Refine Your Search



Search Results

Technical Paper

Onboard Cybersecurity Diagnostic System for Connected Vehicles

Here, we discuss the On-Board Diagnostic (OBD) regulations for next generation BEV/HEV, its vulnerabilities and cybersecurity threats that come with hacking. We propose three cybersecurity attack detection and defense methods: Cyber-Attack detection algorithm, Time-Based CAN Intrusion Detection Method and, Feistel Cipher Block Method. ...These control methods autonomously diagnose a cybersecurity problem in a vehicle’s onboard system using an OBD interface, such as OBD-II when a fault caused by a cyberattack is detected, All of this is achieved in an internal communication network structure.
Technical Paper

An Integrated View on Automotive SPICE, Functional Safety and Cyber-Security

This increases the attractiveness of an attack on vehicles and thus introduces new risks for vehicle cybersecurity. Thus, just as safety became a critical part of the development in the late 20th century, the automotive domain must now consider cybersecurity as an integral part of the development of modern vehicles. ...Thus, just as safety became a critical part of the development in the late 20th century, the automotive domain must now consider cybersecurity as an integral part of the development of modern vehicles. Aware of this fact, the automotive industry has, therefore, recently taken multiple efforts in designing and producing safe and secure connected and automated vehicles. ...As the domain geared up for the cybersecurity challenges, they leveraged experiences from many other domains, but must face several unique challenges.
Technical Paper

Mitigating Unknown Cybersecurity Threats in Performance Constrained Electronic Control Units

Traditional Cybersecurity solutions fall short in meeting automotive ECU constraints such as zero false positives, intermittent connectivity, and low performance impact. ...We integrated Autonomous Security on a BeagleBone Black (BBB) system to evaluate the feasibility of mitigating Cybersecurity risks against potential threats. We identified key metrics that should be measured, such as level of security, ease of integration and system performance impact.
Journal Article

(R)evolution of E/E Architectures

Functionalities such as automated driving, connectivity and cyber-security have gained increasing importance over the past few years. The importance of these functionalities will continue to grow as these cutting-edge technologies mature and market acceptance increases.

Automotive Engineering: February 3, 2016

Baking in protection With vehicles joining the Internet of Things, connectivity is making cybersecurity a must-have obligation for automotive engineers, from initial designs through end-of-life.

Automotive Engineering: September 2021

Editorial EV bafflers, surprises and ironies Altair honors weight-saving innovations Finding failure inside lithium-metal batteries GM puts its new 2023 Corvette V8 on a different 'plane' SAE Standards News New ISO-SAE 21434 for cybersecurity Supplier Eye Preparing for the new, faster product cadence 2022 Jeep Compass gets class-leading safety upgrades Toyota muscles-up 4-cylinder for revised 2022 GR 86 coupe Q&A Manufacturing consultant Laurie Harbour lays out the looming pressures on the auto-manufacturing supply base.
Technical Paper

Secure Vehicular Communication Using Blockchain Technology

Also, all the existing methods for vehicular communication rely on a centralized server which itself invite massive cyber-security threats. These threats and challenges can be addressed by using the Blockchain (BC) technology, where each transaction is logged in a decentralized immutable BC ledger.
Technical Paper

Study of Information Security Technology Standard System for Intelligent and Connected Vehicle

This paper analyzed information security challenges faced by Intelligent and connected vehicles (ICV), summarized the automotive information security technology standards and regulations developed by leading automotive industrial counties and international organizations, such as UN/WP.29 and ISO/TC22, and discussed the significant and necessity of the research work on ICV information security standard system in China. Focus on driving security, the paper also proposed the basic principles, logics and a systematic frame for building automotive information security standard system, and elaborated the contents and categories of the information security standards in the system. From whole perspective, suggestions for standard system construction and related research plan were proposed.
Technical Paper

Event-Triggered Robust Control of an Integrated Motor-Gearbox Powertrain System for a Connected Vehicle under CAN and DOS-Induced Delays

This paper deals with an integrated motor-transmission (IMT) speed tracking control of the connected vehicle when there are controller area network (CAN)-induced delays and denial of service (DOS)-induced delays. A connected vehicle equipped with an IMT system may be attacked through the external network. Therefore, there are two delays on the CAN of the connected vehicle, which are CAN-induced and cyber-attack delays. A DOS attack generates huge delays in CAN and even makes the control system invalid. To address this problem, a robust dynamic output-feedback controller of the IMT speed tracking system considering event-triggered detectors resisting CAN-induced delays and DOS-induced delays is designed. The event-triggered detector is used to reduce the CAN-induced network congestion with appropriate event trigger conditions on the controller input and output channels. CAN-induced delays and DOS-induced delays are modeled by polytopic inclusions using the Taylor series expansion.

