Abstract Trust in the digital data from heavy vehicle event data recorders (HVEDRs) is paramount to using the data in legal contests. Ensuring the trust in the HVEDR data requires an examination of the ways the digital information can be attacked, both purposefully and inadvertently. The goal or objective of an attack on HVEDR data will be to have the data omitted in a case. To this end, we developed an attack tree and establish a model for violating the trust needed for HVEDR data. The attack tree provides context for mitigations and also for functional requirements. A trust model is introduced as well as a discussion on what constitutes forensically sound data. The main contribution of this article is an attack tree-based model of both malicious and accidental events contributing to compromised event data recorder (EDR) data. A comprehensive list of mitigations for HVEDR systems results from this analysis.
Quotes from COMVEC 2018 Industry leaders spoke extensively about all things autonomous-ADAS, big data, connectivity, cybersecurity, machine learning-at the annual SAE event. Here's some of what they had to say. Fuel-cell Class 8-take 2.0 With a longer-range and more-refined fuel cell-powered heavy-duty truck, Toyota aims to eventually eliminate emissions from trucks serving increasingly congested California ports. ...Editorial Bring innovation, disruption in-house Adding 3D printing to design, manufacturing processes Upstream devoted to truck cybersecurity threats Jacobs employs cylinder deactivation in HD engines to lower CO2, NOx Emissions reductions continue to disrupt CV industry Mercedes doubles down on electric vans and buses, considers fuel cells Off-road bus from Torsus transports to hard-to-reach places Q&A Perkins pursues plug-and-play connectivity
Is automotive ready for the inevitable? Cybersecurity experts talk defense strategies. Active Aero takes flight Reconfigurable "smart" aerodynamic aids are stretching performance-car envelopes in every direction.
Connected commercial vehicles bring cybersecurity to the fore Connectivity, automation and electrification will largely drive vehicle developments in the coming years, according to experts presenting at the revamped SAE COMVEC 17.
This document will provide recommendations to vehicle manufacturers and component suppliers in securing the SAE J1939-13 connector interface from the cybersecurity risks posed by the existence of this connector.
Since 2001, all sensitive information of U.S. Federal Agencies has been protected by strong encryption mandated by the Federal Information Processing Standards (FIPS) 140-2 Security Requirements. The requirements specify a formal certification process. The process ensures that validated encryption modules have implemented the standard, and have passed a rigorous testing and review processes. Today, this same strong security protection has become possible for vehicle networks using modern, cost-effective encryption in hardware. This paper introduces the motivation and context for the encryption diagnostics security in terms of all vehicles in general, not just trucks which use SAE J1939 communications. Several practical scenarios for using such encryption hardware and the advantages of using hardware compared to software private-key encryption and public-key encryption are described.
Editorial V2Reality Blockchain Unchained! The weird world of cryptocurrency exists because of the intense mathematics of blockchain technology. The mobility sector is looking beyond Bitcoin to put blockchain to work in potentially game-changing ways. Are Blockchain and 'Smart Contracts' the Secure Future? Legal risk and reward of blockchain and smart contracts as a prescription for automotive applications Software Building Blocks for AV Systems Elektrobit's unique software framework is designed to smooth development of automated driving functions. Cyber Security Goes Upstream The first cloud-based solution for connected vehicles was born in Israel and is now pilot testing at global OEMs. Electronic Architectures Get Smart Upgradable, scalable and powerful new architectures will help enable data-hungry connected, autonomous vehicles. Aptiv's VP of Mobility Architecture explains.
In the near future, vehicles will operate autonomously and communicate with their environment. This communication includes Vehicle-to-Vehicle (V2V), Vehicle-to-Infrastructure (V2I) communication, and comunication with cloud-based servers (V2C). To improve the resilience of remote diagnostic communication between a vehicle and external test equipment against cyberattacks, it is imperative to understand and analyze the functionality and vulnerability of each communication system component, including the wired and wireless communication channels. This paper serves as a continuation of the SAE Journal publication on measures to prevent unauthorized access to the in-vehicle E/E system , explains the components of a cyber-physical system (CPS) for remote diagnostic communication, analyzes their vulnerability against cyberattacks and explains measures to improve the resiliance.