Refine Your Search

Topic

Author

Affiliation

Search Results

Technical Paper

A Controller Area Network Bus Identity Authentication Method Based on Hash Algorithm

2021-07-14
2021-01-5077
With the development of vehicle intelligence and the Internet of Vehicles, how to protect the safety of the vehicle network system has become a focus issue that needs to be solved urgently. The Controller Area Network (CAN) bus is currently a very widely used vehicle-mounted bus, and its security largely determines the degree of vehicle-mounted information security. The CAN bus lacks adequate protection mechanisms and is vulnerable to external attacks such as replay attacks, modifying attacks, and so on. On the basis of the existing work, this paper proposes an authentication method that combines Hash-based Message Authentication Code (HMAC)-SHA256 and Tiny Encryption Algorithm (TEA) algorithms. This method is based on dynamic identity authentication in challenge/response made and combined with the characteristics of the CAN bus itself as it achieves the identity authentication between the gateway and multiple electronic control units (ECUs).
Technical Paper

A Domain-Centralized Automotive Powertrain E/E Architecture

2021-04-06
2021-01-0786
This paper proposes a domain-centralized powertrain E/E (electrical and/or electronic) architecture for all-electric vehicles that features: a powerful master controller (domain controller) that implements most of the functionality of the domain; a set of smart actuators for electric motor(s), HV (High Voltage) battery pack, and thermal management; and a gateway that routes all hardware signals, including digital and analog I/O, and field bus signals between the domain controller and the rest of the vehicle that is outside of the domain. Major functional safety aspects of the architecture are presented and a safety architecture is proposed. The work represents an early E/E architecture proposal. In particular, detailed partitioning of software components over the domain’s Electronic Control Units (ECUs) has not been determined yet; instead, potential partitioning schemes are discussed.
Journal Article

A Novel Assessment and Administration Method of Autonomous Vehicle

2020-04-14
2020-01-0708
As a promising strategic industry group that is rapidly evolving around the world, autonomous vehicle is entering a critical phase of commercialization from demonstration to end markets. The global automotive industry and governments are facing new common topics and challenges brought by autonomous vehicle, such as how to test, assess, and administrate the autonomous vehicle to ensure their safe running in real traffic situations and proper interactions with other road users. Starting from the facts that the way to autonomous driving is the process of a robot or a machine taking over driving tasks from a human. This paper summarizes the main characteristics of autonomous vehicle which are different from traditional one, then demonstrates the limitations of the existing certification mechanism and related testing methods when applied to autonomous vehicle.
Technical Paper

An Integrated View on Automotive SPICE, Functional Safety and Cyber-Security

2020-04-14
2020-01-0145
This increases the attractiveness of an attack on vehicles and thus introduces new risks for vehicle cybersecurity. Thus, just as safety became a critical part of the development in the late 20th century, the automotive domain must now consider cybersecurity as an integral part of the development of modern vehicles. ...Thus, just as safety became a critical part of the development in the late 20th century, the automotive domain must now consider cybersecurity as an integral part of the development of modern vehicles. Aware of this fact, the automotive industry has, therefore, recently taken multiple efforts in designing and producing safe and secure connected and automated vehicles. ...As the domain geared up for the cybersecurity challenges, they leveraged experiences from many other domains, but must face several unique challenges.
Technical Paper

Application of Suspend Mode to Automotive ECUs

2018-04-03
2018-01-0021
To achieve high robustness and quality, automotive ECUs must initialize from low-power states as quickly as possible. However, microprocessor and memory advances have failed to keep pace with software image size growth in complex ECUs such as in Infotainment and Telematics. Loading the boot image from non-volatile storage to RAM and initializing the software can take a very long time to show the first screen and result in sluggish performance for a significant time thereafter which both degrade customer perceived quality. Designers of mobile devices such as portable phones, laptops, and tablets address this problem using Suspend mode whereby the main processor and peripheral devices are powered down during periods of inactivity, but memory contents are preserved by a small “self-refresh” current. When the device is turned back “on”, fully initialized memory content allows the system to initialize nearly instantaneously.
Technical Paper

