Refine Your Search

Topic

Search Results

Journal Article

The Missing Link: Aircraft Cybersecurity at the Operational Level

2020-07-25
Abstract Aircraft cybersecurity efforts have tended to focus at the strategic or tactical levels without a clear connection between the two. ...CSSEP’s process model postulates that security is best achieved by a balance of cybersecurity, cyber resiliency, defensibility, and recoverability and that control is best established by developing security constraints versus attempting to find every vulnerability. ...CSSEP identifies the major functions needed to do effective aircraft cybersecurity and provides a flexible framework as the “missing link” to connect the strategic and tactical levels of aircraft cybersecurity.
Technical Paper

Research on Vehicle Cybersecurity Based on Dedicated Security Hardware and ECDH Algorithm

2017-09-23
2017-01-2005
Vehicle cybersecurity consists of internal security and external security. Dedicated security hardware will play an important role in car’s internal and external security communication. ...For certain AURIX MCU consisting of HSM, the experiment result shows that cheaper 32-bit HSM’s AES calculating speed is 25 times of 32-bit main controller, so HSM is an effective choice to realize cybersecurity. After comparing two existing methods that realize secure CAN communication, A Modified SECURE CAN scheme is proposed, and differences of the three schemes are analyzed.
Technical Paper

Wireless Charging for EV/HEV with Prescriptive Analytics, Machine Learning, Cybersecurity and Blockchain Technology: Ongoing and Future Trends

2019-04-02
2019-01-0790
Due to the rapid development in the technological aspect of the autonomous vehicle (AV), there is a compelling need for research in the field vehicle efficiency and emission reduction without affecting the performance, safety and reliability of the vehicle. Electric vehicle (EV) with rechargeable battery has been proved to be a practical solution for the above problem. In order to utilize the maximum capacity of the battery, a proper power management and control mechanism need to be developed such that it does not affect the performance, reliability and safety of vehicle. Different optimization techniques along with deterministic dynamic programming (DDP) approach are used for the power distribution and management control. The battery-operated electric vehicle can be recharged either by plug-in a wired connection or by the inductive mean (i.e. wirelessly) with the help of the electromagnetic field energy.
Technical Paper

Intelligent Vehicle Monitoring for Safety and Security

2019-04-02
2019-01-0129
The caveat to these additional capabilities is issues like cybersecurity, complexity, etc. This paper is an exploration into FuSa and CAVs and will present a systematic approach to understand challenges and propose potential framework, Intelligent Vehicle Monitoring for Safety and Security (IVMSS) to handle faults/malfunctions in CAVs, and specifically autonomous systems.
Technical Paper

The Use of Interactive Web Based Program Applications for In-Depth Vehicle Noise Path Analysis

2017-06-05
2017-01-1868
The authors previously presented at SAE 2015, the use of acoustic diagnostic network algorithms (Acoustic DNA) for the measurement and analysis of noise paths in motor vehicles. To further the understanding of the huge amount of data created in this method, especially by the end user or customer, a secure web based application platform has been engineered. The current paper presents operating aspects of the web based approach, including cyber security, multi device accessibility and intuitive user interface together with an innovative optimization toolbox from which both noise sources and vehicle body systems can be modified to be target compliant.
Technical Paper

Proposal of HILS-Based In-Vehicle Network Security Verification Environment

2018-04-03
2018-01-0013
We propose a security-testing framework to analyze attack feasibilities for automotive control software by integrating model-based development with model checking techniques. Many studies have pointed out the vulnerabilities in the Controller Area Network (CAN) protocol, which is widely used in in-vehicle network systems. However, many security attacks on automobiles did not explicitly consider the transmission timing of CAN packets to realize vulnerabilities. Additionally, in terms of security testing for automobiles, most existing studies have only focused on the generation of the testing packets to realize vulnerabilities, but they did not consider the timing of invoking a security testing. Therefore, we focus on the transmit timing of CAN packets to realize vulnerabilities. In our experiments, we have demonstrated the classification of feasible attacks at the early development phase by integrating the model checking techniques into a virtualized environment.
Technical Paper

