Refine Your Search

Topic

Author

Affiliation

Search Results

Technical Paper

Cybersecurity Testing and Validation

2017-03-28
2017-01-1655
We also consider the necessary scope and depth of cybersecurity testing and suggest examples of how this can be related to cybersecurity requirements, goals and integrity levels, as determined by the threat analysis and risk assessment. ...An essential part of an effective cybersecurity engineering process is testing the implementation of a system for vulnerabilities and validating the effectiveness of countermeasures. ...The SAE J3061 Cybersecurity Guidebook for Cyber-Physical Vehicle Systems provides a recommended framework which organizations can use to implement a cybersecurity engineering process, which includes activities such as integration and testing, penetration testing and verification/validation of cybersecurity requirements at the hardware, software and system levels.
Technical Paper

Cybersecurity Metrics for Automotive Systems

2021-04-06
2021-01-0138
With the increased need for cybersecurity in automotive systems due to the development of more advanced technologies and corresponding increased threat vectors, coupled with the upcoming ISO/SAE 21434 cybersecurity standard for automotive systems and cybersecurity regulations in UNECE WP.29, it is becoming increasingly important for auto manufacturers and suppliers to have a clear and common understanding and agreement of cybersecurity metrics for the development and deployment of vehicles. ...Cybersecurity for automotive systems is challenging and one of the major challenges is how to measure this specific system property. ...With the increased need for cybersecurity in automotive systems due to the development of more advanced technologies and corresponding increased threat vectors, coupled with the upcoming ISO/SAE 21434 cybersecurity standard for automotive systems and cybersecurity regulations in UNECE WP.29, it is becoming increasingly important for auto manufacturers and suppliers to have a clear and common understanding and agreement of cybersecurity metrics for the development and deployment of vehicles.
Technical Paper

Challenges in Integrating Cybersecurity into Existing Development Processes

2020-04-14
2020-01-0144
Strategies designed to deal with these challenges differ in the way in which added duties are assigned and cybersecurity topics are integrated into the already existing process steps. Cybersecurity requirements often clash with existing system requirements or established development methods, leading to low acceptance among developers, and introducing the need to have clear policies on how friction between cybersecurity and other fields is handled. ...Cybersecurity requirements often clash with existing system requirements or established development methods, leading to low acceptance among developers, and introducing the need to have clear policies on how friction between cybersecurity and other fields is handled. A cybersecurity development approach is frequently perceived as introducing impediments, that bear the risk of cybersecurity measures receiving a lower priority to reduce inconvenience. ...For an established development process and a team accustomed to this process, adding cybersecurity features to the product initially means inconvenience and reduced productivity without perceivable benefits.
Technical Paper

Integrating Fuzz Testing into the Cybersecurity Validation Strategy

2021-04-06
2021-01-0139
Therefore, modern cybersecurity validation is highly stressed for finding security vulnerabilities and robustness issues early and systematically at every stage of the product development process. ...The integration of a sophisticated fuzz testing program within the overall cybersecurity validation strategy allows for accommodating towards these challenging demands. In this paper, we review a general automotive cybersecurity engineering process containing functional testing, vulnerability scanning and penetration testing, and highlight shortcomings that can be complemented by fuzz testing. ...In this paper, we review a general automotive cybersecurity engineering process containing functional testing, vulnerability scanning and penetration testing, and highlight shortcomings that can be complemented by fuzz testing.
Technical Paper

Onboard Cybersecurity Diagnostic System for Connected Vehicles

2021-09-21
2021-01-1249
Here, we discuss the On-Board Diagnostic (OBD) regulations for next generation BEV/HEV, its vulnerabilities and cybersecurity threats that come with hacking. We propose three cybersecurity attack detection and defense methods: Cyber-Attack detection algorithm, Time-Based CAN Intrusion Detection Method and, Feistel Cipher Block Method. ...These control methods autonomously diagnose a cybersecurity problem in a vehicle’s onboard system using an OBD interface, such as OBD-II when a fault caused by a cyberattack is detected, All of this is achieved in an internal communication network structure.
Technical Paper

An Integrated View on Automotive SPICE, Functional Safety and Cyber-Security

2020-04-14
2020-01-0145
This increases the attractiveness of an attack on vehicles and thus introduces new risks for vehicle cybersecurity. Thus, just as safety became a critical part of the development in the late 20th century, the automotive domain must now consider cybersecurity as an integral part of the development of modern vehicles. ...Thus, just as safety became a critical part of the development in the late 20th century, the automotive domain must now consider cybersecurity as an integral part of the development of modern vehicles. Aware of this fact, the automotive industry has, therefore, recently taken multiple efforts in designing and producing safe and secure connected and automated vehicles. ...As the domain geared up for the cybersecurity challenges, they leveraged experiences from many other domains, but must face several unique challenges.
Technical Paper

Mitigating Unknown Cybersecurity Threats in Performance Constrained Electronic Control Units

2018-04-03
2018-01-0016
Traditional Cybersecurity solutions fall short in meeting automotive ECU constraints such as zero false positives, intermittent connectivity, and low performance impact. ...We integrated Autonomous Security on a BeagleBone Black (BBB) system to evaluate the feasibility of mitigating Cybersecurity risks against potential threats. We identified key metrics that should be measured, such as level of security, ease of integration and system performance impact.
Technical Paper