Applying blockchain to vehicle cybersecurity: Nuance to the standard application

2022-03-29
2022-01-0368
While this is the traditional application experienced, there are other applications relevant to cybersecurity. As part of blockchain technology, the nodes are responsible for decision-making. ...In adjusting the data flow, this is an option to increase the cybersecurity for a complete system. In certain modular environments, this may not be the optimal situation from a timing or processing view. ...This addition to the cybersecurity system provides a clear benefit. There are however attacks that have been experienced in the industry.
Technical Paper

Attacking vehicles with ransomware: Watch the horizon

2022-03-29
2022-01-0358
Ransomware use is rampant throughout most industries. With the number of successful ransomware attacks through the industrial economy, this feels like a tsunami of attacks. These attacks seemingly originate from anywhere with an internet connection. There are vast numbers of bad actors creating these attacks, all focused on your systems. With the large number of attacks, it is granted there have been many breaches. While there have been a large number of successful attacks, each attack’s objectives have varied. These have historically been to generate revenue in the form of fees for the decrypt key or a promise not to publish exfiltrated data. The landscape has become saturated with ransomware attacks on consumers and the enterprise. There has been extensive training for staff in an effort to mitigate these issues. The next potential targets are vehicles and ground systems. These, as targets, have not been evaluated via a full risk assessment to the recommended extent.
Technical Paper

CAN Crypto FPGA Chip to Secure Data Transmitted Through CAN FD Bus Using AES-128 and SHA-1 Algorithms with A Symmetric Key

2017-03-28
2017-01-1612
Robert Bosch GmBH proposed in 2012 a new version of communication protocol named as Controller area network with Flexible Data-Rate (CANFD), that supports data frames up to 64 bytes compared to 8 bytes of CAN. With limited data frame size of CAN message, and it is impossible to be encrypted and secured. With this new feature of CAN FD, we propose a hardware design - CAN crypto FPGA chip to secure data transmitted through CAN FD bus by using AES-128 and SHA-1 algorithms with a symmetric key. AES-128 algorithm will provide confidentiality of CAN message and SHA-1 algorithm with a symmetric key (HMAC) will provide integrity and authentication of CAN message. The design has been modeled and verified by using Verilog HDL – a hardware description language, and implemented successfully into Xilinx FPGA chip by using simulation tool ISE (Xilinx).
Technical Paper

Case Study for Defining Security Goals and Requirements for Automotive Security Parts Using Threat Modeling

2018-04-03
2018-01-0014
Several external networks like telematics, and SOTA and many in-vehicle networks by gateways and domain controllers have been increasingly introduced. However, these trends may potentially make many critical data opened, attacked and modified by hackers. These days, vehicle security has been significantly required as these vehicle security threats are related to the human life like drivers and pedestrians. Threat modeling is process of secure software development lifecycle which is developed by Microsoft. It is a systematic approach for analyzing the potential threat in software and identifying the security risk associated with software. Through threat modeling, security risk is be mitigated and eliminated. In vehicle software System, one of vulnerability can affect critical problem about safety. An approach from experience and hacking cases is not enough for analyzing the potential threat and preparing new hacking attack.
Technical Paper

Challenges in Integrating Cybersecurity into Existing Development Processes

2020-04-14
2020-01-0144
Strategies designed to deal with these challenges differ in the way in which added duties are assigned and cybersecurity topics are integrated into the already existing process steps. Cybersecurity requirements often clash with existing system requirements or established development methods, leading to low acceptance among developers, and introducing the need to have clear policies on how friction between cybersecurity and other fields is handled. ...Cybersecurity requirements often clash with existing system requirements or established development methods, leading to low acceptance among developers, and introducing the need to have clear policies on how friction between cybersecurity and other fields is handled. A cybersecurity development approach is frequently perceived as introducing impediments, that bear the risk of cybersecurity measures receiving a lower priority to reduce inconvenience. ...For an established development process and a team accustomed to this process, adding cybersecurity features to the product initially means inconvenience and reduced productivity without perceivable benefits.
Technical Paper

