Quotes from COMVEC 2018 Industry leaders spoke extensively about all things autonomous-ADAS, big data, connectivity, cybersecurity, machine learning-at the annual SAE event. Here's some of what they had to say. Fuel-cell Class 8-take 2.0 With a longer-range and more-refined fuel cell-powered heavy-duty truck, Toyota aims to eventually eliminate emissions from trucks serving increasingly congested California ports. ...Editorial Bring innovation, disruption in-house Adding 3D printing to design, manufacturing processes Upstream devoted to truck cybersecurity threats Jacobs employs cylinder deactivation in HD engines to lower CO2, NOx Emissions reductions continue to disrupt CV industry Mercedes doubles down on electric vans and buses, considers fuel cells Off-road bus from Torsus transports to hard-to-reach places Q&A Perkins pursues plug-and-play connectivity
In-vehicle networks used for inter-ECU communication, most commonly the CAN bus, were not designed with cybersecurity in mind, and as a result, communication by corrupt devices connected to the bus is not authenticated.
This document will provide recommendations to vehicle manufacturers and component suppliers in securing the SAE J1939-13 connector interface from the cybersecurity risks posed by the existence of this connector.
Security continues to be an ever-growing concern in more and more design spaces. There are daily articles about security breaches and there is a need for much higher security through the entire system stack. Thorough testing of systems can lead to stronger security in systems, but testing can only expose so many vulnerabilities. Formal methods is another solution that ensures specific behaviors will not occur. seL4 is the first formally proven microkernel and it is open-source. This makes it a great solution for systems that need strong security.
Cyber assurance of heavy trucks is a major concern with new designs as well as with supporting legacy systems. Many cyber security experts and analysts are used to working with traditional information technology (IT) networks and are familiar with a set of technologies that may not be directly useful in the commercial vehicle sector. To help connect security researchers to heavy trucks, a remotely accessible testbed has been prototyped for experimentation with security methodologies and techniques to evaluate and improve on existing technologies, as well as developing domain-specific technologies. The testbed relies on embedded Linux-based node controllers that can simulate the sensor inputs to various heavy vehicle electronic control units (ECUs). The node controller also monitors and affects the flow of network information between the ECUs and the vehicle communications backbone.
Abstract Identity-Anonymized CAN (IA-CAN) protocol is a secure CAN protocol, which provides the sender authentication by inserting a secret sequence of anonymous IDs (A-IDs) shared among the communication nodes. To prevent malicious attacks from the IA-CAN protocol, a secure and robust system error recovery mechanism is required. This article presents a central management method of IA-CAN, named the IA-CAN with a global A-ID, where a gateway plays a central role in the session initiation and system error recovery. Each ECU self-diagnoses the system errors, and (if an error happens) it automatically resynchronizes its A-ID generation by acquiring the recovery information from the gateway. We prototype both a hardware version of an IA-CAN controller and a system for the IA-CAN with a global A-ID using the controller to verify our concept.
As an annual subscription, the Wiley Cyber Security Collection Add-On is available for purchase along with one or both of the following: Wiley Aerospace Collection Wiley Automotive Collection The titles from the Wiley Cyber Security Collection are included in the SAE MOBILUS® eBook Package. Titles: Network Forensics Penetration Testing Essentials Security in Fixed and Wireless Networks, 2nd Edition The Network Security Test Lab: A Step-by-Step Guide Risk Centric Threat Modeling: Process for Attack Simulation and Threat Analysis Applied Cryptography: Protocols, Algorithms and Source Code in C, 20th Anniversary Edition Computer Security Handbook, Set, 6th Edition Threat Modeling: Designing for Security Other available Wiley collections: Wiley SAE MOBILUS eBook Package Wiley Aerospace Collection Wiley Automotive Collection Wiley Computer Systems Collection Add-On (purchasable with the Wiley Aerospace Collection and/or the Wiley Automotive Collection)
Modern vehicles have multiple electronic control units (ECU) to control various subsystems such as the engine, brakes, steering, air conditioning, and infotainment. These ECUs are networked together to share information directly with each other. This in-vehicle network provides a data opportunity for improved maintenance, fleet management, warranty and legal issues, reliability, and accident reconstruction. Data Acquisition from Light-Duty Vehicles Using OBD and CAN is a guide for the reader on how to acquire and correctly interpret data from the in-vehicle network of light-duty (LD) vehicles. The reader will learn how to determine what data is available on the vehicle's network, acquire messages and convert them to scaled engineering parameters, apply more than 25 applicable standards, and understand 15 important test modes.