Refine Your Search

Topic

Author

Search Results

Technical Paper

A Blockchain-Backed Database for Qualified Parts

2019-03-19
2019-01-1343
Certain standard parts in the aerospace industry require qualification as a prerequisite to manufacturing, signifying that the manufacturer’s capacity to produce parts consistent with the performance specifications has been audited by a neutral third-party auditor, key customer, and/or group of customers. In at least some cases, a certifying authority provides manufacturers with certificates of qualification which they can then present to prospective customers, and/or lists qualified suppliers in a Qualified Parts List or Qualified Supplier List available from that qualification authority. If this list is in an infrequently updated and/or inconsistently styled format as might be found in a print or PDF document, potential customers wishing to integrate qualification information into their supplier tracking systems must use a potentially error-prone manual process that could lead to later reliance on out-of-date or even forged data.
Technical Paper

A Controller Area Network Bus Identity Authentication Method Based on Hash Algorithm

2021-07-14
2021-01-5077
With the development of vehicle intelligence and the Internet of Vehicles, how to protect the safety of the vehicle network system has become a focus issue that needs to be solved urgently. The Controller Area Network (CAN) bus is currently a very widely used vehicle-mounted bus, and its security largely determines the degree of vehicle-mounted information security. The CAN bus lacks adequate protection mechanisms and is vulnerable to external attacks such as replay attacks, modifying attacks, and so on. On the basis of the existing work, this paper proposes an authentication method that combines Hash-based Message Authentication Code (HMAC)-SHA256 and Tiny Encryption Algorithm (TEA) algorithms. This method is based on dynamic identity authentication in challenge/response made and combined with the characteristics of the CAN bus itself as it achieves the identity authentication between the gateway and multiple electronic control units (ECUs).
Technical Paper

A Safety and Security Testbed for Assured Autonomy in Vehicles

2020-04-14
2020-01-1291
Connectivity and autonomy in vehicles promise improved efficiency, safety and comfort. The increasing use of embedded systems and the cyber element bring with them many challenges regarding cyberattacks which can seriously compromise driver and passenger safety. Beyond penetration testing, assessment of the security vulnerabilities of a component must be done through the design phase of its life cycle. This paper describes the development of a benchtop testbed which allows for the assurance of safety and security of components with all capabilities from Model-in-loop to Software-in-loop to Hardware-in-loop testing. Environment simulation is obtained using the AV simulator, CARLA which provides realistic scenarios and sensor information such as Radar, Lidar etc. MATLAB runs the vehicle, powertrain and control models of the vehicle allowing for the implementation and testing of customized models and algorithms.
Technical Paper

An Integrated View on Automotive SPICE, Functional Safety and Cyber-Security

2020-04-14
2020-01-0145
This increases the attractiveness of an attack on vehicles and thus introduces new risks for vehicle cybersecurity. Thus, just as safety became a critical part of the development in the late 20th century, the automotive domain must now consider cybersecurity as an integral part of the development of modern vehicles. ...Thus, just as safety became a critical part of the development in the late 20th century, the automotive domain must now consider cybersecurity as an integral part of the development of modern vehicles. Aware of this fact, the automotive industry has, therefore, recently taken multiple efforts in designing and producing safe and secure connected and automated vehicles. ...As the domain geared up for the cybersecurity challenges, they leveraged experiences from many other domains, but must face several unique challenges.
Technical Paper

Analyze This! Sound Static Analysis for Integration Verification of Large-Scale Automotive Software

2019-04-02
2019-01-1246
Safety-critical embedded software has to satisfy stringent quality requirements. One such requirement, imposed by all contemporary safety standards, is that no critical run-time errors must occur. Runtime errors can be caused by undefined or unspecified behavior of the programming language; examples are buffer overflows or data races. They may cause erroneous or erratic behavior, induce system failures, and constitute security vulnerabilities. A sound static analyzer reports all such defects in the code, or proves their absence. Sound static program analysis is a verification technique recommended by ISO/FDIS 26262 for software unit verification and for the verification of software integration. In this article we propose an analysis methodology that has been implemented with the static analyzer Astrée. It supports quick turn-around times and gives highly precise whole-program results.
Technical Paper

CAN Crypto FPGA Chip to Secure Data Transmitted Through CAN FD Bus Using AES-128 and SHA-1 Algorithms with A Symmetric Key

2017-03-28
2017-01-1612
Robert Bosch GmBH proposed in 2012 a new version of communication protocol named as Controller area network with Flexible Data-Rate (CANFD), that supports data frames up to 64 bytes compared to 8 bytes of CAN. With limited data frame size of CAN message, and it is impossible to be encrypted and secured. With this new feature of CAN FD, we propose a hardware design - CAN crypto FPGA chip to secure data transmitted through CAN FD bus by using AES-128 and SHA-1 algorithms with a symmetric key. AES-128 algorithm will provide confidentiality of CAN message and SHA-1 algorithm with a symmetric key (HMAC) will provide integrity and authentication of CAN message. The design has been modeled and verified by using Verilog HDL – a hardware description language, and implemented successfully into Xilinx FPGA chip by using simulation tool ISE (Xilinx).
Technical Paper

