Your Selections

Show Only


File Formats

Content Types












Enhancement of Automotive Penetration Testing with Threat Analyses Results

Karlsruhe University of Applied Sciences, Germany-Jürgen Dürrwang, Johannes Braun, Marcel Rumez, Reiner Kriesten
Technical University of Munich (TUM), Germany-Alexander Pretschner
  • Journal Article
  • 11-01-02-0005
Published 2018-11-02 by SAE International in United States
In this work, we present an approach to support penetration tests by combining safety and security analyses to enhance automotive security testing. Our approach includes a new way to combine safety and threat analyses to derive possible test cases. We reuse outcomes of a performed safety analysis as the input for a threat analysis. We show systematically how to derive test cases, and we present the applicability of our approach by deriving and performing test cases for a penetration test of an automotive electronic control unit (ECU). Therefore, we selected an airbag control unit due to its safety-critical functionality. During the penetration test, the selected control unit was installed on a test bench, and we were able to successfully exploit a discovered vulnerability, causing the detonation of airbags.
Datasets icon
Annotation icon

Maintaining Enterprise Resiliency Via Kaleidoscopic Adaption and Transformation of Software Services (MEERKATS)

  • Magazine Article
  • TBMG-33021
Published 2018-10-01 by Tech Briefs Media Group in United States

This research investigates a new vision for increasing the resilience of computing clouds by elevating continuous change, evolution, and misinformation as first-rate design principles of the cloud's infrastructure. The work is motivated by the fact that today's clouds are very static, uniform, and predictable, allowing attackers who identify a vulnerability in one of the services or infrastructure components to spread their effect to other, mission-critical services. The goal is to integrate into clouds a new level of unpredictability for both their services and data so as to both impede an adversary's ability to achieve an initial system compromise and, if a compromise occurs, to detect, disrupt, and/or otherwise impede their ability to exploit this success.

SAE Truck & Off-Highway Engineering: October 2018

  • Magazine Issue
  • 18TOFHP10
Published 2018-10-01 by SAE International in United States
Are higher voltage architectures imminent? As the limitations of current 12V architectures become more apparent, the commercial vehicle industry could be on the verge of adopting 48V. The only question is, will improvements in other technologies offer something better?Sensing changes in autonomous trucks Requirements for sensors and controls for commercial vehicles differ significantly from those used for cars.Many paths lead to reduced emissions A wide range of ICE technologies are needed to meet increasingly stringent emissions regulations.Quotes from COMVEC 2018 Industry leaders spoke extensively about all things autonomous-ADAS, big data, connectivity, cybersecurity, machine learning-at the annual SAE event. Here's some of what they had to say.Fuel-cell Class 8-take 2.0 With a longer-range and more-refined fuel cell-powered heavy-duty truck, Toyota aims to eventually eliminate emissions from trucks serving increasingly congested California ports.Editorial Bring innovation, disruption in-houseAdding 3D printing to design, manufacturing processesUpstream devoted to truck cybersecurity threatsJacobs employs cylinder deactivation in HD engines to lower CO2, NOxEmissions reductions continue to disrupt CV industryMercedes doubles down on electric vans and buses, considers fuel cellsOff-road bus from Torsus…

SAE Cybersecurity Podcast: Let's Look at It Again: Cybersecurity and Commercial Aviation

  • Podcast
  • 12383
Recorded 2018-09-13

In a very interconnected world, cyber vulnerability is real. Kirsten Koepsel, lawyer and engineer specializing in cyber security, talks with SAE International about how this new environment affects the planes and airports we use every day.

Transmitter Protects Wireless Data from Hackers

  • Magazine Article
  • TBMG-32852
Published 2018-09-01 by Tech Briefs Media Group in United States

Today, more than 8 billion devices are connected around the world, including medical devices, wearables, vehicles, and smart household and city technologies. Those devices are vulnerable to hacker attacks that locate, intercept, and overwrite the data, jamming signals. One method to protect the data is frequency hopping, which sends each data packet, containing thousands of individual bits, on a random, unique radio frequency (RF) channel, so hackers can't pin down any given packet. Hopping large packets, however, is just slow enough that hackers can still execute an attack.

