Search Results

The purpose of this SAE Aerospace Information Report (AIR) is to provide guidance for aircraft engine and propeller systems (hereafter referred to as propulsion systems) certification for cybersecurity. Compliance for cybersecurity requires that the engine control, propeller control, monitoring system, and all auxiliary equipment systems and networks associated with the propulsion system (such as nacelle systems, overspeed governors, and thrust reversers) be protected from intentional unauthorized electronic interactions (IUEI) that may result in an adverse effect on the safety of the propulsion system or the airplane.

ISO/SAE 21434 [1] Final International Standard was released September 2021 to great fanfare and is the most prominent standard in Automotive Cybersecurity. As members of the Joint Working Group (JWG) the authors spent 5 years developing the 84 pages of precise wording acceptable to hundreds of contributors. ...The application to Agile may require interpreting the standard from another angle, which could involve reordering the sequence of activities and work products, breaking down the acceptable criteria of some work products to allow rapid iterations, and verifications of meta data or intermediate work products. In cybersecurity engineering, Agile has its unique strength compared to the V-model method, as its cyclical nature is better aligned with best practices for Cybersecurity Frameworks. ...In cybersecurity engineering, Agile has its unique strength compared to the V-model method, as its cyclical nature is better aligned with best practices for Cybersecurity Frameworks.

Cybersecurity (CS) is crucial and significantly important in every product that is connected to the network/internet. ...Hence making it very important to guarantee that every single connected device shall have cybersecurity measures implemented to ensure the safety of the entire system. Looking into the forecasted worldwide growth in the electric vehicles (EV’s) segment, CS researchers have recently identified several vulnerabilities that exist in EV’s, electric vehicle supply equipment (EVSE) devices, communications to EVs, and upstream services, such as EVSE vendor cloud services, third party systems, and grid operators. ...Additional processes have been defined in the process reference and assessment model for the CS engineering in order to incorporate the cybersecurity related processes in the ASPICE scope. This paper aims at providing a model & brief overview to establish a correlation between the ASPICE, ISO/SAE 21434 and the ISO 26262 functional safety (FS) standards for development of a secured cybersecurity software with all the considerations that an organization can undertake.

To build secure systems of road vehicles, the cybersecurity engineering standard ISO21434[11] suggests the evaluation of vulnerabilities throughout engineering process, such as attack path analysis, system requirement stage, software architecture, design, and implementation and testing phases. ...With my analysis and practices, it is appropriate to include the common vulnerabilities that ought to be an integral part of the automotive cybersecurity engineering process. In this paper, the author would like to provide a list of vulnerabilities that might be a suggestion for threat analysis and risk assessment and propose two solutions that may be adopted directly in the V-model for security-relevant software development.

SAE International’s two-day course, DO-326A and ED-202A: An Introduction to the New and Mandatory Aviation Cyber-Security Essentials, introduces attendees to industry best practices for real-world aviation cybersecurity risk assessment, development, assurance. ...SAE International’s two-day course, DO-326A and ED-202A: An Introduction to the New and Mandatory Aviation Cyber-Security Essentials, introduces attendees to industry best practices for real-world aviation cybersecurity risk assessment, development, assurance.

Connected commercial vehicles bring cybersecurity to the fore Connectivity, automation and electrification will drive vehicle development in the near future, say industry experts attending the revamped SAE COMVEC 17 event.

Functionalities such as automated driving, connectivity and cyber-security have gained increasing importance over the past few years. The importance of these functionalities will continue to grow as these cutting-edge technologies mature and market acceptance increases.

To serve and protect As cars become more connected and automated, cybersecurity concerns are rising. Industry engineers have many tools and techniques and are now deploying encryption and standards to ensure that vehicle controls are not altered or usurped by unauthorized people.

Cybersecurity attacks exploit vulnerabilities related to the increased complexity and connectivity of critical infrastructure systems. ...Network security is a core component of the overall cyber-security and defense-in-depth capability for distributed architectures. Protection mechanism for information, interface and system integrity, communication availability, and data confidentiality are required for design of safe and secure integrated embedded infrastructure.

Symbolic code execution is a powerful cybersecurity testing approach that facilitates the systematic exploration of all paths within a program to uncover previously unknown cybersecurity vulnerabilities. ...Symbolic code execution is a powerful cybersecurity testing approach that facilitates the systematic exploration of all paths within a program to uncover previously unknown cybersecurity vulnerabilities. This is achieved through a Satisfiability Modulo Theory (SMT) solver, which operates on symbolic values for program inputs instead of using their concrete counterparts.