Communication Requirements for Plug-In Electric Vehicles

2011-04-12
2011-01-0866
This paper is the second in the series of documents designed to record the progress of a series of SAE documents - SAE J2836™, J2847, J2931, & J2953 - within the Plug-In Electric Vehicle (PEV) Communication Task Force. This follows the initial paper number 2010-01-0837, and continues with the test and modeling of the various PLC types for utility programs described in J2836/1™ & J2847/1. This also extends the communication to an off-board charger, described in J2836/2™ & J2847/2 and includes reverse energy flow described in J2836/3™ and J2847/3. The initial versions of J2836/1™ and J2847/1 were published early 2010. J2847/1 has now been re-opened to include updates from comments from the National Institute of Standards Technology (NIST) Smart Grid Interoperability Panel (SGIP), Smart Grid Architectural Committee (SGAC) and Cyber Security Working Group committee (SCWG).
Technical Paper

Connected Vehicles - A Testing Approach and Methodology

2021-09-22
2021-26-0450
With the introduction of Connected Vehicles, it is possible to extend the limited horizon of vehicles on the road by collective perceptions, where vehicles periodically share their information with other vehicles and servers using cloud. Nevertheless, by the time the connected vehicle spread expands, it is critical to understand the validation techniques which can be used to ensure a flawless transfer of data and connectivity. Connected vehicles are mainly characterized by the smartphone application which is provided to the end customers to access the connectivity features in the vehicle. The end result which is delivered to the customer is through the integrated telematics unit in the vehicle which communicates through a communication layer with the cloud platform. The cloud server in turn interacts with the final application layer of the mobile application given to the customer.
Technical Paper

Cyber Security in the Automotive Domain – An Overview

2017-03-28
2017-01-1652
Driven by the growing internet and remote connectivity of automobiles, combined with the emerging trend to automated driving, the importance of security for automotive systems is massively increasing. Although cyber security is a common part of daily routines in the traditional IT domain, necessary security mechanisms are not yet widely applied in the vehicles. At first glance, this may not appear to be a problem as there are lots of solutions from other domains, which potentially could be re-used. But substantial differences compared to an automotive environment have to be taken into account, drastically reducing the possibilities for simple reuse. Our contribution is to address automotive electronics engineers who are confronted with security requirements. Therefore, it will firstly provide some basic knowledge about IT security and subsequently present a selection of automotive specific security use cases.
Technical Paper

Cyber-security for Engine ECUs: Past, Present and Future

2015-09-01
2015-01-1998
In this paper, we outline past, present and future applications of automotive security for engine ECUs. Electronic immobilizers and anti-tuning countermeasures have been used for several years. Recently, OEMs and suppliers are facing more and more powerful attackers, and as a result, have introduced stronger countermeasures based on hardware security. Finally, with the advent of connected cars, it is expected that many things that currently require a physical connection will be done remotely in a near future. This includes remote diagnostics, reprogramming and engine calibration.
Technical Paper

Cybersecurity Metrics for Automotive Systems

2021-04-06
2021-01-0138
With the increased need for cybersecurity in automotive systems due to the development of more advanced technologies and corresponding increased threat vectors, coupled with the upcoming ISO/SAE 21434 cybersecurity standard for automotive systems and cybersecurity regulations in UNECE WP.29, it is becoming increasingly important for auto manufacturers and suppliers to have a clear and common understanding and agreement of cybersecurity metrics for the development and deployment of vehicles. ...Cybersecurity for automotive systems is challenging and one of the major challenges is how to measure this specific system property. ...With the increased need for cybersecurity in automotive systems due to the development of more advanced technologies and corresponding increased threat vectors, coupled with the upcoming ISO/SAE 21434 cybersecurity standard for automotive systems and cybersecurity regulations in UNECE WP.29, it is becoming increasingly important for auto manufacturers and suppliers to have a clear and common understanding and agreement of cybersecurity metrics for the development and deployment of vehicles.
Technical Paper