Case Study for Defining Security Goals and Requirements for Automotive Security Parts Using Threat Modeling

2018-04-03
2018-01-0014
Several external networks like telematics, and SOTA and many in-vehicle networks by gateways and domain controllers have been increasingly introduced. However, these trends may potentially make many critical data opened, attacked and modified by hackers. These days, vehicle security has been significantly required as these vehicle security threats are related to the human life like drivers and pedestrians. Threat modeling is process of secure software development lifecycle which is developed by Microsoft. It is a systematic approach for analyzing the potential threat in software and identifying the security risk associated with software. Through threat modeling, security risk is be mitigated and eliminated. In vehicle software System, one of vulnerability can affect critical problem about safety. An approach from experience and hacking cases is not enough for analyzing the potential threat and preparing new hacking attack.
Technical Paper

Cyber-security for Engine ECUs: Past, Present and Future

2015-09-01
2015-01-1998
In this paper, we outline past, present and future applications of automotive security for engine ECUs. Electronic immobilizers and anti-tuning countermeasures have been used for several years. Recently, OEMs and suppliers are facing more and more powerful attackers, and as a result, have introduced stronger countermeasures based on hardware security. Finally, with the advent of connected cars, it is expected that many things that currently require a physical connection will be done remotely in a near future. This includes remote diagnostics, reprogramming and engine calibration.
Technical Paper

Dyno-in-the-Loop: An Innovative Hardware-in-the-Loop Development and Testing Platform for Emerging Mobility Technologies

2020-04-14
2020-01-1057
Today’s transportation is quickly transforming with the nascent advent of connectivity, automation, shared-mobility, and electrification. These technologies will not only affect our safety and mobility, but also our energy consumption, and environment. As a result, it is of unprecedented importance to understand the overall system impacts due to the introduction of these emerging technologies and concepts. Existing modeling tools are not able to effectively capture the implications of these technologies, not to mention accurately and reliably evaluating their effectiveness with a reasonable scope. To address these gaps, a dynamometer-in-the-loop (DiL) development and testing approach is proposed which integrates test vehicle(s), chassis dynamometer, and high fidelity traffic simulation tools, in order to achieve a balance between the model accuracy and scalability of environmental analysis for the next generation of transportation systems.
Technical Paper

Enabling Efficient Functional Safety Audits - The Missing Link between ISO 26262 and Automotive SPICE

2019-04-02
2019-01-0144
In the field of electric and electronic (E/E) design for the automotive industry, there are separate traditions related to functional safety and software quality assurance. Both relying on the evaluation of the processes used; Automotive SPICE provides detailed guidance on how to perform this evaluation whilst ISO 26262 does not and simply mention Automotive SPICE as one possible solution. ISO 26262 additionally requires for an evaluation of the functional safety achieved by the product and uses the process evaluation (or functional safety audit in ISO 26262 terms) to support the final functional safety assessment. The purpose is to evaluate the implementation of the necessary safety processes according to the claimed scope defined in the safety plan. Automotive SPICE does not make a distinction on whether the application of the software under evaluation is safety related or not.
Technical Paper

Hardware/Software Co-Design of an Automotive Embedded Firewall

2017-03-28
2017-01-1659
The automotive industry experiences a major change as vehicles are gradually becoming a part of the Internet. Security concepts based on the closed-world assumption cannot be deployed anymore due to a constantly changing adversary model. Automotive Ethernet as future in-vehicle network and a new E/E Architecture have different security requirements than Ethernet known from traditional IT and legacy systems. In order to achieve a high level of security, a new multi-layer approach in the vehicle which responds to special automotive requirements has to be introduced. One essential layer of this holistic security concept is to restrict non-authorized access by the deployment of embedded firewalls. This paper addresses the introduction of automotive firewalls into the next-generation domain architecture with a focus on partitioning of its features in hardware and software.
Technical Paper

High Performance Processor Architecture for Automotive Large Scaled Integrated Systems within the European Processor Initiative Research Project

2019-04-02
2019-01-0118
Autonomous driving systems and connected mobility are the next big developments for the car manufacturers and their suppliers during the next decade. To achieve the high computing power needs and fulfill new upcoming requirements due to functional safety and security, heterogeneous processor architectures with a mixture of different core architectures and hardware accelerators are necessary. To tackle this new type of hardware complexity and nevertheless stay within monetary constraints, high performance computers, inspired by state of the art data center hardware, could be adapted in order to fulfill automotive quality requirements. The European Processor Initiative (EPI) research project tries to come along with that challenge for next generation semiconductors. To be as close as possible to series development needs for the next upcoming car generations, we present a hybrid semiconductor system-on-chip architecture for automotive.
Technical Paper

