Refine Your Search

Topic

Search Results

Technical Paper

Cybersecurity Testing and Validation

2017-03-28
2017-01-1655
We also consider the necessary scope and depth of cybersecurity testing and suggest examples of how this can be related to cybersecurity requirements, goals and integrity levels, as determined by the threat analysis and risk assessment. ...An essential part of an effective cybersecurity engineering process is testing the implementation of a system for vulnerabilities and validating the effectiveness of countermeasures. ...The SAE J3061 Cybersecurity Guidebook for Cyber-Physical Vehicle Systems provides a recommended framework which organizations can use to implement a cybersecurity engineering process, which includes activities such as integration and testing, penetration testing and verification/validation of cybersecurity requirements at the hardware, software and system levels.
Training / Education

Keys to Creating a Cybersecurity Process from the J3061 Process Framework

This allows an organization to develop an internal cybersecurity process consistent with its other processes in order to build cybersecurity robustness into their cyber-physical systems. ...This web seminar will define key concepts in cybersecurity and discuss what a cybersecurity process consists of and why one is needed for the development of cyber-physical vehicle systems.
Training / Education

Keys to Creating a Cybersecurity Process from the J3061 Process Framework

This allows an organization to develop an internal cybersecurity process consistent with its other processes in order to build cybersecurity robustness into their cyber- physical systems. ...Connected vehicles are increasingly seen as a potential target for cybersecurity attacks. A key differentiator for the automotive industry is the use of cyber-physical systems, where a successful cybersecurity attack could affect physical entities.
Journal Article

Cybersecurity Considerations for Heavy Vehicle Event Data Recorders

2018-12-14
Abstract Trust in the digital data from heavy vehicle event data recorders (HVEDRs) is paramount to using the data in legal contests. Ensuring the trust in the HVEDR data requires an examination of the ways the digital information can be attacked, both purposefully and inadvertently. The goal or objective of an attack on HVEDR data will be to have the data omitted in a case. To this end, we developed an attack tree and establish a model for violating the trust needed for HVEDR data. The attack tree provides context for mitigations and also for functional requirements. A trust model is introduced as well as a discussion on what constitutes forensically sound data. The main contribution of this article is an attack tree-based model of both malicious and accidental events contributing to compromised event data recorder (EDR) data. A comprehensive list of mitigations for HVEDR systems results from this analysis.
Training / Education

DO -326A and ED-202A An Introduction to the New and Mandatory Aviation Cyber-Security Essentials

2019-11-12
The international standards D-326A (U.S.) and ED-202A (Europe) titled "Airworthiness Security Process Specification" are the cornerstones of the "DO-326/ED-202 Set" and they are the only Acceptable Means of Compliance (AMC) by FAA & EASA for aviation cyber-security airworthiness certification, as of 2019. The "DO-326/ED-202 Set" also includes companion documents DO-356A/ED-203A: "Airworthiness Security Methods and Considerations" & DO-355/ED-204: "Information Security Guidance for Continuing Airworthiness" (U.S. & Europe) and ED-201: "Aeronautical Information System Security (AISS) Framework Guidance" & ED-205: "Process Standard for Security Certification / Declaration of Air Traffic Management / Air Navigation Services (ATM/ANS) Ground Systems“ (Europe only).  
Technical Paper

Information Security Risk Management of Vehicles

2018-04-03
2018-01-0015
The results of this work is allowed to identify a number of cybersecurity threats of the automated security-critical automotive systems, which reduces the efficiency of operation, road safety and system safety. ...According to the evaluating criterion of board electronics, the presence of poorly-protected communication channels, the 75% of the researched modern vehicles do not meet the minimum requirements of cybersecurity due to the danger of external blocking of vital systems. The revealed vulnerabilities of the security-critical automotive systems lead to the necessity of developing methods for mechanical and electronic protection of the modern vehicle. ...The law of normal distribution of the mid-points of the expert evaluation of the cyber-security of a modern vehicle has been determined. Based on the system approach, ranking of the main cybersecurity treats is performed.
Magazine

Automotive Engineering: August 2017

2017-08-03
Is automotive ready for the inevitable? Cybersecurity experts talk defense strategies. Active Aero takes flight Reconfigurable "smart" aerodynamic aids are stretching performance-car envelopes in every direction.
Magazine

