Refine Your Search

Topic

Author

Search Results

Technical Paper

Challenges in Integrating Cybersecurity into Existing Development Processes

2020-04-14
2020-01-0144
Strategies designed to deal with these challenges differ in the way in which added duties are assigned and cybersecurity topics are integrated into the already existing process steps. Cybersecurity requirements often clash with existing system requirements or established development methods, leading to low acceptance among developers, and introducing the need to have clear policies on how friction between cybersecurity and other fields is handled. ...Cybersecurity requirements often clash with existing system requirements or established development methods, leading to low acceptance among developers, and introducing the need to have clear policies on how friction between cybersecurity and other fields is handled. A cybersecurity development approach is frequently perceived as introducing impediments, that bear the risk of cybersecurity measures receiving a lower priority to reduce inconvenience. ...For an established development process and a team accustomed to this process, adding cybersecurity features to the product initially means inconvenience and reduced productivity without perceivable benefits.
Journal Article

Zero-Day Attack Defenses and Test Framework for Connected Mobility ECUs

2021-04-06
2021-01-0141
Recent developments in the commercialization of mobility services have brought unprecedented connectivity to the automotive sector. While the adoption of connected features provides significant benefits to vehicle owners, adversaries may leverage zero-day attacks to target the expanded attack surface and make unauthorized access to sensitive data. Protecting new generations of automotive controllers against malicious intrusions requires solutions that do not depend on conventional countermeasures, which often fall short when pitted against sophisticated exploitation attempts. In this paper, we describe some of the latent risks in current automotive systems along with a well-engineered multi-layer defense strategy. Further, we introduce a novel and comprehensive attack and performance test framework which considers state-of-the-art memory corruption attacks, countermeasures and evaluation methods.
Journal Article

Ensuring Fuel Economy Performance of Commercial Vehicle Fleets Using Blockchain Technology

2019-04-02
2019-01-1078
In the past, research on blockchain technology has addressed security and privacy concerns within intelligent transportation systems for critical V2I and V2V communications that form the backbone of Internet of Vehicles. Within trucking industry, a recent trend has been observed towards the use of blockchain technology for operations. Industry stakeholders are particularly looking forward to refining status quo contract management and vehicle maintenance processes through blockchains. However, the use of blockchain technology for enhancing vehicle performance in fleets, especially while considering the fact that modern-day intelligent vehicles are prone to cyber security threats, is an area that has attracted less attention. In this paper, we demonstrate a case study that makes use of blockchains to securely optimize the fuel economy of fleets that do package pickup and delivery (P&D) in urban areas.
Technical Paper

Communication Requirements for Plug-In Electric Vehicles

2011-04-12
2011-01-0866
This paper is the second in the series of documents designed to record the progress of a series of SAE documents - SAE J2836™, J2847, J2931, & J2953 - within the Plug-In Electric Vehicle (PEV) Communication Task Force. This follows the initial paper number 2010-01-0837, and continues with the test and modeling of the various PLC types for utility programs described in J2836/1™ & J2847/1. This also extends the communication to an off-board charger, described in J2836/2™ & J2847/2 and includes reverse energy flow described in J2836/3™ and J2847/3. The initial versions of J2836/1™ and J2847/1 were published early 2010. J2847/1 has now been re-opened to include updates from comments from the National Institute of Standards Technology (NIST) Smart Grid Interoperability Panel (SGIP), Smart Grid Architectural Committee (SGAC) and Cyber Security Working Group committee (SCWG).
Technical Paper

Scalable Decentralized Solution for Secure Vehicle-to-Vehicle Communication

2020-04-14
2020-01-0724
The automotive industry is set for a rapid transformation in the next few years in terms of communication. The kind of growth the automotive industry is poised for in fields of connected cars is both fascinating and alarming at the same time. The communication devices equipped to the cars and the data exchanges done between vehicles to vehicles are prone to a lot of cyber-related attacks. The signals that are sent using Vehicular Adhoc Network (VANET) between vehicles can be eavesdropped by the attackers and it may be used for various attacks such as the man in the middle attack, DOS attack, Sybil attack, etc. These attacks can be prevented using the Blockchain technology, where each transaction is logged in a decentralized immutable Blockchain ledger. This provides authenticity and integrity to the signals. But the use of Blockchain Platforms such as Ethereum has various drawbacks like scalability which makes it infeasible for connected car system.
Journal Article

