Refine Your Search

Topic

Search Results

Journal Article

Cybersecurity Considerations for Heavy Vehicle Event Data Recorders

2018-12-14
Abstract Trust in the digital data from heavy vehicle event data recorders (HVEDRs) is paramount to using the data in legal contests. Ensuring the trust in the HVEDR data requires an examination of the ways the digital information can be attacked, both purposefully and inadvertently. The goal or objective of an attack on HVEDR data will be to have the data omitted in a case. To this end, we developed an attack tree and establish a model for violating the trust needed for HVEDR data. The attack tree provides context for mitigations and also for functional requirements. A trust model is introduced as well as a discussion on what constitutes forensically sound data. The main contribution of this article is an attack tree-based model of both malicious and accidental events contributing to compromised event data recorder (EDR) data. A comprehensive list of mitigations for HVEDR systems results from this analysis.
Magazine

SAE Truck & Off-Highway Engineering: October 2018

2018-10-01
Quotes from COMVEC 2018 Industry leaders spoke extensively about all things autonomous-ADAS, big data, connectivity, cybersecurity, machine learning-at the annual SAE event. Here's some of what they had to say. Fuel-cell Class 8-take 2.0 With a longer-range and more-refined fuel cell-powered heavy-duty truck, Toyota aims to eventually eliminate emissions from trucks serving increasingly congested California ports. ...Editorial Bring innovation, disruption in-house Adding 3D printing to design, manufacturing processes Upstream devoted to truck cybersecurity threats Jacobs employs cylinder deactivation in HD engines to lower CO2, NOx Emissions reductions continue to disrupt CV industry Mercedes doubles down on electric vans and buses, considers fuel cells Off-road bus from Torsus transports to hard-to-reach places Q&A Perkins pursues plug-and-play connectivity
Magazine

SAE Truck & Off-Highway Engineering: August 2017

2017-08-03
Connected commercial vehicles bring cybersecurity to the fore Connectivity, automation and electrification will largely drive vehicle developments in the coming years, according to experts presenting at the revamped SAE COMVEC 17.
Standard

CAN FD Data Link Layer

2021-03-22
HISTORICAL
J1939-22_202103
The flexible data rate capability in CAN (commonly called CAN FD) is implemented as a transport layer in order to allow for functional safety, cybersecurity, extended transport capability, and backward compatibility with SAE J1939DA.
Standard

SAE J1939 Network Security

2017-03-06
WIP
J1939-91
This document will provide recommendations to vehicle manufacturers and component suppliers in securing the SAE J1939-13 connector interface from the cybersecurity risks posed by the existence of this connector.
Standard

Security Recommendations for Interfaces to On-vehicle Networks

2021-08-06
WIP
J1939-91A
This document will provide recommendations to vehicle manufacturers and component suppliers in securing the SAE J1939 network from the cybersecurity risks. It is recognized that not every application of SAE J1939 networks requires the same level of cyber security measures.
Journal Article

Towards a Cyber Assurance Testbed for Heavy Vehicle Electronic Controls

2016-09-27
2016-01-8142
Cyber assurance of heavy trucks is a major concern with new designs as well as with supporting legacy systems. Many cyber security experts and analysts are used to working with traditional information technology (IT) networks and are familiar with a set of technologies that may not be directly useful in the commercial vehicle sector. To help connect security researchers to heavy trucks, a remotely accessible testbed has been prototyped for experimentation with security methodologies and techniques to evaluate and improve on existing technologies, as well as developing domain-specific technologies. The testbed relies on embedded Linux-based node controllers that can simulate the sensor inputs to various heavy vehicle electronic control units (ECUs). The node controller also monitors and affects the flow of network information between the ECUs and the vehicle communications backbone.
Technical Paper

Securing J1939 Communications Using Strong Encryption with FIPS 140-2

2017-03-28
2017-01-0020
Since 2001, all sensitive information of U.S. Federal Agencies has been protected by strong encryption mandated by the Federal Information Processing Standards (FIPS) 140-2 Security Requirements. The requirements specify a formal certification process. The process ensures that validated encryption modules have implemented the standard, and have passed a rigorous testing and review processes. Today, this same strong security protection has become possible for vehicle networks using modern, cost-effective encryption in hardware. This paper introduces the motivation and context for the encryption diagnostics security in terms of all vehicles in general, not just trucks which use SAE J1939 communications. Several practical scenarios for using such encryption hardware and the advantages of using hardware compared to software private-key encryption and public-key encryption are described.
X