Automotive Engineering: February 2017

2017-02-02
SAE Standards News VS committees fully engaged on cybersecurity. Honda's new 10-speed is a slick shifter SAE Level 3 'hand off' challenging AI researchers Lightweight door module aims to trim vehicle weight Exclusive first drive: Torotrak's V-Charge technology New 10-speed auto delights in 2017 Ford F-150 Power and more underscore 2018 Toyota Camry I.D.
Training / Education

ISO 26262 Functional Safety – Road Vehicles Focus on Second Edition Changes

2019-11-05
In addition to presenting an overview of the standard, this course highlights the major changes introduced in the second edition, which extends the standard's scope to include all vehicles (excluding special vehicles), the objective-oriented confirmation measures approach, and references to Cybersecurity at the Concept and System Level development.
Technical Paper

Investigation of Vehicular Networks and its Main Security Issues

2014-04-01
2014-01-0336
Vehicular Network is an emerging and developing technology to improve traffic management and safety issues, and enable a wide range of value-added services such as collision warning/avoidance. Many applications have been designed to provide safety and comfort for passengers. This technology is a prolific area for attackers who will attempt to challenge the network with their malicious or rational attacks. In this paper we elaborate what a vehicular network is, different kinds of communication in this field, main mechanism and related parts and how vehicular networks work then we introduce some of its applications. After primary familiarity with this system we investigate to different type of attacker, more important security issues, How to secure vehicular networks (security requirements and some tools and methods to achieve secure vehicular networks), difficulties and providing viable security solutions, and at the end briefly explanation of related standards.
Technical Paper

Securing the Secret Key

2019-01-16
2019-01-0097
Recent advances in automotive technologies have paved way to a new era of connectivity. Advanced Driver Assistance Systems are getting deployed in automobiles; many companies are developing driverless cars; connected cars are no more a work of mere research. [1] Vehicle manufacturers are developing ways to interface mobile devices with vehicles. However, all these advances in technology has introduced security risks. Unlike traditional computing systems, the security risk of an automobile can be fatal and can result in loss of lives [2]. The in-vehicle network of an automobile was originally designed to operate in a closed environment and hence network security was not considered during its design [3]. Several studies have already shown that an in-vehicle network can be easily compromised and an intruder can take full control of the vehicle. Researchers are working on various ways to solve this problem. Securing the in-vehicle communication by encrypting the messages is one such way.
Technical Paper

Integrating STPA into ISO 26262 Process for Requirement Development

2017-03-28
2017-01-0058
Developing requirements for automotive electric/electronic systems is challenging, as those systems become increasingly software-intensive. Designs must account for unintended interactions among software features, combined with unforeseen environmental factors. In addition, engineers have to iteratively make architectural tradeoffs and assign responsibilities to each component in the system to accommodate new safety requirements as they are revealed. ISO 26262 is an industry standard for the functional safety of automotive electric/electronic systems. It specifies various processes and procedures for ensuring functional safety, but does not limit the methods that can be used for hazard and safety analysis. System Theoretic Process Analysis (STPA) is a new technique for hazard analysis, in the sense that hazards are caused by unsafe interactions between components (including humans) as well as component failures and faults.
Technical Paper

Foreseeable Misuse in Automated Driving Vehicles - The Human Factor in Fatal Accidents of Complex Automation

2017-03-28
2017-01-0059
Today, highly automated driving is paving the road for full autonomy. Highly automated vehicles can monitor the environment and make decisions more accurately and faster than humans to create safer driving conditions while ultimately achieving full automation to relieve the driver completely from participating in driving. As much as this transition from advanced driving assistance systems to fully automated driving will create frontiers for re-designing the in-vehicle experience for customers, it will continue to pose significant challenges for the industry as it did in the past and does so today. As we transfer more responsibility, functionality and control from human to machine, technologies become more complex, less transparent and making constant safe-guarding a challenge. With automation, potential misuse and insufficient system safety design are important factors that can cause fatal accidents, such as in TESLA autopilot incident.
Technical Paper

Megatrends - Connectivity and Automation Expanding the Boundaries of Personal Mobility: Technology Leadership Brief