The Study of Secure CAN Communication for Automotive Applications

2017-03-28
2017-01-1658
Cyber security is becoming increasingly critical in the car industry. Not only the entry points to the external world in the car need to be protected against potential attack, but also the on-board communication in the car require to be protected against attackers who may try to send unauthorized CAN messages. However, the current CAN network was not designed with security in mind. As a result, the extra measures have to be taken to address the key security properties of the secure CAN communication, including data integrity, authenticity, confidentiality and freshness. While integrity and authenticity can be achieved by using a relatively straightforward algorithms such as CMAC (Cipher-based Message Authentication Code) and Confidentiality can be handled by a symmetric encryption algorithm like AES128 (128-bit Advanced Encryption Standard), it has been recognized to be more challenging to achieve the freshness of CAN message.
Journal Article

Accelerated Secure Boot for Real-Time Embedded Safety Systems

2019-07-08
Abstract Secure boot is a fundamental security primitive for establishing trust in computer systems. For real-time safety applications, the time taken to perform the boot measurement conflicts with the need for near instant availability. To speed up the boot measurement while establishing an acceptable degree of trust, we propose a dual-phase secure boot algorithm that balances the strong requirement for data tamper detection with the strong requirement for real-time availability. A probabilistic boot measurement is executed in the first phase to allow the system to be quickly booted. This is followed by a full boot measurement to verify the first-phase results and generate the new sampled space for the next boot cycle. The dual-phase approach allows the system to be operational within a fraction of the time needed for a full boot measurement while producing a high detection probability of data tampering.
Journal Article

A Comprehensive Attack and Defense Model for the Automotive Domain

2019-01-17
Abstract In the automotive domain, the overall complexity of technical components has increased enormously. Formerly isolated, purely mechanical cars are now a multitude of cyber-physical systems that are continuously interacting with other IT systems, for example, with the smartphone of their driver or the backend servers of the car manufacturer. This has huge security implications as demonstrated by several recent research papers that document attacks endangering the safety of the car. However, there is, to the best of our knowledge, no holistic overview or structured description of the complex automotive domain. Without such a big picture, distinct security research remains isolated and is lacking interconnections between the different subsystems. Hence, it is difficult to draw conclusions about the overall security of a car or to identify aspects that have not been sufficiently covered by security analyses.
Journal Article

Security Certificate Management System for V2V Communication in China

2020-08-18
Abstract Vehicle-to-Vehicle (V2V) communication is a vehicular communication technology to reduce traffic accidents and congestion. To protect V2V communication, multiple security standards have been developed. This article provides an overview of the China V2V security draft standard and compares it to the American IEEE1609.2 V2V standard and to the Security Credential Management System (SCMS). The article provides an overview of the Chinese cryptographic algorithms used in the China V2V standard, and points out differences in the certificate format, such as the lack of implicit certificates in the China V2V standard. The China V2V PKI architecture is similar to the American SCMS, however, the Chinese system utilizes a set of Root Certificate Authorities (CA) that are trusted via an out-of-band channel whereas the American SCMS supports elector-based addition and revocation of Root CAs.
SAE MOBILUS Subscription

Wiley Cyber Security Collection Add-On

2018-03-23
As an annual subscription, the Wiley Cyber Security Collection Add-On is available for purchase along with one or both of the following: Wiley Aerospace Collection Wiley Automotive Collection The titles from the Wiley Cyber Security Collection are included in the SAE MOBILUS® eBook Package. Titles: Network Forensics Penetration Testing Essentials Security in Fixed and Wireless Networks, 2nd Edition The Network Security Test Lab: A Step-by-Step Guide Risk Centric Threat Modeling: Process for Attack Simulation and Threat Analysis Applied Cryptography: Protocols, Algorithms and Source Code in C, 20th Anniversary Edition Computer Security Handbook, Set, 6th Edition Threat Modeling: Designing for Security Other available Wiley collections: Wiley SAE MOBILUS eBook Package Wiley Aerospace Collection Wiley Automotive Collection Wiley Computer Systems Collection Add-On (purchasable with the Wiley Aerospace Collection and/or the Wiley Automotive Collection)
Magazine