Faster Photons Could Make Data Totally Secure

  • Magazine Article
  • TBMG-32839
Published 2018-09-01 by Tech Briefs Media Group in United States

Transferring data using light passed along fiber optic cables has become increasingly common over the past decades, but each pulse currently contains millions of photons. That means that in principle, a portion of these could be intercepted without detection. Secure data is already encrypted, but if an eavesdropper was able to intercept the signals containing details of the code, in theory they could access and decode the rest of the message.

Cybersecurity for Commercial Vehicles

General Telecom Systems Inc.-Gloria D'Anna
  • Book
  • R-464
Published 2018-08-28 by SAE International in United States
This book provides a thorough view of cybersecurity to encourage those in the commercial vehicle industry to be fully aware and concerned that their fleet and cargo could be at risk to a cyber-attack. It delivers details on key subject areas including: • SAE International Standard J3061; the cybersecurity guidebook for cyber-physical vehicle systems • The differences between automotive and commercial vehicle cybersecurity. • Forensics for identifying breaches in cybersecurity. • Platooning and fleet implications. • Impacts and importance of secure systems for today and for the future. Cybersecurity for all segments of the commercial vehicle industry requires comprehensive solutions to secure networked vehicles and the transportation infrastructure. It clearly demonstrates the likelihood that an attack can happen, the impacts that would occur, and the need to continue to address those possibilities. This multi-authored presentation by subject-matter experts provides an interesting and dynamic story of how industry is developing solutions that address the critical security issues; the key social, policy, and privacy perspectives; as well as the integrated efforts of industry, academia, and government to…
Annotation icon

Introduction to Car Hacking with CANbus

  • Professional Development
  • C1857
Published 2018-08-02

Vehicle cybersecurity vulnerabilities could impact a vehicle's safe operation. Therefore, engineers should ensure that systems are designed free of unreasonable risks to motor vehicle safety, including those that may result due to existence of potential cybersecurity vulnerabilities. The automotive industry is making vehicle cybersecurity an organizational priority. Prioritizing vehicle cybersecurity also means learning about vehicle hacking techniques in order to ensure that systems will be reasonably safe under expected real-world conditions, including those that may arise due to potential vehicle cybersecurity vulnerabilities from hacking the CAN communications or OBD-II interface. The automotive cybersecurity environment is dynamic and is expected to change continually and, at times, rapidly. Developing a basic understanding of car hacking can provide a good foundation for developing approaches to vehicle cybersecurity.

Securing the Future of Healthcare through the Right Cybersecurity Architecture

  • Magazine Article
  • TBMG-32446
Published 2018-08-01 by Tech Briefs Media Group in United States

In 2017, the healthcare industry experienced a dramatic surge in cyberattacks. Thousands of healthcare organizations around the world suffered various attacks — from data theft to ransomware attacks. Among them was the notorious WannaCry ransomware attack, which affected over 300,000 machines across 150,000 countries, including the United States. As many as 200,000 Windows systems were impacted by WannaCry, including nearly 50 healthcare facilities in the UK, and dozens more in the United States. The infections from WannaCry impacted medical devices as well, putting hospital staff — and patient safety — at risk.

The Aerospace Supply Chain and Cyber Security - Challenges Ahead

Kirsten M. Koepsel
  • Book
  • T-133
Published 2018-07-20 by SAE International in United States

The Aerospace Supply Chain and Cyber Security - Challenges Ahead looks at the current state of commercial aviation and cyber security, how information technology and its attractiveness to cyber attacks is affecting it, and the way supply chains have become a vital part of the industry's cyber-security strategy.

Annotation icon