2012-10-08
2012-01-9026
Personal mobility is being transformed by the advent of vehicle connectivity and automation. While significant individually, their interrelationships promise to bring unprecedented levels of traffic efficiency. Car-makers are talking about a crash-less society and transportation engineers are talking about the end of congestion - a tall order indeed: can this really be? In this decade we can expect to see the effects of sensor-based active safety systems bringing the crash rate down, as these technologies continue to expand across a wider range of vehicle models. Connectivity for infotainment purposes is already a major market driver, and control assist for convenience purposes is laying the groundwork for semi-automated and automated driving. Direct vehicle-vehicle connectivity opens up new capabilities. What is the government role in these developments - an essential player or a bystander? How can they enable or inhibit market activity in these domains?
Magazine

SAE Off-Highway Engineering: December 2, 2016

2016-12-02
Autonomous plows ahead Agriculture, construction, mining-even marine-are advancing autonomous technology to improve the productivity and safety of vehicles on the job. Expediting engine design Simulation tools drive development of the most complex, fuel- efficient and powerful engines ever seen in off-highway applications. Industry 4.0: The smart factory arrives The plants that produce vehicles and their high-tech systems are increasingly employing intelligent systems, Big Data and advanced analytics to improve quality, safety and efficiency. The future is not so far-off Enhanced Cat 3500 engine boosts power 20%, trims fuel usage by 10% Phase 2 GHG rules driver for advanced technology, alternative fuels Eaton demonstrates waste heat recovery, variable valve actuation for HD diesels Hyliion develops add-on hybrid system for semi-trailers that reduces fuel consumption by 30% Tech-heavy Iveco Z Truck concept spawns 29 patents EPA's Grundler talks Phase 2 regs
Magazine

Automotive Engineering: November 3, 2016

2016-11-03
SAE Convergence 2016 Talk of the healthy aspects of disruption mingles with SAE's renowned technical emphasis to foster the auto industry's continuing evolution toward electrification and autonomy. The Battery Man Speaks The speed of progress in automotive lithium batteries has impressed AABC's Dr. Menahem Anderman. So has silicon-graphite anode technology development from Tesla and Panasonic. Industry 4.0: The smart factory arrives The plants that produce automotive systems and vehicles are increasingly employing intelligent systems, Big Data and advanced analytics to improve quality, safety and efficiency. Editorial: Promise of 48 volts is no shock Nissan unveils variable-compression-ratio ICE for 2018 Infiniti production model Optimizing engine oil warm-up strategies for 'real-world' driving In search of higher-energy-content batteries Making Multiphysics fast and convenient I.D.
Journal Article

Threat Analysis and Risk Assessment in Automotive Cyber Security

2013-04-08
2013-01-1415
The process of hazard analysis and risk assessment (H&R or HARA) is well-established in standards and methods for functional safety, such as the automotive functional safety standard ISO 26262. Considering the parallel discipline of cyber security, it is necessary to establish an analogous process of threat analysis and risk assessment (T&R) in order to identify potential security attacks and the risk associated with these attacks if they were successful. While functional safety H&R processes could be used for threat analysis, these methods need extension and adaptation to the cyber security domain. This paper describes how such a method has been developed based on the approach described in ISO 26262 and the related MISRA Safety Analysis Guidelines. In particular key differences are described in the understanding of the severity of a security attack, and the factors that contribute to the probability of a successful attack.
Technical Paper

Case Study for Defining Security Goals and Requirements for Automotive Security Parts Using Threat Modeling

2018-04-03
2018-01-0014
Several external networks like telematics, and SOTA and many in-vehicle networks by gateways and domain controllers have been increasingly introduced. However, these trends may potentially make many critical data opened, attacked and modified by hackers. These days, vehicle security has been significantly required as these vehicle security threats are related to the human life like drivers and pedestrians. Threat modeling is process of secure software development lifecycle which is developed by Microsoft. It is a systematic approach for analyzing the potential threat in software and identifying the security risk associated with software. Through threat modeling, security risk is be mitigated and eliminated. In vehicle software System, one of vulnerability can affect critical problem about safety. An approach from experience and hacking cases is not enough for analyzing the potential threat and preparing new hacking attack.
X