Hypervisor Implementation in Vehicle Networks

2020-04-14
2020-01-1334
The hypervisor offers many benefits to the vehicle architecture, both operationally and with cybersecurity. The proposed mitigant provides the structure to partition the various VMs. This allows for the different functions to be managed within their own distinct VM. ...While the cybersecurity applications are numerous, there are also the operational benefits. The hypervisor is designed to not only manage the VMs, but also to increase the efficiency of these via resource management.
Technical Paper

Implementation Methodologies for Simulation as a Service (SaaS) to Develop ADAS Applications

2021-04-06
2021-01-0116
Over the years, the complexity of autonomous vehicle development (and concurrently the verification and validation) has grown tremendously in terms of component-, subsystem- and system-level interactions between autonomy and the human users. Simulation-based testing holds significant promise in helping to identify both problematic interactions between component-, subsystem-, and system-levels as well as overcoming delays typically introduced by the default full-scale on-road testing. Software in Loop (SiL) simulation is utilized as an intermediate step towards software deployment for autonomous vehicles (AV) to make them reliable. SiL efforts can help reduce the resources required for successful deployment by helping to validate the software for millions of road miles. A key enabler for accelerating SiL processes is the ability to use Simulation as a Service (SaaS) rather than just isolated instances of software.
Technical Paper

Intelligent Vehicle Monitoring for Safety and Security

2019-04-02
2019-01-0129
The caveat to these additional capabilities is issues like cybersecurity, complexity, etc. This paper is an exploration into FuSa and CAVs and will present a systematic approach to understand challenges and propose potential framework, Intelligent Vehicle Monitoring for Safety and Security (IVMSS) to handle faults/malfunctions in CAVs, and specifically autonomous systems.
Technical Paper

Investigation of Vehicular Networks and its Main Security Issues

2014-04-01
2014-01-0336
Vehicular Network is an emerging and developing technology to improve traffic management and safety issues, and enable a wide range of value-added services such as collision warning/avoidance. Many applications have been designed to provide safety and comfort for passengers. This technology is a prolific area for attackers who will attempt to challenge the network with their malicious or rational attacks. In this paper we elaborate what a vehicular network is, different kinds of communication in this field, main mechanism and related parts and how vehicular networks work then we introduce some of its applications. After primary familiarity with this system we investigate to different type of attacker, more important security issues, How to secure vehicular networks (security requirements and some tools and methods to achieve secure vehicular networks), difficulties and providing viable security solutions, and at the end briefly explanation of related standards.
Technical Paper

Lessons Learned in Inter-Organization Virtual Integration

2018-10-30
2018-01-1944
The SAE AS2C Standard AS5506C Architecture Analysis and Description Language (AADL) is a modeling language for predictive analysis of real-time software reliant, safety and cybersecurity critical systems that provides both the precision of formal modeling and the tool-agnostic freedom of a text-based representation. ...AADL supports multiple domains of architectural analysis such as timing, latency, resources, safety, scheduling, and cybersecurity. Adventium Labs conducted an exercise to determine the applicability of software engineering practices (e.g., continuous integration (CI), application programming interface (API) sharing, test driven development (TDD)) to the AADL-based Architecture Centric Virtual Integration Process (ACVIP).
Technical Paper

Leveraging Systems Theoretic Process Analysis (STPA) for Efficient ISO 26262 Compliance

2021-04-06
2021-01-0067
There has been a significant increase - both in the content of electronics and software in vehicles as well as in recalls attributed to these components and systems. The advanced features, including the onset of autonomous vehicles accompanied by millions of lines of code in software have exponentially increased the complexity of vehicle systems and decreased effectiveness of many of the safety analysis techniques being used to identify hazards and safety requirements - for example, FMEA, FTA, ETA, etc.- which were invented decades before the existence of complexities of such magnitude. This paper examines a new hazard identification technique formalized by Nancy G Leveson of Massachusetts Institute of Technology (MIT), USA in her book “Engineering a Safer World” and further elaborated in the STPA Handbook co-authored with John P Thomas in March 2018.
Technical Paper

Modelify: Semi-Automatic Conversion of Control Systems C Code to Simulink Models

2016-04-05
2016-01-0020
Over the last decade, the automotive industry has embraced model-based development for control systems. Many of these companies have chosen Simulink from MathWorks to design and simulate these models. However, a remaining issue is the fact that many control systems were initially written in C and are still being used. Some companies have attempted to manually convert these C systems to Simulink models but have found this method to be too costly, error-prone, and time consuming. EnSoft decided to tackle this problem by providing a semi-automated conversion using our Atlas for C tool. Atlas is a tool that maps software and creates a relation map for all parts of the program. It then offers the developer tools to query and visualize this graph. We have developed Modelify, a tool built on this framework that performs the necessary queries on a C project and creates equivalent Simulink models and subsystems.
X