Refine Your Search

Topic

Author

Search Results

Technical Paper

A Controller Area Network Bus Identity Authentication Method Based on Hash Algorithm

2021-07-14
2021-01-5077
With the development of vehicle intelligence and the Internet of Vehicles, how to protect the safety of the vehicle network system has become a focus issue that needs to be solved urgently. The Controller Area Network (CAN) bus is currently a very widely used vehicle-mounted bus, and its security largely determines the degree of vehicle-mounted information security. The CAN bus lacks adequate protection mechanisms and is vulnerable to external attacks such as replay attacks, modifying attacks, and so on. On the basis of the existing work, this paper proposes an authentication method that combines Hash-based Message Authentication Code (HMAC)-SHA256 and Tiny Encryption Algorithm (TEA) algorithms. This method is based on dynamic identity authentication in challenge/response made and combined with the characteristics of the CAN bus itself as it achieves the identity authentication between the gateway and multiple electronic control units (ECUs).
Technical Paper

An Integrated View on Automotive SPICE, Functional Safety and Cyber-Security

2020-04-14
2020-01-0145
This increases the attractiveness of an attack on vehicles and thus introduces new risks for vehicle cybersecurity. Thus, just as safety became a critical part of the development in the late 20th century, the automotive domain must now consider cybersecurity as an integral part of the development of modern vehicles. ...Thus, just as safety became a critical part of the development in the late 20th century, the automotive domain must now consider cybersecurity as an integral part of the development of modern vehicles. Aware of this fact, the automotive industry has, therefore, recently taken multiple efforts in designing and producing safe and secure connected and automated vehicles. ...As the domain geared up for the cybersecurity challenges, they leveraged experiences from many other domains, but must face several unique challenges.
Technical Paper

Analyze This! Sound Static Analysis for Integration Verification of Large-Scale Automotive Software

2019-04-02
2019-01-1246
Safety-critical embedded software has to satisfy stringent quality requirements. One such requirement, imposed by all contemporary safety standards, is that no critical run-time errors must occur. Runtime errors can be caused by undefined or unspecified behavior of the programming language; examples are buffer overflows or data races. They may cause erroneous or erratic behavior, induce system failures, and constitute security vulnerabilities. A sound static analyzer reports all such defects in the code, or proves their absence. Sound static program analysis is a verification technique recommended by ISO/FDIS 26262 for software unit verification and for the verification of software integration. In this article we propose an analysis methodology that has been implemented with the static analyzer Astrée. It supports quick turn-around times and gives highly precise whole-program results.
Technical Paper

CAN Crypto FPGA Chip to Secure Data Transmitted Through CAN FD Bus Using AES-128 and SHA-1 Algorithms with A Symmetric Key

2017-03-28
2017-01-1612
Robert Bosch GmBH proposed in 2012 a new version of communication protocol named as Controller area network with Flexible Data-Rate (CANFD), that supports data frames up to 64 bytes compared to 8 bytes of CAN. With limited data frame size of CAN message, and it is impossible to be encrypted and secured. With this new feature of CAN FD, we propose a hardware design - CAN crypto FPGA chip to secure data transmitted through CAN FD bus by using AES-128 and SHA-1 algorithms with a symmetric key. AES-128 algorithm will provide confidentiality of CAN message and SHA-1 algorithm with a symmetric key (HMAC) will provide integrity and authentication of CAN message. The design has been modeled and verified by using Verilog HDL – a hardware description language, and implemented successfully into Xilinx FPGA chip by using simulation tool ISE (Xilinx).
Technical Paper

Case Study for Defining Security Goals and Requirements for Automotive Security Parts Using Threat Modeling

