Refine Your Search

Topic

Search Results

Technical Paper

Cybersecurity Testing and Validation

2017-03-28
2017-01-1655
We also consider the necessary scope and depth of cybersecurity testing and suggest examples of how this can be related to cybersecurity requirements, goals and integrity levels, as determined by the threat analysis and risk assessment. ...An essential part of an effective cybersecurity engineering process is testing the implementation of a system for vulnerabilities and validating the effectiveness of countermeasures. ...The SAE J3061 Cybersecurity Guidebook for Cyber-Physical Vehicle Systems provides a recommended framework which organizations can use to implement a cybersecurity engineering process, which includes activities such as integration and testing, penetration testing and verification/validation of cybersecurity requirements at the hardware, software and system levels.
Training / Education

Cybersecurity An Introduction for the Automotive Sector

2020-04-20
The automotive industry is the new "battleground" for cybersecurity. Following the path of desktops/laptops, tablets, and mobile phones, the automotive industry is now the "hot" area for both academic researchers and hackers. ...What does cybersecurity mean? Who is attacking and why? What must we change? What can stay the same? What is the larger organization's role in cyber?
Book

Cybersecurity for Commercial Vehicles

2018-08-28
It delivers details on key subject areas including: • SAE International Standard J3061; the cybersecurity guidebook for cyber-physical vehicle systems • The differences between automotive and commercial vehicle cybersecurity. • Forensics for identifying breaches in cybersecurity. • Platooning and fleet implications. • Impacts and importance of secure systems for today and for the future. ...This book provides a thorough view of cybersecurity to encourage those in the commercial vehicle industry to be fully aware and concerned that their fleet and cargo could be at risk to a cyber-attack. ...It delivers details on key subject areas including: • SAE International Standard J3061; the cybersecurity guidebook for cyber-physical vehicle systems • The differences between automotive and commercial vehicle cybersecurity. • Forensics for identifying breaches in cybersecurity. • Platooning and fleet implications. • Impacts and importance of secure systems for today and for the future.
Article

SAE course delivers an introduction to the latest aviation cybersecurity essentials

2019-06-11
SAE International’s two-day course, DO-326A and ED-202A: An Introduction to the New and Mandatory Aviation Cyber-Security Essentials, introduces attendees to industry best practices for real-world aviation cybersecurity risk assessment, development, assurance. ...SAE International’s two-day course, DO-326A and ED-202A: An Introduction to the New and Mandatory Aviation Cyber-Security Essentials, introduces attendees to industry best practices for real-world aviation cybersecurity risk assessment, development, assurance.
Technical Paper

Integrated Safety and Security Development in the Automotive Domain

2017-03-28
2017-01-1661
The recently released SAE J3061 guidebook for cyber-physical vehicle systems provides high-level principles for automotive organizations for identifying and assessing cybersecurity threats and for designing cybersecurity aware systems in close relation to the ISO 26262 standard for the functional safety of road vehicles. ...., infotainment, car-2-car or car-2-infrastructure communication) as well as new advances toward advanced driver assistance systems (ADAS) or even autonomous driving functions make cybersecurity another key factor to be taken into account by vehicle suppliers and manufacturers. ...Although these can capitalize on experiences from many other domains, they still have to face several unique challenges when gearing up for specific cybersecurity challenges. A key challenge is related to the increasing interconnection of automotive systems with networks (such as Car2X).
Book

Supply Chain Vulnerabilities Impacting Commercial Aviation

2019-09-04
Written by Kirsten Koepsel, a lawyer and engineer whose work has focused on aviation cybersecurity, Supply Chain Vulnerabilities Impacting Commercial Aviation addresses the big question facing aircraft manufacturers today: keep the work in house or outsource it? ...Supply Chain Vulnerabilities Impacting Commercial Aviation discusses the differences in requirements depending on the buyer of the aircraft (governmental or not), ranging from delivery delays to risks linked to cybersecurity and the Internet of Things (IoT), including possible problems with faulty sensors and counterfeit parts.
Magazine

Aerospace & Defense Technology: October 2015

2015-10-01
Countering cybersecurity threats against unmanned vehicle systems Cranfield University researchers have developed a monitoring system whose purpose is to monitor mission profile implementation at both high level mission execution and at lower level software code operation to tackle specific threats of malicious code and possible spurious commands received over a vehicle's data links.
Technical Paper

