automated security-critical automotive systems, which reduces the efficiency of operation, road safety and system safety. ...According to the evaluating criterion of board electronics, the presence of poorly-protected communication channels, the 75% of the researched modern vehicles do not meet the minimum requirements of cybersecurity due to the danger of external blocking of vital systems. The revealed vulnerabilities of the security-critical automotive systems lead to the necessity of developing methods for mechanical and electronic protection of the modern vehicle. ...The law of normal distribution of the mid-points of the expert evaluation of the cyber-security of a modern vehicle has been determined. Based on the system approach, ranking of the main cybersecurity treats is performed.
Technical Paper

THARA - a Framework to Align the Functional Safety and Security Process in Automotive Domain

2021-04-06
2021-01-0148
The underlying systems are susceptible to safety and cybersecurity attacks as the involved ECUs are interconnected. The security attacks can lead to disrupting the safe operation of the vehicle while causing injury to the passengers. ...Consequently, the functional safety requirements and cybersecurity requirements can be aligned with each other. In this paper, a case study of the application of the THARA framework is presented through the risk analysis of safety and security threats applicable to the rear-view camera (RVC) feature of the vehicle.
Technical Paper

Hypervisor Implementation in Vehicle Networks

2020-04-14
2020-01-1334
The hypervisor offers many benefits to the vehicle architecture, both operationally and with cybersecurity. The proposed mitigant provides the structure to partition the various VMs. This allows for the different functions to be managed within their own distinct VM. ...While the cybersecurity applications are numerous, there are also the operational benefits. The hypervisor is designed to not only manage the VMs, but also to increase the efficiency of these via resource management.
Technical Paper

Lessons Learned in Inter-Organization Virtual Integration

2018-10-30
2018-01-1944
The SAE AS2C Standard AS5506C Architecture Analysis and Description Language (AADL) is a modeling language for predictive analysis of real-time software reliant, safety and cybersecurity critical systems that provides both the precision of formal modeling and the tool-agnostic freedom of a text-based representation. ...AADL supports multiple domains of architectural analysis such as timing, latency, resources, safety, scheduling, and cybersecurity. Adventium Labs conducted an exercise to determine the applicability of software engineering practices (e.g., continuous integration (CI), application programming interface (API) sharing, test driven development (TDD)) to the AADL-based Architecture Centric Virtual Integration Process (ACVIP).
Technical Paper

Optimizing CAN Bus Security with In-Place Cryptography

2019-01-16
2019-01-0098
In-vehicle networks used for inter-ECU communication, most commonly the CAN bus, were not designed with cybersecurity in mind, and as a result, communication by corrupt devices connected to the bus is not authenticated.
Technical Paper

Intelligent Vehicle Monitoring for Safety and Security

2019-04-02
2019-01-0129
The caveat to these additional capabilities is issues like cybersecurity, complexity, etc. This paper is an exploration into FuSa and CAVs and will present a systematic approach to understand challenges and propose potential framework, Intelligent Vehicle Monitoring for Safety and Security (IVMSS) to handle faults/malfunctions in CAVs, and specifically autonomous systems.
Technical Paper

EncryptionS Role in Vehicle Information Security

1998-10-19
98C044
A broad range of information is being delivered to and used within modern vehicles. Information-based applications are becoming more highly integrated into the automobile. Security services are necessary to provide appropriate protection for this information. Encryption, digital signature, and hash functionalities enable information security services such as confidentiality, authentication, integrity and non-repudiation. However, the consumer of in-vehicle information services will not accept security services that introduce any inconvenience to their activities. This paper will discuss various security service methods and security management systems and propose methods to integrate these services acceptably into vehicle-based applications.
Technical Paper

Securing Connected Vehicles End to End

2014-04-01
2014-01-0300
As vehicles become increasingly connected with the external world, they face a growing range of security vulnerabilities. Researchers, hobbyists, and hackers have compromised security keys used by vehicles' electronic control units (ECUs), modified ECU software, and hacked wireless transmissions from vehicle key fobs and tire monitoring sensors. Malware can infect vehicles through Internet connectivity, onboard diagnostic interfaces, devices tethered wirelessly or physically to the vehicle, malware-infected aftermarket devices or spare parts, and onboard Wi-Fi hotspot. Once vehicles are interconnected, compromised vehicles can also be used to attack the connected transportation system and other vehicles. Securing connected vehicles impose a range of unique new challenges. This paper describes some of these unique challenges and presents an end-to-end cloud-assisted connected vehicle security framework that can address these challenges.
Technical Paper

The Use of Interactive Web Based Program Applications for In-Depth Vehicle Noise Path Analysis

2017-06-05
2017-01-1868
The authors previously presented at SAE 2015, the use of acoustic diagnostic network algorithms (Acoustic DNA) for the measurement and analysis of noise paths in motor vehicles. To further the understanding of the huge amount of data created in this method, especially by the end user or customer, a secure web based application platform has been engineered. The current paper presents operating aspects of the web based approach, including cyber security, multi device accessibility and intuitive user interface together with an innovative optimization toolbox from which both noise sources and vehicle body systems can be modified to be target compliant.
Technical Paper

Zero-Day Attack Defenses and Test Framework for Connected Mobility ECUs

2021-04-06
2021-01-0141
Recent developments in the commercialization of mobility services have brought unprecedented connectivity to the automotive sector. While the adoption of connected features provides significant benefits to vehicle owners, adversaries may leverage zero-day attacks to target the expanded attack surface and make unauthorized access to sensitive data. Protecting new generations of automotive controllers against malicious intrusions requires solutions that do not depend on conventional countermeasures, which often fall short when pitted against sophisticated exploitation attempts. In this paper, we describe some of the latent risks in cur-rent automotive systems along with a well-engineered multi-layer defense strategy. Further, we introduce a novel and comprehensive attack and performance test framework which considers state-of-the-art memory corruption attacks, counter-measures and evaluation methods.
Technical Paper

Proposal of HILS-Based In-Vehicle Network Security Verification Environment

2018-04-03
2018-01-0013
We propose a security-testing framework to analyze attack feasibilities for automotive control software by integrating model-based development with model checking techniques. Many studies have pointed out the vulnerabilities in the Controller Area Network (CAN) protocol, which is widely used in in-vehicle network systems. However, many security attacks on automobiles did not explicitly consider the transmission timing of CAN packets to realize vulnerabilities. Additionally, in terms of security testing for automobiles, most existing studies have only focused on the generation of the testing packets to realize vulnerabilities, but they did not consider the timing of invoking a security testing. Therefore, we focus on the transmit timing of CAN packets to realize vulnerabilities. In our experiments, we have demonstrated the classification of feasible attacks at the early development phase by integrating the model checking techniques into a virtualized environment.
Technical Paper

The Study of Secure CAN Communication for Automotive Applications

2017-03-28
2017-01-1658
Cyber security is becoming increasingly critical in the car industry. Not only the entry points to the external world in the car need to be protected against potential attack, but also the on-board communication in the car require to be protected against attackers who may try to send unauthorized CAN messages. However, the current CAN network was not designed with security in mind. As a result, the extra measures have to be taken to address the key security properties of the secure CAN communication, including data integrity, authenticity, confidentiality and freshness. While integrity and authenticity can be achieved by using a relatively straightforward algorithms such as CMAC (Cipher-based Message Authentication Code) and Confidentiality can be handled by a symmetric encryption algorithm like AES128 (128-bit Advanced Encryption Standard), it has been recognized to be more challenging to achieve the freshness of CAN message.
X