2018-04-03
2018-01-0014
Several external networks like telematics, and SOTA and many in-vehicle networks by gateways and domain controllers have been increasingly introduced. However, these trends may potentially make many critical data opened, attacked and modified by hackers. These days, vehicle security has been significantly required as these vehicle security threats are related to the human life like drivers and pedestrians. Threat modeling is process of secure software development lifecycle which is developed by Microsoft. It is a systematic approach for analyzing the potential threat in software and identifying the security risk associated with software. Through threat modeling, security risk is be mitigated and eliminated. In vehicle software System, one of vulnerability can affect critical problem about safety. An approach from experience and hacking cases is not enough for analyzing the potential threat and preparing new hacking attack.
Technical Paper

Connected Vehicles - A Testing Approach and Methodology

2021-09-22
2021-26-0450
With the introduction of Connected Vehicles, it is possible to extend the limited horizon of vehicles on the road by collective perceptions, where vehicles periodically share their information with other vehicles and servers using cloud. Nevertheless, by the time the connected vehicle spread expands, it is critical to understand the validation techniques which can be used to ensure a flawless transfer of data and connectivity. Connected vehicles are mainly characterized by the smartphone application which is provided to the end customers to access the connectivity features in the vehicle. The end result which is delivered to the customer is through the integrated telematics unit in the vehicle which communicates through a communication layer with the cloud platform. The cloud server in turn interacts with the final application layer of the mobile application given to the customer.
Technical Paper

Cyber-security for Engine ECUs: Past, Present and Future

2015-09-01
2015-01-1998
In this paper, we outline past, present and future applications of automotive security for engine ECUs. Electronic immobilizers and anti-tuning countermeasures have been used for several years. Recently, OEMs and suppliers are facing more and more powerful attackers, and as a result, have introduced stronger countermeasures based on hardware security. Finally, with the advent of connected cars, it is expected that many things that currently require a physical connection will be done remotely in a near future. This includes remote diagnostics, reprogramming and engine calibration.
Technical Paper

Dyno-in-the-Loop: An Innovative Hardware-in-the-Loop Development and Testing Platform for Emerging Mobility Technologies

2020-04-14
2020-01-1057
Today’s transportation is quickly transforming with the nascent advent of connectivity, automation, shared-mobility, and electrification. These technologies will not only affect our safety and mobility, but also our energy consumption, and environment. As a result, it is of unprecedented importance to understand the overall system impacts due to the introduction of these emerging technologies and concepts. Existing modeling tools are not able to effectively capture the implications of these technologies, not to mention accurately and reliably evaluating their effectiveness with a reasonable scope. To address these gaps, a dynamometer-in-the-loop (DiL) development and testing approach is proposed which integrates test vehicle(s), chassis dynamometer, and high fidelity traffic simulation tools, in order to achieve a balance between the model accuracy and scalability of environmental analysis for the next generation of transportation systems.
Technical Paper

Enabling Efficient Functional Safety Audits - The Missing Link between ISO 26262 and Automotive SPICE

2019-04-02
2019-01-0144
In the field of electric and electronic (E/E) design for the automotive industry, there are separate traditions related to functional safety and software quality assurance. Both relying on the evaluation of the processes used; Automotive SPICE provides detailed guidance on how to perform this evaluation whilst ISO 26262 does not and simply mention Automotive SPICE as one possible solution. ISO 26262 additionally requires for an evaluation of the functional safety achieved by the product and uses the process evaluation (or functional safety audit in ISO 26262 terms) to support the final functional safety assessment. The purpose is to evaluate the implementation of the necessary safety processes according to the claimed scope defined in the safety plan. Automotive SPICE does not make a distinction on whether the application of the software under evaluation is safety related or not.
Technical Paper

Hypervisor Implementation in Vehicle Networks

2020-04-14
2020-01-1334
The hypervisor offers many benefits to the vehicle architecture, both operationally and with cybersecurity. The proposed mitigant provides the structure to partition the various VMs. This allows for the different functions to be managed within their own distinct VM. ...While the cybersecurity applications are numerous, there are also the operational benefits. The hypervisor is designed to not only manage the VMs, but also to increase the efficiency of these via resource management.
Journal Article