Automotive Engineering: March 2019

2019-03-01
Rethinking the HUD Advanced tech solutions move toward augmented reality to bring greater capability to head-up displays. Motor matters New designs and materials are key to the next generation of electric machines for EV propulsion. Harnessing the power of Sim Serious cost savings could come from eliminating vehicle- and systems-level tests. Powerful simulation tools may be the only way to tackle the increasing complexity in mobility development. An OBE for the SAE Meet Paul Mascarenas-SAE International's 2019 president. He's a staunch advocate for professional development for engineers amid the mobility industry's transformation. Solving the propulsion puzzle Must-attend expert panels at SAE's WCX '19 will cover the propulsion-tech future like no other. Editorial Kill the EV tax credit by 2025 SAE Standards News SAE and Synopsys collaborate on cyber study Supplier Eye New Co. vs. Old Co.
Magazine

Automotive Engineering: October 6, 2015

2015-10-06
2016 Malibu sheds 300 lb, adds new hybrid system More wheelbase, style, fuel economy, and comfort aim to move GM's volume midsize sedan from the sidelines to the fast lane. Lighter, more powerful 2016 Honda Pilot The third-generation SUV gets a sleek new look and plenty of slick technology for enhanced performance and safety. 2016 Mazda MX-5 stays true to its roots Mazda engineers give the industry a lesson in getting more from less. 2016 Land Rover Discovery Sport spearheads more efficient Land Rovers JLR's space-efficient, flexible SUV moves to JLR's new Ingenium modular engines. Audi chooses high technology, cautious design evolution for new A4 In addition to lighter weight and significant improvements in efficiency, the new car employs plenty of technology and driver support.
Research Report

Unsettled Issues in Balancing Virtual, Closed-Course, and Public-Road Testing of Automated Driving Systems

2019-12-19
EPR2019011
This SAE EDGE™ Research Report identifies key unsettled issues of interest to the automotive industry regarding the challenges of determining the optimal balance for testing automated driving systems (ADS). Three main issues are outlined that merit immediate interest: First, determining what kind of testing an ADS needs before it is ready to go on the road. Second, the current, optimal, and realistic balance of simulation testing and real-world testing. Third, the challenges of sharing data in the industry. SAE EDGE™ Research Reports are preliminary investigations of new technologies. The three technical issues identified in this report should be discussed in greater depth with the aims of, first, clarifying the scope of the industry-wide alignment needed; second, prioritizing the issues requiring resolution; and, third, creating a plan to generate the necessary frameworks, practices, and protocols.
Technical Paper

CAN Crypto FPGA Chip to Secure Data Transmitted Through CAN FD Bus Using AES-128 and SHA-1 Algorithms with A Symmetric Key

2017-03-28
2017-01-1612
Robert Bosch GmBH proposed in 2012 a new version of communication protocol named as Controller area network with Flexible Data-Rate (CANFD), that supports data frames up to 64 bytes compared to 8 bytes of CAN. With limited data frame size of CAN message, and it is impossible to be encrypted and secured. With this new feature of CAN FD, we propose a hardware design - CAN crypto FPGA chip to secure data transmitted through CAN FD bus by using AES-128 and SHA-1 algorithms with a symmetric key. AES-128 algorithm will provide confidentiality of CAN message and SHA-1 algorithm with a symmetric key (HMAC) will provide integrity and authentication of CAN message. The design has been modeled and verified by using Verilog HDL – a hardware description language, and implemented successfully into Xilinx FPGA chip by using simulation tool ISE (Xilinx).
Technical Paper

Case Study for Defining Security Goals and Requirements for Automotive Security Parts Using Threat Modeling

2018-04-03
2018-01-0014
Several external networks like telematics, and SOTA and many in-vehicle networks by gateways and domain controllers have been increasingly introduced. However, these trends may potentially make many critical data opened, attacked and modified by hackers. These days, vehicle security has been significantly required as these vehicle security threats are related to the human life like drivers and pedestrians. Threat modeling is process of secure software development lifecycle which is developed by Microsoft. It is a systematic approach for analyzing the potential threat in software and identifying the security risk associated with software. Through threat modeling, security risk is be mitigated and eliminated. In vehicle software System, one of vulnerability can affect critical problem about safety. An approach from experience and hacking cases is not enough for analyzing the potential threat and preparing new hacking attack.
X