Refine Your Search




Search Results

Journal Article

(R)evolution of E/E Architectures

Functionalities such as automated driving, connectivity and cyber-security have gained increasing importance over the past few years. The importance of these functionalities will continue to grow as these cutting-edge technologies mature and market acceptance increases.
Journal Article

A Centrally Managed Identity-Anonymized CAN Communication System*

Abstract Identity-Anonymized CAN (IA-CAN) protocol is a secure CAN protocol, which provides the sender authentication by inserting a secret sequence of anonymous IDs (A-IDs) shared among the communication nodes. To prevent malicious attacks from the IA-CAN protocol, a secure and robust system error recovery mechanism is required. This article presents a central management method of IA-CAN, named the IA-CAN with a global A-ID, where a gateway plays a central role in the session initiation and system error recovery. Each ECU self-diagnoses the system errors, and (if an error happens) it automatically resynchronizes its A-ID generation by acquiring the recovery information from the gateway. We prototype both a hardware version of an IA-CAN controller and a system for the IA-CAN with a global A-ID using the controller to verify our concept.
Journal Article

A Comprehensive Attack and Defense Model for the Automotive Domain

Abstract In the automotive domain, the overall complexity of technical components has increased enormously. Formerly isolated, purely mechanical cars are now a multitude of cyber-physical systems that are continuously interacting with other IT systems, for example, with the smartphone of their driver or the backend servers of the car manufacturer. This has huge security implications as demonstrated by several recent research papers that document attacks endangering the safety of the car. However, there is, to the best of our knowledge, no holistic overview or structured description of the complex automotive domain. Without such a big picture, distinct security research remains isolated and is lacking interconnections between the different subsystems. Hence, it is difficult to draw conclusions about the overall security of a car or to identify aspects that have not been sufficiently covered by security analyses.
Journal Article

A Comprehensive Risk Management Approach to Information Security in Intelligent Transport Systems

Abstract Connected vehicles and intelligent transportation systems are currently evolving into highly interconnected digital environments. Due to the interconnectivity of different systems and complex communication flows, a joint risk analysis for combining safety and security from a system perspective does not yet exist. We introduce a novel method for joint risk assessment in the automotive sector as a combination of the Diamond Model, Failure Mode and Effects Analysis (FMEA), and Factor Analysis of Information Risk (FAIR). These methods have been sequentially composed, which results in a comprehensive risk management approach to information security in an intelligent transport system (ITS). The Diamond Model serves to identify and structurally describe threats and scenarios, the widely accepted FMEA provides threat analysis by identifying possible error combinations, and FAIR provides a quantitative estimation of probabilities for the frequency and magnitude of risk events.
Technical Paper

A Controller Area Network Bus Identity Authentication Method Based on Hash Algorithm

With the development of vehicle intelligence and the Internet of Vehicles, how to protect the safety of the vehicle network system has become a focus issue that needs to be solved urgently. The Controller Area Network (CAN) bus is currently a very widely used vehicle-mounted bus, and its security largely determines the degree of vehicle-mounted information security. The CAN bus lacks adequate protection mechanisms and is vulnerable to external attacks such as replay attacks, modifying attacks, and so on. On the basis of the existing work, this paper proposes an authentication method that combines Hash-based Message Authentication Code (HMAC)-SHA256 and Tiny Encryption Algorithm (TEA) algorithms. This method is based on dynamic identity authentication in challenge/response made and combined with the characteristics of the CAN bus itself as it achieves the identity authentication between the gateway and multiple electronic control units (ECUs).
Journal Article

A Distributed “Black Box” Audit Trail Design Specification for Connected and Automated Vehicle Data and Software Assurance

Abstract Automotive software is increasingly complex and critical to safe vehicle operation, and related embedded systems must remain up to date to ensure long-term system performance. Update mechanisms and data modification tools introduce opportunities for malicious actors to compromise these cyber-physical systems, and for trusted actors to mistakenly install incompatible software versions. A distributed and stratified “black box” audit trail for automotive software and data provenance is proposed to assure users, service providers, and original equipment manufacturers (OEMs) of vehicular software integrity and reliability. The proposed black box architecture is both layered and diffuse, employing distributed hash tables (DHT), a parity system and a public blockchain to provide high resilience, assurance, scalability, and efficiency for automotive and other high-assurance systems.
Technical Paper

A Domain-Centralized Automotive Powertrain E/E Architecture

This paper proposes a domain-centralized powertrain E/E (electrical and/or electronic) architecture for all-electric vehicles that features: a powerful master controller (domain controller) that implements most of the functionality of the domain; a set of smart actuators for electric motor(s), HV (High Voltage) battery pack, and thermal management; and a gateway that routes all hardware signals, including digital and analog I/O, and field bus signals between the domain controller and the rest of the vehicle that is outside of the domain. Major functional safety aspects of the architecture are presented and a safety architecture is proposed. The work represents an early E/E architecture proposal. In particular, detailed partitioning of software components over the domain’s Electronic Control Units (ECUs) has not been determined yet; instead, potential partitioning schemes are discussed.
Journal Article