Implementation Methodologies for Simulation as a Service (SaaS) to Develop ADAS Applications

2021-04-06
2021-01-0116
Over the years, the complexity of autonomous vehicle development (and concurrently the verification and validation) has grown tremendously in terms of component-, subsystem- and system-level interactions between autonomy and the human users. Simulation-based testing holds significant promise in helping to identify both problematic interactions between component-, subsystem-, and system-levels as well as overcoming delays typically introduced by the default full-scale on-road testing. Software in Loop (SiL) simulation is utilized as an intermediate step towards software deployment for autonomous vehicles (AV) to make them reliable. SiL efforts can help reduce the resources required for successful deployment by helping to validate the software for millions of road miles. A key enabler for accelerating SiL processes is the ability to use Simulation as a Service (SaaS) rather than just isolated instances of software.
Technical Paper

Improved Run Time Error Analysis Using Formal Methods for Automotive Software - Improvement of Quality, Cost Effectiveness and Efforts to Proactive Defects Check

2021-09-22
2021-26-0459
Quality is what determines success or failure. If products are not error-free, reliable and robust, customers will be put off. Criticism is inevitable. Bosch is focusing on this theme and taking appropriate action to improve the quality of automotive software. Runtime errors most often refer to issues that appear during the execution of a program like buffer overflow issues and pointer access out of bounds. They are important to detect as they may cause critical safety, security or business operation concerns. They can potentially cause the critical systems of high-integrity applications to fail, leading to disastrous results and they have been blamed as the root cause of system failure in high-profile examples in automotive software. This has resulted in identifying run-time error detection as critical field of interest where safety-critical embedded software has to satisfy stringent quality requirements by all contemporary safety standards where no run-time errors must occur.
Technical Paper

Intelligent Vehicle Monitoring for Safety and Security

2019-04-02
2019-01-0129
The caveat to these additional capabilities is issues like cybersecurity, complexity, etc. This paper is an exploration into FuSa and CAVs and will present a systematic approach to understand challenges and propose potential framework, Intelligent Vehicle Monitoring for Safety and Security (IVMSS) to handle faults/malfunctions in CAVs, and specifically autonomous systems.
Technical Paper

Leveraging Systems Theoretic Process Analysis (STPA) for Efficient ISO 26262 Compliance

2021-04-06
2021-01-0067
There has been a significant increase - both in the content of electronics and software in vehicles as well as in recalls attributed to these components and systems. The advanced features, including the onset of autonomous vehicles accompanied by millions of lines of code in software have exponentially increased the complexity of vehicle systems and decreased effectiveness of many of the safety analysis techniques being used to identify hazards and safety requirements - for example, FMEA, FTA, ETA, etc.- which were invented decades before the existence of complexities of such magnitude. This paper examines a new hazard identification technique formalized by Nancy G Leveson of Massachusetts Institute of Technology (MIT), USA in her book “Engineering a Safer World” and further elaborated in the STPA Handbook co-authored with John P Thomas in March 2018.
Technical Paper

Modelify: Semi-Automatic Conversion of Control Systems C Code to Simulink Models

2016-04-05
2016-01-0020
Over the last decade, the automotive industry has embraced model-based development for control systems. Many of these companies have chosen Simulink from MathWorks to design and simulate these models. However, a remaining issue is the fact that many control systems were initially written in C and are still being used. Some companies have attempted to manually convert these C systems to Simulink models but have found this method to be too costly, error-prone, and time consuming. EnSoft decided to tackle this problem by providing a semi-automated conversion using our Atlas for C tool. Atlas is a tool that maps software and creates a relation map for all parts of the program. It then offers the developer tools to query and visualize this graph. We have developed Modelify, a tool built on this framework that performs the necessary queries on a C project and creates equivalent Simulink models and subsystems.
Technical Paper

