Search Results

Defending the heavy-vehicle cyber domain

The 2022 COMVEC™ technical program focused on the commercial vehicle industry's crucial topics such as electrification, connectivity, off-highway, cybersecurity, autonomous and more!

The 2022 COMVEC™ technical program focused on the commercial vehicle industry's crucial topics such as electrification, connectivity, off-highway, cybersecurity, autonomous and more!

The 2022 COMVEC™ technical program focused on the commercial vehicle industry's crucial topics such as electrification, connectivity, off-highway, cybersecurity, autonomous and more!

It delivers details on key subject areas including: • SAE International Standard J3061; the cybersecurity guidebook for cyber-physical vehicle systems • The differences between automotive and commercial vehicle cybersecurity. • Forensics for identifying breaches in cybersecurity. • Platooning and fleet implications. • Impacts and importance of secure systems for today and for the future. ...This book provides a thorough view of cybersecurity to encourage those in the commercial vehicle industry to be fully aware and concerned that their fleet and cargo could be at risk to a cyber-attack. ...It delivers details on key subject areas including: • SAE International Standard J3061; the cybersecurity guidebook for cyber-physical vehicle systems • The differences between automotive and commercial vehicle cybersecurity. • Forensics for identifying breaches in cybersecurity. • Platooning and fleet implications. • Impacts and importance of secure systems for today and for the future.

With the increased need for cybersecurity in automotive systems due to the development of more advanced technologies and corresponding increased threat vectors, coupled with the upcoming International Organization for Standardization and the Society for Automotive Engineers (ISO/SAE) 21434 cybersecurity standard for automotive systems and cybersecurity regulations in The United Nations Economic Commission for Europe World Forum for Harmonization of Vehicle Regulations (UNECE WP.29), it is becoming increasingly important for auto manufacturers and suppliers to have a clear and common understanding and agreement of cybersecurity metrics for the development and deployment of vehicles. ...Cybersecurity for automotive systems is challenging, and one of the major challenges is how to measure this specific system property. ...With the increased need for cybersecurity in automotive systems due to the development of more advanced technologies and corresponding increased threat vectors, coupled with the upcoming International Organization for Standardization and the Society for Automotive Engineers (ISO/SAE) 21434 cybersecurity standard for automotive systems and cybersecurity regulations in The United Nations Economic Commission for Europe World Forum for Harmonization of Vehicle Regulations (UNECE WP.29), it is becoming increasingly important for auto manufacturers and suppliers to have a clear and common understanding and agreement of cybersecurity metrics for the development and deployment of vehicles.

Anatomy and examples of cyberattacks on industrial control systems (ICS) and critical infrastructures (CI): In this course you will understand the importance of cybersecurity for Critical Infrastructure and you will know typical attack vectors, vulnerabilities and defense strategies. ...Decentralized Energy Systems Security: In this course you will know relevant technical countermeasures for cybersecurity. You will understand threats and solutions concerning data communication and network security in the energy systems.

The development of highly automated driving functions (AD) recently rises the demand for so called Fail-Operational systems for native driving functions like steering and braking of vehicles. Fail-Operational systems shall guarantee the availability of driving functions even in presence of failures. This can also mean a degradation of system performance or limiting a system’s remaining operating period. In either case, the goal is independency from a human driver as a permanently situation-aware safety fallback solution to provide a certain level of autonomy. In parallel, the connectivity of modern vehicles is increasing rapidly and especially in vehicles with highly automated functions, there is a high demand for connected functions, Infotainment (web conference, Internet, Shopping) and Entertainment (Streaming, Gaming) to entertain the passengers, who should no longer occupied with driving tasks.

A significant milestone in advancing cybersecurity within the automotive industry is the release of the first international standard for automotive cybersecurity ISO/SAE 21434:2021 ‘Road Vehicles — Cybersecurity Engineering’. A recently published type approval regulation for automotive cybersecurity (UN R155) is also tailored for member countries of the UNECE WP.29 alliance. ...Thus, the challenges for embedded automotive systems engineers are increasing while frameworks, tools and shared concepts for cybersecurity engineering and training are scarce. Hence, cybersecurity training in the automotive domain necessitates an understanding of domain-specific intricacies and the unique challenges at the intersection of cybersecurity and embedded systems engineering, elevating the need for improving the skill set and knowledge of automotive cybersecurity engineers. ...Hence, cybersecurity training in the automotive domain necessitates an understanding of domain-specific intricacies and the unique challenges at the intersection of cybersecurity and embedded systems engineering, elevating the need for improving the skill set and knowledge of automotive cybersecurity engineers. This paper delves into an automotive cybersecurity training concept aimed at enhancing the proficiency of development engineers.