A Novel Assessment and Administration Method of Autonomous Vehicle

As a promising strategic industry group that is rapidly evolving around the world, autonomous vehicle is entering a critical phase of commercialization from demonstration to end markets. The global automotive industry and governments are facing new common topics and challenges brought by autonomous vehicle, such as how to test, assess, and administrate the autonomous vehicle to ensure their safe running in real traffic situations and proper interactions with other road users. Starting from the facts that the way to autonomous driving is the process of a robot or a machine taking over driving tasks from a human. This paper summarizes the main characteristics of autonomous vehicle which are different from traditional one, then demonstrates the limitations of the existing certification mechanism and related testing methods when applied to autonomous vehicle.
Journal Article

A Systematic Mapping Study on Security Countermeasures of In-Vehicle Communication Systems

Abstract The innovations of vehicle connectivity have been increasing dramatically to enhance the safety and user experience of driving, while the rising numbers of interfaces to the external world also bring security threats to vehicles. Many security countermeasures have been proposed and discussed to protect the systems and services against attacks. To provide an overview of the current states in this research field, we conducted a systematic mapping study (SMS) on the topic area “security countermeasures of in-vehicle communication systems.” A total of 279 papers are identified based on the defined study identification strategy and criteria. We discussed four research questions (RQs) related to the security countermeasures, validation methods, publication patterns, and research trends and gaps based on the extracted and classified data. Finally, we evaluated the validity threats and the whole mapping process.

A how-to for car hackers

The automotive cyber wars are just getting started. Regardless of what side of the battle you’re on, there are valuable insights into the other guy’s strategies and tactics in an excellent new book, The Car Hacker's Handbook .
Best Practice

AVSC Best Practice for Data Collection for Automated Driving System-Dedicated Vehicles (ADS-DVs) to Support Event Analysis

As technology and functionality of vehicle systems change, so do data recording needs. In ADS-dedicated vehicles (DV), the ADS perceives the environment and handles vehicle motion control, i.e., the dynamic driving task (DDT), as described in SAE J3016. When an ADS takes the place of a human driver, its sensing, processing, and control systems necessitate new considerations for data recording. Data recording is important to crash reconstruction, system performance investigations, and event analysis. It enables industry-wide improvements in ADS safety. This best practice makes recommendations for the ADS-DV data needed to support: (1) information about what the ADS "saw" and "did" and (2) identify the technology-relevant factors that contributed to the event.
Journal Article

Accelerated Secure Boot for Real-Time Embedded Safety Systems

Abstract The importance of in-vehicle network security has increased with an increase in automated and connected vehicles. Hence, many attacks and countermeasures have been proposed to secure the controller area network (CAN), which is an existent in-vehicle network protocol. At the same time, new protocols-such as FlexRay and Ethernet-which are faster and more reliable than CAN have also been proposed. European OEMs have adopted FlexRay as a control network that can perform the fundamental functions of a vehicle. However, there are few studies regarding FlexRay security. In particular, studies on attacks against FlexRay are limited to theoretical studies or simulation-based experiments. Hence, the vulnerability of FlexRay is unclear. Understanding this vulnerability is necessary for the application of countermeasures and improving the security of future vehicles. In this article, we highlight the vulnerability of FlexRay found in the experiments conducted on a real FlexRay network.
Technical Paper

Accelerating In-Vehicle Network Intrusion Detection System Using Binarized Neural Network

Controller Area Network (CAN), the de facto standard for in-vehicle networks, has insufficient security features and thus is inherently vulnerable to various attacks. To protect CAN bus from attacks, intrusion detection systems (IDSs) based on advanced deep learning methods, such as Convolutional Neural Network (CNN) and Recurrent Neural Network (RNN), have been proposed to detect intrusions. However, those models generally introduce high latency, require considerable memory space, and often result in high energy consumption. To accelerate intrusion detection and also reduce memory requests, we exploit the use of Binarized Neural Network (BNN) and hardware-based acceleration for intrusion detection in in-vehicle networks. As BNN uses binary values for activations and weights rather than full precision values, it usually results in faster computation, smaller memory cost, and lower energy consumption than full precision models.

Addressing configuration controls in an era of multiple security frameworks

 Sometimes mandatory, often voluntary, security frameworks are created to provide federal and commercial organizations with an effective roadmap for securing information technology (IT) systems. The goal is to reduce risk levels and prevent or mitigate cyberattacks. To accomplish this task, security frameworks typically provide a series of documented, agreed upon, and understood policies, procedures, and processes necessary to secure the confidentiality, integrity, and availability of information systems and data.
Technical Paper

Adopting Aviation Safety Knowledge into the Discussions of Safe Implementation of Connected and Autonomous Road Vehicles

The development of connected and autonomous vehicles (CAVs) is progressing fast. Yet, safety and standardization-related discussions are limited due to the recent nature of the sector. Despite the effort that is initiated to kick-start the study, awareness among practitioners is still low. Hence, further effort is required to stimulate this discussion. Among the available works on CAV safety, some of them take inspiration from the aviation sector that has strict safety regulations. The underlying reason is the experience that has been gained over the decades. However, the literature still lacks a thorough association between automation in aviation and the CAV from the safety perspective. As such, this paper motivates the adoption of safe-automation knowledge from aviation to facilitate safer CAV systems.
Technical Paper

An Analysis of Secure Software Development Lifecycle from an Automotive Development Perspective

The modern vehicle development is highly dependent on software. The software development plays an extremely important role in vehicle safety and security. In order to ensure software high quality and safety standards, we have investigated the secure software development process and analyzed the works in this area. Based on our analysis, we have identified the similarities and differences between the secure software development process and the existing vehicle development process. We then made suggestions on how to adopt the secure software development process in the overall vehicle development process.