Refine Your Search

Topic

Search Results

Technical Paper

Information Security Risk Management of Vehicles

2018-04-03
2018-01-0015
The results of this work is allowed to identify a number of cybersecurity threats of the automated security-critical automotive systems, which reduces the efficiency of operation, road safety and system safety. ...According to the evaluating criterion of board electronics, the presence of poorly-protected communication channels, the 75% of the researched modern vehicles do not meet the minimum requirements of cybersecurity due to the danger of external blocking of vital systems. The revealed vulnerabilities of the security-critical automotive systems lead to the necessity of developing methods for mechanical and electronic protection of the modern vehicle. ...The law of normal distribution of the mid-points of the expert evaluation of the cyber-security of a modern vehicle has been determined. Based on the system approach, ranking of the main cybersecurity treats is performed.
Book

Supply Chain Vulnerabilities Impacting Commercial Aviation

2019-09-04
Written by Kirsten Koepsel, a lawyer and engineer whose work has focused on aviation cybersecurity, Supply Chain Vulnerabilities Impacting Commercial Aviation addresses the big question facing aircraft manufacturers today: keep the work in house or outsource it? ...Supply Chain Vulnerabilities Impacting Commercial Aviation discusses the differences in requirements depending on the buyer of the aircraft (governmental or not), ranging from delivery delays to risks linked to cybersecurity and the Internet of Things (IoT), including possible problems with faulty sensors and counterfeit parts.
Technical Paper

Secure Deterministic L2/L3 Ethernet Networking for Integrated Architectures

2017-09-19
2017-01-2103
Cybersecurity attacks exploit vulnerabilities related to the increased complexity and connectivity of critical infrastructure systems. ...Network security is a core component of the overall cyber-security and defense-in-depth capability for distributed architectures. Protection mechanism for information, interface and system integrity, communication availability, and data confidentiality are required for design of safe and secure integrated embedded infrastructure.
Technical Paper

Lessons Learned in Inter-Organization Virtual Integration

2018-10-30
2018-01-1944
The SAE AS2C Standard AS5506C Architecture Analysis and Description Language (AADL) is a modeling language for predictive analysis of real-time software reliant, safety and cybersecurity critical systems that provides both the precision of formal modeling and the tool-agnostic freedom of a text-based representation. ...AADL supports multiple domains of architectural analysis such as timing, latency, resources, safety, scheduling, and cybersecurity. Adventium Labs conducted an exercise to determine the applicability of software engineering practices (e.g., continuous integration (CI), application programming interface (API) sharing, test driven development (TDD)) to the AADL-based Architecture Centric Virtual Integration Process (ACVIP).
Book

The Aerospace Supply Chain and Cyber Security - Challenges Ahead

2018-07-20
The Aerospace Supply Chain and Cyber Security - Challenges Ahead looks at the current state of commercial aviation and cyber security, how information technology and its attractiveness to cyber attacks is affecting it, and the way supply chains have become a vital part of the industry's cyber-security strategy. More than ever before, commercial aviation relies on information and communications technology.

2020-01-21
SAE EDGE Research Reports provide examinations significant topics facing mobility industry today including Connected Automated Vehicle Technologies Electrification Advanced Manufacturing
Article

2019-06-11
SAE International’s two-day course, DO-326A and ED-202A: An Introduction to the New and Mandatory Aviation Cyber-Security Essentials, introduces attendees to industry best practices for real-world aviation cybersecurity risk assessment, development, assurance. ...SAE International’s two-day course, DO-326A and ED-202A: An Introduction to the New and Mandatory Aviation Cyber-Security Essentials, introduces attendees to industry best practices for real-world aviation cybersecurity risk assessment, development, assurance.
Article

2019-07-03
Argus, a global leader in automotive cybersecurity, has upgraded its stand-alone Fleet Protection backend platform and is now providing continuous live monitoring of both automotive and commercial aircraft fleets.
Training / Education

Introduction to Cyber Security for Commercial Aviation

2020-05-06
Despite the advantages of electronic flight bags (EFB), passenger entertainment and email access during flights, and the ability to access aircraft repair manuals electronically, computer interconnectivity throughout aviation has opened the aviation sector to cyber-attacks that could impact flights, data, and safety. This two-day seminar is intended to introduce aviation professionals to the need to implement cyber security throughout commercial aviation including the supply chain.
Video

Advancing Aircraft Cyber Security - Potential New Architectures and Technologies

2012-03-16
Cyber security in the aviation industry, especially in relation to onboard aircraft systems, presents unique challenges in its implementation and management. The cyber threat model is constantly evolving and will continually present new and different challenges to the aircraft operator in responding to new cyber threats without either invoking a lengthy software update and re-certification process or limiting aircraft-to-ground communications to the threatened system or systems. This presentation discusses a number of system architectural options and developing technologies that could be considered to enhance the aircraft cyber protection and defensive capabilities of onboard systems as well as to minimize the effort associated with certification/re-certification. Some of these limit the aircraft?s vulnerabilities or in cyber terms, its ?threat surface?.
Training / Education

Introduction to the Secure Microkernel, seL4

Security continues to be an ever-growing concern in more and more design spaces. There are daily articles about security breaches and there is a need for much higher security through the entire system stack. Thorough testing of systems can lead to stronger security in systems, but testing can only expose so many vulnerabilities. Formal methods is another solution that ensures specific behaviors will not occur. seL4 is the first formally proven microkernel and it is open-source. This makes it a great solution for systems that need strong security.
Technical Paper

UAS Behaviour and Consistency Monitoring System for Countering Cyber Security Threats