Cybersecurity Testing and Validation

2017-03-28
2017-01-1655
We also consider the necessary scope and depth of cybersecurity testing and suggest examples of how this can be related to cybersecurity requirements, goals and integrity levels, as determined by the threat analysis and risk assessment. ...An essential part of an effective cybersecurity engineering process is testing the implementation of a system for vulnerabilities and validating the effectiveness of countermeasures. ...The SAE J3061 Cybersecurity Guidebook for Cyber-Physical Vehicle Systems provides a recommended framework which organizations can use to implement a cybersecurity engineering process, which includes activities such as integration and testing, penetration testing and verification/validation of cybersecurity requirements at the hardware, software and system levels.
Technical Paper

Deep Learning Based Real Time Vulnerability Fixes Verification Mechanism for Automotive Firmware/Software

2021-04-06
2021-01-0183
Software vulnerability management is one of the most critical and crucial security techniques, which analyzes the automotive software/firmware across the digital cockpit, ADAS, V2X, etc. domains for vulnerabilities, and provides security patches for the concerned Common Vulnerabilities and Exposures (CVE). The process of automotive SW/FW vulnerability management system between the OEMs and vendors happen through a channel of fixing a certain number of vulnerabilities by 1st tier supplier which needs to be verified in front of OEMs for the fixed number and type of patches in there deliverable SW/FW. The gap of verification between for the fixed patches between the OEMs and 1st tier supplier requires a reliable human independent intelligent technique to have a trustworthiness of verification.
Technical Paper

Designing a Next Generation Trailer Braking System

2021-10-11
2021-01-1268
Passenger vehicles have made astounding technological leaps in recent years. Unfortunately, little of that progress has trickled down to other segments of the transportation industry leaving opportunities for massive gains in safety and performance. In particular, the electric drum brakes on most consumer trailers differ little from those on trailers over 70 years ago. Careful examination of current production passenger vehicle hardware and trailering provided the opportunity to produce a design and test vehicle for a plausible, practical, and performant trailer braking system for the future. This study equips the trailer with high control frequency antilock braking and dynamic torque distribution through use of passenger vehicle grade apply hardware.
Technical Paper

Development and Research of Environment Perception Technology in Intelligent Networked Transportation System

2020-12-30
2020-01-5152
As an important part of intelligent driving vehicles and intelligent networked transportation systems, environmental perception technology can provide important decision-making basis for the overall planning of intelligent driving vehicles and transportation systems. This paper reviews the current research on environment perception technology in the current intelligent networked transportation system, and analyzes four key research directions and related progress of environmental sensing technologies, including single sensor device, high-precision map, multi-sensor information fusion and vehicle-road collaboration. On the basis of analyzing and summarizing existing related research, this article elaborates the development trend and key directions of future environmental perception technology, including the integration of deep learning, vehicle-road integration, information security and multi-dimensional perception technology related development directions.
Technical Paper

EncryptionS Role in Vehicle Information Security

1998-10-19
98C044
A broad range of information is being delivered to and used within modern vehicles. Information-based applications are becoming more highly integrated into the automobile. Security services are necessary to provide appropriate protection for this information. Encryption, digital signature, and hash functionalities enable information security services such as confidentiality, authentication, integrity and non-repudiation. However, the consumer of in-vehicle information services will not accept security services that introduce any inconvenience to their activities. This paper will discuss various security service methods and security management systems and propose methods to integrate these services acceptably into vehicle-based applications.
X