It delivers details on key subject areas including: • SAE International Standard J3061; the cybersecurity guidebook for cyber-physical vehicle systems • The differences between automotive and commercial vehicle cybersecurity. • Forensics for identifying breaches in cybersecurity. • Platooning and fleet implications. • Impacts and importance of secure systems for today and for the future. ...This book provides a thorough view of cybersecurity to encourage those in the commercial vehicle industry to be fully aware and concerned that their fleet and cargo could be at risk to a cyber-attack. ...It delivers details on key subject areas including: • SAE International Standard J3061; the cybersecurity guidebook for cyber-physical vehicle systems • The differences between automotive and commercial vehicle cybersecurity. • Forensics for identifying breaches in cybersecurity. • Platooning and fleet implications. • Impacts and importance of secure systems for today and for the future.
The lack of inherent security controls makes traditional Controller Area Network (CAN) buses vulnerable to Machine-In-The-Middle (MitM) cybersecurity attacks. Conventional vehicular MitM attacks involve tampering with the hardware to directly manipulate CAN bus traffic.
Abstract Trust in the digital data from heavy vehicle event data recorders (HVEDRs) is paramount to using the data in legal contests. Ensuring the trust in the HVEDR data requires an examination of the ways the digital information can be attacked, both purposefully and inadvertently. The goal or objective of an attack on HVEDR data will be to have the data omitted in a case. To this end, we developed an attack tree and establish a model for violating the trust needed for HVEDR data. The attack tree provides context for mitigations and also for functional requirements. A trust model is introduced as well as a discussion on what constitutes forensically sound data. The main contribution of this article is an attack tree-based model of both malicious and accidental events contributing to compromised event data recorder (EDR) data. A comprehensive list of mitigations for HVEDR systems results from this analysis.
A ranked list of value exchanges is created based on the impact of cybersecurity on the stakeholder map. System level-losses are identified from high impact value exchanges, which can then be fed into the step 1 of STPA-Sec analysis.
The recently released SAE J3061 guidebook for cyber-physical vehicle systems provides high-level principles for automotive organizations for identifying and assessing cybersecurity threats and for designing cybersecurity aware systems in close relation to the ISO 26262 standard for the functional safety of road vehicles. ...., infotainment, car-2-car or car-2-infrastructure communication) as well as new advances toward advanced driver assistance systems (ADAS) or even autonomous driving functions make cybersecurity another key factor to be taken into account by vehicle suppliers and manufacturers. ...Although these can capitalize on experiences from many other domains, they still have to face several unique challenges when gearing up for specific cybersecurity challenges. A key challenge is related to the increasing interconnection of automotive systems with networks (such as Car2X).
The flexible data rate capability in CAN (commonly called CAN FD) is implemented as a transport layer in order to allow for functional safety, cybersecurity, extended transport capability, and backward compatibility with SAE J1939DA.
Quotes from COMVEC 2018 Industry leaders spoke extensively about all things autonomous-ADAS, big data, connectivity, cybersecurity, machine learning-at the annual SAE event. Here's some of what they had to say. Fuel-cell Class 8-take 2.0 With a longer-range and more-refined fuel cell-powered heavy-duty truck, Toyota aims to eventually eliminate emissions from trucks serving increasingly congested California ports. ...Editorial Bring innovation, disruption in-house Adding 3D printing to design, manufacturing processes Upstream devoted to truck cybersecurity threats Jacobs employs cylinder deactivation in HD engines to lower CO2, NOx Emissions reductions continue to disrupt CV industry Mercedes doubles down on electric vans and buses, considers fuel cells Off-road bus from Torsus transports to hard-to-reach places Q&A Perkins pursues plug-and-play connectivity
An Holistic Approach to Verifying Cybersecurity in Design A powerful new generation of test and sim solutions aims to address specific security concerns associated with automotive designs.
Defending the heavy-vehicle cyber domain Cybersecurity experts explained at SAE COMVEC 2021 how they're preparing the next generation of thwarters to protect increasingly electrified, connected and automated trucks.
Since the early 1990’s, commercial vehicles have suffered from repeated vulnerability exploitations that resulted in a need for improved automotive cybersecurity. This paper outlines the strategies and challenges of implementing an automotive Zero Trust Architecture (ZTA) to secure intra-vehicle networks. ...This research successfully met the four requirements and demonstrated that using ZT principles in an on-vehicle network greatly improved the cybersecurity posture with manageable impact to system performance and deployment.
Using a wireless medium for tractor-trailer communication will bring new cybersecurity challenges and requirements which requires new development and lifecycle considerations.
The article also focus on innovative approaches that have recently adopted my many cybersecurity professionals for secured operation of ITS involving block-chain, artificial intelligence, and Machine Learning.
Connected commercial vehicles bring cybersecurity to the fore Connectivity, automation and electrification will largely drive vehicle developments in the coming years, according to experts presenting at the revamped SAE COMVEC 17.
Also, all the existing methods for vehicular communication rely on a centralized server which itself invite massive cyber-security threats. These threats and challenges can be addressed by using the Blockchain (BC) technology, where each transaction is logged in a decentralized immutable BC ledger.
SAE EDGE Research Reports provide examinations significant topics facing mobility industry today including Connected Automated Vehicle Technologies Electrification Advanced Manufacturing