Refine Your Search

Search Results

Viewing 1 to 2 of 2
Technical Paper

A Safety Concept based on a Safety Sustainer for Highly Automated Driving Systems

Highly automated driving systems have a responsibility to keep a vehicle safe even in abnormal conditions such as random or systematic failures. However, creating redundancy in a system to respond to failures increases the cost of the system, and simple redundancy cannot detect systematic failures because some systematic failures occur in each system at the same time. Systematic failures in automated driving systems cannot be verified sufficiently during the development phase due to numerous patterns of parameters input from outside the system. A safety concept based on a “safety sustainer” for highly automated driving systems is proposed. The safety sustainer is designed for keeping a vehicle in a safe state for several seconds if a failure occurs in the system and notifying the driver that the system is in failure mode and requesting the driver to take over control of the vehicle.
Technical Paper

CAN Security: Cost-Effective Intrusion Detection for Real-Time Control Systems

In-vehicle networks are generally used for computerized control and connecting information technology devices in cars. However, increasing connectivity also increases security risks. “Spoofing attacks”, in which an adversary infiltrates the controller area network (CAN) with malicious data and makes the car behave abnormally, have been reported. Therefore, countermeasures against this type of attack are needed. Modifying legacy electronic control units (ECUs) will affect development costs and reliability because in-vehicle networks have already been developed for most vehicles. Current countermeasures, such as authentication, require modification of legacy ECUs. On the other hand, anomaly detection methods may result in misdetection due to the difficulty in setting an appropriate threshold. Evaluating a reception cycle of data can be used to simply detect spoofing attacks. However, this may result in false detection due to fluctuation in the data reception cycle in the CAN.