Editorial EV bafflers, surprises and ironies Altair honors weight-saving innovations Finding failure inside lithium-metal batteries GM puts its new 2023 Corvette V8 on a different 'plane' SAE Standards News New ISO-SAE 21434 for cybersecurity Supplier Eye Preparing for the new, faster product cadence 2022 Jeep Compass gets class-leading safety upgrades Toyota muscles-up 4-cylinder for revised 2022 GR 86 coupe Q&A Manufacturing consultant Laurie Harbour lays out the looming pressures on the auto-manufacturing supply base.

Reviewer Acknowledgment

Driven by the growing internet and remote connectivity of automobiles, combined with the emerging trend to automated driving, the importance of security for automotive systems is massively increasing. Although cyber security is a common part of daily routines in the traditional IT domain, necessary security mechanisms are not yet widely applied in the vehicles. At first glance, this may not appear to be a problem as there are lots of solutions from other domains, which potentially could be re-used. But substantial differences compared to an automotive environment have to be taken into account, drastically reducing the possibilities for simple reuse. Our contribution is to address automotive electronics engineers who are confronted with security requirements. Therefore, it will firstly provide some basic knowledge about IT security and subsequently present a selection of automotive specific security use cases.

This SAE Recommended Practice establishes a uniform practice for protecting vehicle components from "unauthorized" access through a vehicle data link connector (DLC). The document defines a security system for motor vehicle and tool manufacturers. It will provide flexibility to tailor systems to the security needs of the vehicle manufacturer. The vehicle modules addressed are those that are capable of having solid state memory contents accessed or altered through the data link connector. Improper memory content alteration could potentially damage the electronics or other vehicle modules; risk the vehicle compliance to government legislated requirements; or risk the vehicle manufacturer's security interests. This document does not imply that other security measures are not required nor possible.

Ransomware is not a new method of malware infection. This historically had been experienced in the enterprise in nearly every industry. This has been especially problematic in the medical and manufacturing fields. As the attackers saturate the specifically targeted industries, the attackers will expand their target industries. One of these which has not been significantly explored by the ransomware groups are the embedded systems and automobile environment. This set of targets is massive and provides for a vast attack potential. While this has not experienced this attack methodology at length, the research and efforts are creeping towards this as a natural extension of the business. The research focusses on the history of ransomware, uses in the enterprise, possible attack vectors with ground vehicles, and defenses to be explored and implemented to secure automobiles, fleets, and the industries.

Unmanned ground vehicles (UGVs) may encounter difficulties accommodating environmental uncertainties and system degradations during harsh conditions. However, human experience and onboard intelligence can may help mitigate such cases. Unfortunately, human operators have cognition limits when directly supervising multiple UGVs. Ideally, an automated decision aid can be designed that empowers the human operator to supervise the UGVs. In this paper, we consider a connected UGV platoon under cyber attacks that may disrupt safety and degrade performance. An observer-based resilient control strategy is designed to mitigate the effects of vehicle-to-vehicle (V2V) cyber attacks. In addition, each UGV generates both internal and external evaluations based on the platoons performance metrics. A cloud-based trust-based information management system collects these evaluations to detect abnormal UGV platoon behaviors.

The car door handle is an essential component of any vehicle, as it plays a crucial role in providing access to the cabin and ensuring safety of the passenger. The primary function of the car door handle is to allow entry and exit from the vehicle while preventing unauthorized access. In addition to this, car door handles also play a critical role in ensuring passenger safety by keeping the door closed during accidents or when there is a significant amount of G-force acting on the vehicle. A typical car door handle comprises several components including the structure, cover, bowden lever, bracket, pins and other child parts. The structure provides the ergonomics and rigidity for grabbing the handle, while the cover gives the handle an aesthetic appearance. The Bowden lever facilitates the unlatching of the door and the intermediate parts ensure that the handle operates smoothly.

The aircraft lifecycle involves thousands of transactions and an enormous amount of data being exchanged across the stakeholders in the aircraft ecosystem. This data pertains to various aircraft life cycle stages such as design, manufacturing, certification, operations, maintenance, and disposal of the aircraft. All participants in the aerospace ecosystem want to leverage the data to deliver insight and add value to their customers through existing and new services while protecting their own intellectual property. The exchange of data between stakeholders in the ecosystem is involved and growing exponentially. This necessitates the need for standards on data interoperability to support efficient maintenance, logistics, operations, and design improvements for both commercial and military aircraft ecosystems. A digital thread defines an approach and a system which connects the data flows and represents a holistic view of an asset data across its lifecycle.

This brief User Guide recaps the content of the AS6518B UCS Architectural Model. The purpose of the UCS Architecture Model is to provide the authoritative source for other models and products within the UCS Architecture as shown in the AS6512B UCS Architecture: Architecture Description.