Towards a Cyber Assurance Testbed for Heavy Vehicle Electronic Controls

2016-09-27
2016-01-8142
Cyber assurance of heavy trucks is a major concern with new designs as well as with supporting legacy systems. Many cyber security experts and analysts are used to working with traditional information technology (IT) networks and are familiar with a set of technologies that may not be directly useful in the commercial vehicle sector. To help connect security researchers to heavy trucks, a remotely accessible testbed has been prototyped for experimentation with security methodologies and techniques to evaluate and improve on existing technologies, as well as developing domain-specific technologies. The testbed relies on embedded Linux-based node controllers that can simulate the sensor inputs to various heavy vehicle electronic control units (ECUs). The node controller also monitors and affects the flow of network information between the ECUs and the vehicle communications backbone.
Technical Paper

Deep Learning Based Real Time Vulnerability Fixes Verification Mechanism for Automotive Firmware/Software

2021-04-06
2021-01-0183
Software vulnerability management is one of the most critical and crucial security techniques, which analyzes the automotive software/firmware across the digital cockpit, ADAS, V2X, etc. domains for vulnerabilities, and provides security patches for the concerned Common Vulnerabilities and Exposures (CVE). The process of automotive SW/FW vulnerability management system between the OEMs and vendors happen through a channel of fixing a certain number of vulnerabilities by 1st tier supplier which needs to be verified in front of OEMs for the fixed number and type of patches in there deliverable SW/FW. The gap of verification between for the fixed patches between the OEMs and 1st tier supplier requires a reliable human independent intelligent technique to have a trustworthiness of verification.
Technical Paper

Evaluating Trajectory Privacy in Autonomous Vehicular Communications

2019-04-02
2019-01-0487
Autonomous vehicles might one day be able to implement privacy preserving driving patterns which humans may find too difficult to implement. In order to measure the difference between location privacy achieved by humans versus location privacy achieved by autonomous vehicles, this paper measures privacy as trajectory anonymity, as opposed to single location privacy or continuous privacy. This paper evaluates how trajectory privacy for randomized driving patterns could be twice as effective for autonomous vehicles using diverted paths compared to Google Map API generated shortest paths. The result shows vehicles mobility patterns could impact trajectory and location privacy. Moreover, the results show that the proposed metric outperforms both K-anonymity and KDT-anonymity.
Technical Paper

Selftrust - A Practical Approach for Trust Establishment

2020-04-14
2020-01-0720
In recent years, with increase in external connectivity (V2X, telematics, mobile projection, BYOD) the automobile is becoming a target of cyberattacks and intrusions. Any such intrusion reduces customer trust in connected cars and negatively impacts brand image (like the recent Jeep Cherokee hack). To protect against intrusion, several mechanisms are available. These range from a simple secure CAN to a specialized symbiote defense software. A few systems (e.g. V2X) implement detection of an intrusion (defined as a misbehaving entity). However, most of the mechanisms require a system-wide change which adds to the cost and negatively impacts the performance. In this paper, we are proposing a practical and scalable approach to intrusion detection. Some benefits of our approach include use of existing security mechanisms such as TrustZone® and watermarking with little or no impact on cost and performance. In addition, our approach is scalable and does not require any system-wide changes.
Technical Paper

Safety Development Trend of the Intelligent and Connected Vehicle

2020-04-14
2020-01-0085
Automotive safety is always the focus of consumers, the selling point of products, the focus of technology. In order to achieve automatic driving, interconnection with the outside world, human-automatic system interaction, the security connotation of intelligent and connected vehicles (ICV) changes: information security is the basis of its security. Functional safety ensures that the system is operating properly. Behavioral safety guarantees a secure interaction between people and vehicles. Passive security should not be weakened, but should be strengthened based on new constraints. In terms of information safety, the threshold for attacking cloud, pipe, and vehicle information should be raised to ensure that ICV system does not fail due to malicious attacks. The cloud is divided into three cloud platforms according to functions: ICVs private cloud, TSP cloud, public cloud.
Technical Paper

A Safety and Security Testbed for Assured Autonomy in Vehicles

2020-04-14
2020-01-1291
Connectivity and autonomy in vehicles promise improved efficiency, safety and comfort. The increasing use of embedded systems and the cyber element bring with them many challenges regarding cyberattacks which can seriously compromise driver and passenger safety. Beyond penetration testing, assessment of the security vulnerabilities of a component must be done through the design phase of its life cycle. This paper describes the development of a benchtop testbed which allows for the assurance of safety and security of components with all capabilities from Model-in-loop to Software-in-loop to Hardware-in-loop testing. Environment simulation is obtained using the AV simulator, CARLA which provides realistic scenarios and sensor information such as Radar, Lidar etc. MATLAB runs the vehicle, powertrain and control models of the vehicle allowing for the implementation and testing of customized models and algorithms.
Technical Paper