The lack of inherent security controls makes traditional Controller Area Network (CAN) buses vulnerable to Machine-In-The-Middle (MitM) cybersecurity attacks. Conventional vehicular MitM attacks involve tampering with the hardware to directly manipulate CAN bus traffic.

Abstract Connected autonomous vehicles that employ internet connectivity are technologically complex, which makes them vulnerable to cyberattacks. Many cybersecurity researchers, white hat hackers, and black hat hackers have discovered numerous exploitable vulnerabilities in connected vehicles. ...This study expanded the technology acceptance model (TAM) to include cybersecurity and level of trust as determinants of technology acceptance. This study surveyed a diverse sample of 209 licensed US drivers over 18 years old.

Consequently, rise of this technological trend is bringing forth safety and cybersecurity challenges in form of new threats, hazards and vulnerabilities. As per the recent UN vehicle regulation 155, several risk-based security models and assessment frameworks have been proposed to counter the growing cybersecurity issues, however, the high budgetary cost to develop the tool and train personnel along with high risk of leakage of trade secrets, hinders the automotive manufacturers from adapting these third party solutions. ...As per the recent UN vehicle regulation 155, several risk-based security models and assessment frameworks have been proposed to counter the growing cybersecurity issues, however, the high budgetary cost to develop the tool and train personnel along with high risk of leakage of trade secrets, hinders the automotive manufacturers from adapting these third party solutions.

What standardization is needed to ensure that quantum technologies do not pose an unacceptable risk from an automotive cybersecurity perspective? Click here to access the full SAE EDGETM Research Report portfolio.

This exercise confirms the necessity of a more restrictive cybersecurity posture in automotive peripherals with access to critical systems, in particular VDAs, and especially when such peripherals present a wireless interface.

Abstract Trust in the digital data from heavy vehicle event data recorders (HVEDRs) is paramount to using the data in legal contests. Ensuring the trust in the HVEDR data requires an examination of the ways the digital information can be attacked, both purposefully and inadvertently. The goal or objective of an attack on HVEDR data will be to have the data omitted in a case. To this end, we developed an attack tree and establish a model for violating the trust needed for HVEDR data. The attack tree provides context for mitigations and also for functional requirements. A trust model is introduced as well as a discussion on what constitutes forensically sound data. The main contribution of this article is an attack tree-based model of both malicious and accidental events contributing to compromised event data recorder (EDR) data. A comprehensive list of mitigations for HVEDR systems results from this analysis.

With the increasing connectivity and complexity of modern automobiles, cybersecurity has become one of the most important properties of a vehicle. Various strategies have been proposed to enhance automotive cybersecurity. ...Various strategies have been proposed to enhance automotive cybersecurity. Digital twin (DT), regarded as one of the top 10 strategic technology trends by Gartner in 2018 and 2019, establishes digital representations in a virtual world and raises new ideas to benefit real-life objects. ...In this paper, we explored the possibility of using digital twin technology to improve automotive cybersecurity. We designed two kinds of digital twin models, named mirror DT and autonomous DT, and corresponding environments to support cybersecurity design, development, and maintenance in an auto’s lifecycle, as well as technique training.

Vehicle cybersecurity consists of internal security and external security. Dedicated security hardware will play an important role in car’s internal and external security communication. ...For certain AURIX MCU consisting of HSM, the experiment result shows that cheaper 32-bit HSM’s AES calculating speed is 25 times of 32-bit main controller, so HSM is an effective choice to realize cybersecurity. After comparing two existing methods that realize secure CAN communication, A Modified SECURE CAN scheme is proposed, and differences of the three schemes are analyzed.

A ranked list of value exchanges is created based on the impact of cybersecurity on the stakeholder map. System level-losses are identified from high impact value exchanges, which can then be fed into the step 1 of STPA-Sec analysis.

Argus, a global leader in automotive cybersecurity, has upgraded its stand-alone Fleet Protection backend platform and is now providing continuous live monitoring of both automotive and commercial aircraft fleets.

Therefore, engineers should ensure that systems are designed free of unreasonable risks to motor vehicle safety, including those that may result due to existence of potential cybersecurity vulnerabilities. The automotive industry is making vehicle cybersecurity an organizational priority.