2014-09-16
2014-01-2131
Upon their arrival, Unmanned Autonomous Systems (UAS) brought with them many benefits for those involved in a military campaign. They can use such systems to reconnoiter dangerous areas, provide 24-hr aerial security surveillance for force protection purposes or even attack enemy targets all the while avoiding friendly human losses in the process. Unfortunately, these platforms also carry the inherent risk of being built on innately vulnerable cybernetic systems. From software which can be tampered with to either steal data, damage or even outright steal the aircraft, to the data networks used for communications which can be jammed or even eavesdropped on to gain access to sensible information. All this has the potential to turn the benefits of UAS into liabilities and although the last decade has seen great advances in the development of protection and countermeasures against the described threats and beyond the risk still endures.
Journal Article

A Centrally Managed Identity-Anonymized CAN Communication System*

2018-05-16
Abstract Identity-Anonymized CAN (IA-CAN) protocol is a secure CAN protocol, which provides the sender authentication by inserting a secret sequence of anonymous IDs (A-IDs) shared among the communication nodes. To prevent malicious attacks from the IA-CAN protocol, a secure and robust system error recovery mechanism is required. This article presents a central management method of IA-CAN, named the IA-CAN with a global A-ID, where a gateway plays a central role in the session initiation and system error recovery. Each ECU self-diagnoses the system errors, and (if an error happens) it automatically resynchronizes its A-ID generation by acquiring the recovery information from the gateway. We prototype both a hardware version of an IA-CAN controller and a system for the IA-CAN with a global A-ID using the controller to verify our concept.
Book

Commercial Aviation and Cyber Security: A Critical Intersection

2016-12-22
As cyber attacks become more frequent at all levels, the commercial aviation industry is gearing up to respond accordingly. Commercial Aviation and Cyber Security: A Critical Intersection is a timely contribution to those responsible for keeping aircraft and infrastructure safe. It covers areas of vital interest such as aircraft communications, next-gen air transportation systems, the impact of the Internet of Things (IoT), regulations, the efforts being developed by the Federal Aviation Administration (FAA), and other regulatory bodies. The book also collects important information on the best practices already adopted by other industries such as utilities, defense and the National Highway Traffic Safety Administration in the US. It equally addresses risk management, response plans to cyber attacks, managing supply chains and their cyber- security flaws, personnel training, and the sharing of information among industry players.
SAE MOBILUS Subscription

Wiley Cyber Security Collection Add-On

2018-03-23
As an annual subscription, the Wiley Cyber Security Collection Add-On is available for purchase along with one or both of the following: Wiley Aerospace Collection Wiley Automotive Collection The titles from the Wiley Cyber Security Collection are included in the SAE MOBILUS® eBook Package. Titles: Network Forensics Penetration Testing Essentials Security in Fixed and Wireless Networks, 2nd Edition The Network Security Test Lab: A Step-by-Step Guide Risk Centric Threat Modeling: Process for Attack Simulation and Threat Analysis Applied Cryptography: Protocols, Algorithms and Source Code in C, 20th Anniversary Edition Computer Security Handbook, Set, 6th Edition Threat Modeling: Designing for Security Other available Wiley collections: Wiley SAE MOBILUS eBook Package Wiley Aerospace Collection Wiley Automotive Collection Wiley Computer Systems Collection Add-On (purchasable with the Wiley Aerospace Collection and/or the Wiley Automotive Collection)
SAE MOBILUS Subscription

Wiley SAE MOBILUS® eBook Package

2018-03-23
Committed to being the primary source for aerospace and ground vehicle engineering resources, SAE International has added the full compilation of our Wiley eBook collections to the SAE MOBILUS® technical resource platform. Purchasable as an annual subscription and containing the titles from the Wiley Aerospace Collection, the Wiley Automotive Collection, the Wiley Computer Systems Collection, and the Wiley Cyber Security Collection.
Standard

Requirements for a COTS Assembly Management Plan

2019-04-22
WIP
EIA933C
This document applies to the development of Plans for integrating and managing COTS assemblies in electronic equipment and Systems for the commercial, military, and space markets; as well as other ADHP markets that wish to use this document.
Technical Paper

A Blockchain-Backed Database for Qualified Parts

2019-03-19
2019-01-1343
Certain standard parts in the aerospace industry require qualification as a prerequisite to manufacturing, signifying that the manufacturer’s capacity to produce parts consistent with the performance specifications has been audited by a neutral third-party auditor, key customer, and/or group of customers. In at least some cases, a certifying authority provides manufacturers with certificates of qualification which they can then present to prospective customers, and/or lists qualified suppliers in a Qualified Parts List or Qualified Supplier List available from that qualification authority. If this list is in an infrequently updated and/or inconsistently styled format as might be found in a print or PDF document, potential customers wishing to integrate qualification information into their supplier tracking systems must use a potentially error-prone manual process that could lead to later reliance on out-of-date or even forged data.
Magazine

Momentum: February 2015

2015-02-02
Taking on the Valeo Innovation Challenge Two Canadian teams-the University of Ottawa and the University of Waterloo-finished in the top 3 among about 1,000 other universities from around the world in this challenge devoted to spurring innovative ideas for transportation. Colorado State University designs fuel-cell plug-in hybrid system Competing in the EcoCAR2 competition using a Chevrolet Malibu, the Colorado State team designed a system that features a 15-kW polymer electrolyte membrane fuel cell system, an 18.9-kW•h/177-kW lithium-ion battery, and a 145-kW motor. Cal State Fullerton combines art and engineering Team's submission on its Formula SAE car won first place in the second annual Generation Auto video contest organized in part by SAE International. Collaborative research project leads to potentially swarming VTOL UAVs The AVIGLE VTOL (vertical takeoff and landing) unmanned aerial vehicle was developed via collaboration by a variety of entities for a variety of applications.
X