Lessons Learned in Inter-Organization Virtual Integration

2018-10-30
2018-01-1944
The SAE AS2C Standard AS5506C Architecture Analysis and Description Language (AADL) is a modeling language for predictive analysis of real-time software reliant, safety and cybersecurity critical systems that provides both the precision of formal modeling and the tool-agnostic freedom of a text-based representation. ...AADL supports multiple domains of architectural analysis such as timing, latency, resources, safety, scheduling, and cybersecurity. Adventium Labs conducted an exercise to determine the applicability of software engineering practices (e.g., continuous integration (CI), application programming interface (API) sharing, test driven development (TDD)) to the AADL-based Architecture Centric Virtual Integration Process (ACVIP).
Book

The Aerospace Supply Chain and Cyber Security - Challenges Ahead

2018-07-20
The Aerospace Supply Chain and Cyber Security - Challenges Ahead looks at the current state of commercial aviation and cyber security, how information technology and its attractiveness to cyber attacks is affecting it, and the way supply chains have become a vital part of the industry's cyber-security strategy. More than ever before, commercial aviation relies on information and communications technology.
Training / Education

Design Considerations for Secure Embedded Systems

2020-08-05
Embedded hardware is everywhere you look today from your vehicle’s infotainment system to refrigerator to medical devices and everything else in-between. With so much exposure one would think that such devices are secure against attack; however, sadly for many devices this is not the case. For proof, just look no further than your local news reports. They are full of reports on devices being hacked. So, as engineers, how do we go about first identifying and mitigating (or capitalizing) the potential security vulnerabilities within these devices?
Training / Education

Introduction to Cyber Security for Commercial Aviation

2020-05-06
Despite the advantages of electronic flight bags (EFB), passenger entertainment and email access during flights, and the ability to access aircraft repair manuals electronically, computer interconnectivity throughout aviation has opened the aviation sector to cyber-attacks that could impact flights, data, and safety. This two-day seminar is intended to introduce aviation professionals to the need to implement cyber security throughout commercial aviation including the supply chain.
Technical Paper

Securing J1939 Communications Using Strong Encryption with FIPS 140-2

2017-03-28
2017-01-0020
Since 2001, all sensitive information of U.S. Federal Agencies has been protected by strong encryption mandated by the Federal Information Processing Standards (FIPS) 140-2 Security Requirements. The requirements specify a formal certification process. The process ensures that validated encryption modules have implemented the standard, and have passed a rigorous testing and review processes. Today, this same strong security protection has become possible for vehicle networks using modern, cost-effective encryption in hardware. This paper introduces the motivation and context for the encryption diagnostics security in terms of all vehicles in general, not just trucks which use SAE J1939 communications. Several practical scenarios for using such encryption hardware and the advantages of using hardware compared to software private-key encryption and public-key encryption are described.
Technical Paper

Investigation of Vehicular Networks and its Main Security Issues

2014-04-01
2014-01-0336
Vehicular Network is an emerging and developing technology to improve traffic management and safety issues, and enable a wide range of value-added services such as collision warning/avoidance. Many applications have been designed to provide safety and comfort for passengers. This technology is a prolific area for attackers who will attempt to challenge the network with their malicious or rational attacks. In this paper we elaborate what a vehicular network is, different kinds of communication in this field, main mechanism and related parts and how vehicular networks work then we introduce some of its applications. After primary familiarity with this system we investigate to different type of attacker, more important security issues, How to secure vehicular networks (security requirements and some tools and methods to achieve secure vehicular networks), difficulties and providing viable security solutions, and at the end briefly explanation of related standards.
Technical Paper

Securing the Secret Key

2019-01-16
2019-01-0097
Recent advances in automotive technologies have paved way to a new era of connectivity. Advanced Driver Assistance Systems are getting deployed in automobiles; many companies are developing driverless cars; connected cars are no more a work of mere research. [1] Vehicle manufacturers are developing ways to interface mobile devices with vehicles. However, all these advances in technology has introduced security risks. Unlike traditional computing systems, the security risk of an automobile can be fatal and can result in loss of lives [2]. The in-vehicle network of an automobile was originally designed to operate in a closed environment and hence network security was not considered during its design [3]. Several studies have already shown that an in-vehicle network can be easily compromised and an intruder can take full control of the vehicle. Researchers are working on various ways to solve this problem. Securing the in-vehicle communication by encrypting the messages is one such way.
X