Connectivity in 2 Wheelers: Opportunities and Challenges

2019-11-21
2019-28-2437
Mobility is undergoing a “horses to cars”-sized shift that will reverberate across business and society for generations. Future of Mobility is mainly driven by 4 main pillars viz. Connected, Electrified, Automated and Shared Driving. With advancement in Communication Technology supplemented by huge customer base, Connectivity has proven to deliver better Services to the End-user. Connected Mobility is going to be the next Big Thing in the Mobility Arena. In this paper, we will try to qualitatively explore what Connected Mobility is all about and what it has to offer in terms of - Opportunities on one side as well as new challenges that were never witnessed in the realm of Mobility in the Past, with focus on the 2 wheeler segment. This paper focuses on Opportunities in terms of Location Based services, Vehicle Management, Data Analytics, Infotainment and possible Business scenarios and Models as well as challenges in Terms of Security and Data Ownership
Research Report

Unsettled Topics Concerning Sensors for Automated Road Vehicles

2018-10-18
EPR2018001
This SAE EDGE™ Research Report identifies key unsettled issues of interest to the automotive industry regarding the new generation of sensors designed for vehicles capable of automated driving. Four main issues are outlined that merit immediate interest: First, specifying a standardized terminology and taxonomy to be used for discussing the sensors required by automated vehicles. Second, generating standardized tests and procedures for verifying, simulating, and calibrating automated driving sensors. Third, creating a standardized set of tools and methods to ensure the security, robustness, and integrity of data collected by such sensors. The fourth issue, regarding the ownership and privacy of data collected by automated vehicle sensors, is considered only briefly here since its scope far exceeds the technical issues that are the primary focus of the present report. SAE EDGE™ Research Reports are preliminary investigations of new technologies.
Journal Article

Improvement of the Resilience of a Cyber-Physical Remote Diagnostic Communication System against Cyber Attacks

2019-04-02
2019-01-0112
In the near future, vehicles will operate autonomously and communicate with their environment. This communication includes Vehicle-to-Vehicle (V2V), Vehicle-to-Infrastructure (V2I) communication, and comunication with cloud-based servers (V2C). To improve the resilience of remote diagnostic communication between a vehicle and external test equipment against cyberattacks, it is imperative to understand and analyze the functionality and vulnerability of each communication system component, including the wired and wireless communication channels. This paper serves as a continuation of the SAE Journal publication on measures to prevent unauthorized access to the in-vehicle E/E system [9], explains the components of a cyber-physical system (CPS) for remote diagnostic communication, analyzes their vulnerability against cyberattacks and explains measures to improve the resiliance.
Technical Paper

Transformational Technologies Reshaping Transportation - An Academia Perspective

2019-10-14
2019-01-2620
This paper and the associated lecture present an overview of technology trends and of market and business opportunities created by technology, as well as of the challenges posed by environmental and economic considerations. Commercial vehicles are one of the engines of our economy. Moving goods and people efficiently and economically is a key to continued industrial development and to strong employment. Trucks are responsible for nearly 70% of the movement of goods in the USA (by value) and represent approximately 300 billion of the 3.21 trillion annual vehicle miles travelled by all vehicles in the USA while public transit enables mobility and access to jobs for millions of people, with over 10 billion trips annually in the USA creating and sustaining employment opportunities.
Technical Paper

The Role of Safety Critical Architecture in an Evolving Ecosystem

2021-06-16
2021-01-1000
There are many industries where safety is a major, if not the primary, concern, such as aviation and nuclear power. These industries rely on many layers of standards for designing, developing, and deploying safety critical systems and technologies. While unmanned aircraft system (UAS) operations and UAS Traffic Management (UTM) are often touted as “safety critical”, the systems and technologies are not being held to the same standards as traditional aviation, with its long pedigree of safety. There are multiple reasons for this dichotomy. One such reason is that design assurance standards, such as DO-178 for software, do not fit with modern technology such as web-based communication and machine learning. At the architecture level, the federated approach to UTM has led to a void in the Systems Engineering process. Nobody “owns” the entire system and therefore nobody owns the Systems Engineering process where many safety related design decisions are traditionally made.
Research Report

Unsettled Impacts of Integrating Automated Electric Vehicles into a Mobility-as-a-Service Ecosystem and Effects on Traditional Transportation and Ownership

2019-12-20
EPR2019004
The current business model of the automotive industry is based on individual car ownership, yet new ridesharing companies such as Uber and Lyft are well capitalized to invest in large, commercially operated, on-demand mobility service vehicle fleets. Car manufacturers like Tesla want to incorporate personal car owners into part-time fleet operation by utilizing the company’s fleet service. These robotaxi fleets can be operated profitably when the technology works in a reliable manner and regulators allow driverless operation. Although Mobility-as-a-Service (MaaS) models of private and commercial vehicle fleets can complement public transportation models, they may contribute to lower public transportation ridership and thus higher subsidies per ride. This can lead to inefficiencies in the utilization of existing public transportation infrastructure.
X