Research on Vehicle Cybersecurity Based on Dedicated Security Hardware and ECDH Algorithm

2017-09-23
2017-01-2005
Vehicle cybersecurity consists of internal security and external security. Dedicated security hardware will play an important role in car’s internal and external security communication. ...For certain AURIX MCU consisting of HSM, the experiment result shows that cheaper 32-bit HSM’s AES calculating speed is 25 times of 32-bit main controller, so HSM is an effective choice to realize cybersecurity. After comparing two existing methods that realize secure CAN communication, A Modified SECURE CAN scheme is proposed, and differences of the three schemes are analyzed.
Technical Paper

Wireless Charging for EV/HEV with Prescriptive Analytics, Machine Learning, Cybersecurity and Blockchain Technology: Ongoing and Future Trends

2019-04-02
2019-01-0790
Due to the rapid development in the technological aspect of the autonomous vehicle (AV), there is a compelling need for research in the field vehicle efficiency and emission reduction without affecting the performance, safety and reliability of the vehicle. Electric vehicle (EV) with rechargeable battery has been proved to be a practical solution for the above problem. In order to utilize the maximum capacity of the battery, a proper power management and control mechanism need to be developed such that it does not affect the performance, reliability and safety of vehicle. Different optimization techniques along with deterministic dynamic programming (DDP) approach are used for the power distribution and management control. The battery-operated electric vehicle can be recharged either by plug-in a wired connection or by the inductive mean (i.e. wirelessly) with the help of the electromagnetic field energy.
Technical Paper

Integrated Safety and Security Development in the Automotive Domain

2017-03-28
2017-01-1661
The recently released SAE J3061 guidebook for cyber-physical vehicle systems provides high-level principles for automotive organizations for identifying and assessing cybersecurity threats and for designing cybersecurity aware systems in close relation to the ISO 26262 standard for the functional safety of road vehicles. ...., infotainment, car-2-car or car-2-infrastructure communication) as well as new advances toward advanced driver assistance systems (ADAS) or even autonomous driving functions make cybersecurity another key factor to be taken into account by vehicle suppliers and manufacturers. ...Although these can capitalize on experiences from many other domains, they still have to face several unique challenges when gearing up for specific cybersecurity challenges. A key challenge is related to the increasing interconnection of automotive systems with networks (such as Car2X).
Research Report

Unsettled Issues Regarding Autonomous Vehicles and Open-source Software

2021-04-21
EPR2021009
Unsettled Issues Regarding Autonomous Vehicles and Open-source Software introduces the impact of software in advanced automotive applications, the role of open-source communities in accelerating innovation, and the important topic of safety and cybersecurity. As electronic functionality is captured in software and a bigger percentage of that software is open-source code, some critical challenges arise concerning security and validation.
Technical Paper

Hypervisor Implementation in Vehicle Networks

2020-04-14
2020-01-1334
The hypervisor offers many benefits to the vehicle architecture, both operationally and with cybersecurity. The proposed mitigant provides the structure to partition the various VMs. This allows for the different functions to be managed within their own distinct VM. ...While the cybersecurity applications are numerous, there are also the operational benefits. The hypervisor is designed to not only manage the VMs, but also to increase the efficiency of these via resource management.
Technical Paper

Intelligent Vehicle Monitoring for Safety and Security

2019-04-02
2019-01-0129
The caveat to these additional capabilities is issues like cybersecurity, complexity, etc. This paper is an exploration into FuSa and CAVs and will present a systematic approach to understand challenges and propose potential framework, Intelligent Vehicle Monitoring for Safety and Security (IVMSS) to handle faults/malfunctions in CAVs, and specifically autonomous systems.
Technical Paper

Study of Information Security Technology Standard System for Intelligent and Connected Vehicle

2021-01-22
2021-01-5022
This paper analyzed information security challenges faced by Intelligent and connected vehicles (ICV), summarized the automotive information security technology standards and regulations developed by leading automotive industrial counties and international organizations, such as UN/WP.29 and ISO/TC22, and discussed the significant and necessity of the research work on ICV information security standard system in China. Focus on driving security, the paper also proposed the basic principles, logics and a systematic frame for building automotive information security standard system, and elaborated the contents and categories of the information security standards in the system. From whole perspective, suggestions for standard system construction and related research plan were proposed.
Technical Paper

State of the Art Survey on Comparison of Physical Fingerprinting-Based Intrusion Detection Techniques for In-Vehicle Security

2020-04-14
2020-01-0721
Controller area network (CAN) is used as a legacy protocol for in-vehicle communication. However, it lacks basic security features such as message authentication, integrity, confidentiality, etc., because the sender information in the message is missing. Hence, it is prone to different attacks like spoofing attacks, denial of service attacks, man in the middle and masquerade attacks. Researchers have proposed various techniques to detect and prevent these attacks, which can be split into two classes: (a) MAC-based techniques and (b) intrusion detection-based techniques. Further, intrusion detection systems can be divided into four categories: (i) message parameter- based, (ii) entropy-based, (iii) machine Learning-based and (iv) fingerprinting-based. This paper details state-of- the-art survey of fingerprinting-based intrusion detection techniques. In addition, the advantages and limitations of different fingerprinting-based intrusion detection techniques methods will be discussed.
X