Onboard Cybersecurity Diagnostic System for Connected Vehicles

2021-09-21
2021-01-1249
Here, we discuss the On-Board Diagnostic (OBD) regulations for next generation BEV/HEV, its vulnerabilities and cybersecurity threats that come with hacking. We propose three cybersecurity attack detection and defense methods: Cyber-Attack detection algorithm, Time-Based CAN Intrusion Detection Method and, Feistel Cipher Block Method. ...These control methods autonomously diagnose a cybersecurity problem in a vehicle’s onboard system using an OBD interface, such as OBD-II when a fault caused by a cyberattack is detected, All of this is achieved in an internal communication network structure.
Technical Paper

Proposal of HILS-Based In-Vehicle Network Security Verification Environment

2018-04-03
2018-01-0013
We propose a security-testing framework to analyze attack feasibilities for automotive control software by integrating model-based development with model checking techniques. Many studies have pointed out the vulnerabilities in the Controller Area Network (CAN) protocol, which is widely used in in-vehicle network systems. However, many security attacks on automobiles did not explicitly consider the transmission timing of CAN packets to realize vulnerabilities. Additionally, in terms of security testing for automobiles, most existing studies have only focused on the generation of the testing packets to realize vulnerabilities, but they did not consider the timing of invoking a security testing. Therefore, we focus on the transmit timing of CAN packets to realize vulnerabilities. In our experiments, we have demonstrated the classification of feasible attacks at the early development phase by integrating the model checking techniques into a virtualized environment.
Technical Paper

Research on Vehicle Cybersecurity Based on Dedicated Security Hardware and ECDH Algorithm

2017-09-23
2017-01-2005
Vehicle cybersecurity consists of internal security and external security. Dedicated security hardware will play an important role in car’s internal and external security communication. ...For certain AURIX MCU consisting of HSM, the experiment result shows that cheaper 32-bit HSM’s AES calculating speed is 25 times of 32-bit main controller, so HSM is an effective choice to realize cybersecurity. After comparing two existing methods that realize secure CAN communication, A Modified SECURE CAN scheme is proposed, and differences of the three schemes are analyzed.
Technical Paper

Safe Operations at Roadway Junctions - Design Principles from Automated Guideway Transit

2021-06-16
2021-01-1004
This paper describes a system-level view of a fully automated transit system comprising a fleet of automated vehicles (AVs) in driverless operation, each with an SAE level 4 Automated Driving System, along with its related safety infrastructure and other system equipment. This AV system-level control is compared to the automatic train control system used in automated guideway transit technology, particularly that of communications-based train control (CBTC). Drawing from the safety principles, analysis methods, and risk assessments of CBTC systems, comparable functional subsystem definitions are proposed for AV fleets in driverless operation. With the prospect of multiple AV fleets operating within a single automated mobility district, the criticality of protecting roadway junctions requires an approach like that of automated fixed-guideway transit systems, in which a guideway switch zone “interlocking” at each junction location deconflicts railway traffic, affirming safe passage.
Technical Paper

Streamlined Process for Cloud Based Diagnostics Using Amazon Web Services

2021-04-06
2021-01-0159
In the age of 5G, the cloud constitutes a massive computational resource. Such capability is greatly underutilized, especially for the purpose of vehicle diagnostics and prognostics. Diagnostics and prognostics run mostly in the limited and cost sensitive electronic module of the vehicle. Utilizing vehicle connectivity, along with the massive capability of the cloud would allow the deployment of smarter algorithms that provide improved vehicle performance and operation management. In this paper, a streamlined process to develop and deploy off-board diagnostics is presented. The process included developing multiphysics digital twins and running the diagnostics off-board. It was demonstrated on a fleet of virtual Hybrid Electric Vehicles (HEV). The Digital Twin replica was created using Simulink® and Simscape®. The microcontroller used to demonstrate the diagnostic is a Raspberry Pi hardware running in real time.
X