Service Specific Permissions and Security Guidelines for Connected Vehicle Applications

SAE is developing a number of standards, including the SAE J2945/x and SAE J3161/x series, that specify a set of applications using message sets from the SAE J2735 data dictionary. (“Application” is used here to mean “a collection of activities including interactions between different entities in the service of a collection of related goals and associated with a given IEEE Provider Service Identifier (PSID)”). Authenticity and integrity of the communications for these applications are ensured using digital signatures and IEEE 1609.2 digital certificates, which also indicate the permissions of the senders using Provider Service Identifiers (PSIDs) and Service Specific Permissions (SSPs). The PSID is a globally unique identifier associated with an application specification that unambiguously describes how to build interoperable instances of that application.
Technical Paper

Cyber Security in the Automotive Domain – An Overview

Driven by the growing internet and remote connectivity of automobiles, combined with the emerging trend to automated driving, the importance of security for automotive systems is massively increasing. Although cyber security is a common part of daily routines in the traditional IT domain, necessary security mechanisms are not yet widely applied in the vehicles. At first glance, this may not appear to be a problem as there are lots of solutions from other domains, which potentially could be re-used. But substantial differences compared to an automotive environment have to be taken into account, drastically reducing the possibilities for simple reuse. Our contribution is to address automotive electronics engineers who are confronted with security requirements. Therefore, it will firstly provide some basic knowledge about IT security and subsequently present a selection of automotive specific security use cases.
Technical Paper

Safe and Secure Development: Challenges and Opportunities

The ever-increasing complexity and connectivity of driver assist functions pose challenges for both Functional Safety and Cyber Security. Several of these challenges arise not only due to the new functionalities themselves but due to numerous interdependencies between safety and security. Safety and security goals can conflict, safety mechanisms might be intentionally triggered by attackers to impact functionality negatively, or mechanisms can compete for limited resources like processing power or memory to name just some conflict potentials. But there is also the potential for synergies, both in the implementation as well as during the development. For example, both disciplines require mechanisms to check data integrity, are concerned with freedom from interference and require architecture based analyses. So far there is no consensus in the industry on how to best deal with these interdependencies in automotive development projects.
Technical Paper

Trust-Based Control and Scheduling for UGV Platoon under Cyber Attacks

Unmanned ground vehicles (UGVs) may encounter difficulties accommodating environmental uncertainties and system degradations during harsh conditions. However, human experience and onboard intelligence can may help mitigate such cases. Unfortunately, human operators have cognition limits when directly supervising multiple UGVs. Ideally, an automated decision aid can be designed that empowers the human operator to supervise the UGVs. In this paper, we consider a connected UGV platoon under cyber attacks that may disrupt safety and degrade performance. An observer-based resilient control strategy is designed to mitigate the effects of vehicle-to-vehicle (V2V) cyber attacks. In addition, each UGV generates both internal and external evaluations based on the platoons performance metrics. A cloud-based trust-based information management system collects these evaluations to detect abnormal UGV platoon behaviors.

E/E Data Link Security

This SAE Recommended Practice establishes a uniform practice for protecting vehicle components from "unauthorized" access through a vehicle data link connector (DLC). The document defines a security system for motor vehicle and tool manufacturers. It will provide flexibility to tailor systems to the security needs of the vehicle manufacturer. The vehicle modules addressed are those that are capable of having solid state memory contents accessed or altered through the data link connector. Improper memory content alteration could potentially damage the electronics or other vehicle modules; risk the vehicle compliance to government legislated requirements; or risk the vehicle manufacturer's security interests. This document does not imply that other security measures are not required nor possible.
Technical Paper

Connected Vehicles - A Testing Approach and Methodology

With the introduction of Connected Vehicles, it is possible to extend the limited horizon of vehicles on the road by collective perceptions, where vehicles periodically share their information with other vehicles and servers using cloud. Nevertheless, by the time the connected vehicle spread expands, it is critical to understand the validation techniques which can be used to ensure a flawless transfer of data and connectivity. Connected vehicles are mainly characterized by the smartphone application which is provided to the end customers to access the connectivity features in the vehicle. The end result which is delivered to the customer is through the integrated telematics unit in the vehicle which communicates through a communication layer with the cloud platform. The cloud server in turn interacts with the final application layer of the mobile application given to the customer.
Training / Education

Intelligent Vehicles From Functional Framework to Vehicle Architecture

Considering the increasing demand for vehicle intelligence, more and more students, engineers and researchers are involved in this field. It can be challenging, however, to gain an understanding of the growing variety of intelligent vehicle technologies and how they must function together effectively as a system.  This course provides an overview of state-of-the-art intelligent vehicles, presents a systematic framework for intelligent technologies and vehicle-level architecture, and introduces testing methodologies to evaluate individual and integrated intelligent functions.
Journal Article

Zero-Day Attack Defenses and Test Framework for Connected Mobility ECUs

Recent developments in the commercialization of mobility services have brought unprecedented connectivity to the automotive sector. While the adoption of connected features provides significant benefits to vehicle owners, adversaries may leverage zero-day attacks to target the expanded attack surface and make unauthorized access to sensitive data. Protecting new generations of automotive controllers against malicious intrusions requires solutions that do not depend on conventional countermeasures, which often fall short when pitted against sophisticated exploitation attempts. In this paper, we describe some of the latent risks in current automotive systems along with a well-engineered multi-layer defense strategy. Further, we introduce a novel and comprehensive attack and performance test framework which considers state-of-the-art memory corruption attacks, countermeasures and evaluation methods.