Your Selections

Cybersecurity
Show Only

Collections

File Formats

Content Types

Dates

Sectors

Topics

Authors

Publishers

Affiliations

Committees

Events

Magazine

Series

SAE International Journal of Transportation Cybersecurity and Privacy

  • Journal
  • V129-11EJ
To be published on 2020-06-30 by SAE International in United States
This is the electronic format of the journal.
   This content is not included in your SAE MOBILUS subscription, or you are not logged in.

Hypervisor Implementation in Vehicle Networks

Aptiv-Charles E. Parker, Jessica Wasen
  • Technical Paper
  • 2020-01-1334
To be published on 2020-04-14 by SAE International in United States
As technology has grown in complexity, so have the use cases and applications. In particular, vehicle systems have evolved from the mechanically simple tool with the singular utility of transport to a transportation device embedded with computer systems, allowing for the vastly superior UX. As the technological advances and increased vehicular functionality, this has also increased the number of vulnerabilities and opportunity for a successful system breach. Any of these within the present architecture, when successfully exploited, may lead to a cascade of failures, or a limited number of critical failures. To mitigate this opportunity for the attackers, one non-obtrusive measure involves a method used in non-vehicle systems. The hypervisor implementation is recommended to assist with this mitigation. While this has not been researched at length in the present use case, the application of this well-versed tool is viable. The hypervisor offers many benefits to the vehicle architecture, both operationally and with cybersecurity. The proposed mitigant provides the structure to partition the various VMs. This allows for the different functions to be managed within their…
   This content is not included in your SAE MOBILUS subscription, or you are not logged in.

In-vehicle diagnostic system for prognostics and OTA updates of automated / autonomous vehicles.

Softing Automotive Electronics GmbH-Peter Subke, Muzafar Moshref, Julian Erber
  • Technical Paper
  • 2020-01-1373
To be published on 2020-04-14 by SAE International in United States
The E/E architecture of a modern passenger car consist of a central connectivity gateway that comes with an interface to the legally required OBD connector (SAE J1978), to domain controllers and to a Telematic Control Unit (TCU). The TCU supports 4G or 5G and provides the wireless connection to the cloud. The domain controllers are connected to the gateway via 2-wire Ethernet with a star topology, whereby the domain controllers act as gateways to CAN FD bus systems. The interface to the wired OBD connector supports both OBD/UDS on CAN and UDS on IP. The new E/E system comes with increased self-diagnostic capabilities. They automatically perform tests, log diagnostic data and push such data for prognostics purposes to the cloud. They also support over-the-air (OTA) updates. This paper describes the components of an E/E system that is equipped with an in-vehicle diagnostic tester. The tester consists of standardized components, including MVCI D-Server (ISO 22900), ODX (ISO 22901), OTX (ISO 13209) and UDS on IP (ISO 14229-5). The paper includes a description of cybersecurity measures to…
   This content is not included in your SAE MOBILUS subscription, or you are not logged in.

Test Method for the SAE J3138 Automotive Cyber Security Standard

DG Technologies-Mark Zachos
  • Technical Paper
  • 2020-01-0142
To be published on 2020-04-14 by SAE International in United States
This paper will provide an Overview of Automotive Cyber Security Standards related to the Vehicle OBD-II Data Link. The OBD-II Connector Attack Tree is described with respect to the SAE J3138 requirements for Intrusive vs. non-Intrusive Services. A proposed test method for SAE J3138 is described including hardware and software scripting. Finally, example test results are reviewed and compared with a potential threat boundary.
   This content is not included in your SAE MOBILUS subscription, or you are not logged in.

Challenges in integrating Cybersecurity into existing development processes

Invensity GmbH-Patric Lenhart, Paul Arndt, Jana von Wedel, Christian Beul, Jan Weldert
  • Technical Paper
  • 2020-01-0144
To be published on 2020-04-14 by SAE International in United States
For an established development process and a team accustomed to this process, adding security features to the product initially means inconvenience and reduced productivity. Due to the progression towards a modern information society, connectivity is becoming a vital part of more and more systems. Increased connectivity especially of embedded devices and a rise of cyber-attacks lead to more risks which need to be acknowledged during the respective development processes to fulfil customers’ expectations. Dealing with these risks requires adapting development processes to take Cybersecurity into account. This introduces challenges not present in engineering divisions so far and strategies designed to deal with these challenges differ in the way in which added duties are assigned and security topics are integrated into the already existing process steps. Security requirements often clash with existing system requirements or established development methods and their importance is not easily understood. Due to this fact, their acceptance amongst developers can be low, making it even more important to have clear policies how differences between security and other fields are handled. Also, the…
   This content is not included in your SAE MOBILUS subscription, or you are not logged in.

Enriching systems theory based cyber-security and safety analysis using stakeholder value networks

MIT-Allen Moulton
Zenuity AB-Amardeep Sidhu
  • Technical Paper
  • 2020-01-0143
To be published on 2020-04-14 by SAE International in United States
System-theoretic process analysis for security (STPA-Sec) is a powerful safety and security analysis method that focuses on unsafe and unsecure interactions between subsystems rather than component failure and its resulting chain-of-event failure modes. The first step of STPA-Sec requires the analyst to identify the system boundary and list the system losses and hazards. Current approach to performing this first and critical step of STPA-Sec requires interviewing the stakeholders and could potentially result in a narrow focus due to stakeholder’s mental model and resulting answers to questions. In some cases, stakeholders are not available for interviews and we risk influencing the system loss identification by the mental model of the analyst. We believe these two potential issues in the STPA-Sec analysis: narrow focus, and missing access to stakeholder can be address by factoring additional system information through stakeholder analysis. To illustrate the benefit of this approach a mining system with autonomous haul trucks is considered. Stakeholders in the mining system are identified and then classified based on the role that they play in the expected emergent…
   This content is not included in your SAE MOBILUS subscription, or you are not logged in.

An Integrated View on Automotive SPICE, Functional Safety and Cyber-Security

AVL LIST GmbH-Eric Armengaud
Austrian Institute of Technology (AIT)-Christoph Schmittner
  • Technical Paper
  • 2020-01-0145
To be published on 2020-04-14 by SAE International in United States
Automotive domain has seen safety engineering at the forefront of the industry’s priorities for the last decade. Therefore, additional safety engineering efforts, design approaches and well-established safety processes have been stipulated. Today many connected and automated vehicles are available and connectivity features and information sharing is increasingly used. This increases the attractiveness of an attack on vehicles and thus introduces new risks for vehicle cyber-security. Thus, just as safety became a critical part of the development in the late 20th century, the automotive domain must now consider cyber-security as an integral part of the development of modern vehicles. Aware of this fact, the automotive industry has therefore recently taken multiple efforts in designing and producing safe and secure connected and automated vehicles. As the domain geared up for the cyber-security challenges, they leveraged experiences from many other domains, but nevertheless, must face several unique challenges. For that aim, the domain invested efforts in the development of industry standards to tackle automotive cyber-security issues and protect their assets. The joint working group of the standardization organizations…
   This content is not included in your SAE MOBILUS subscription, or you are not logged in.

Event-Triggered Robust Control of an Integrated Motor-Gearbox Powertrain System for a Connected Vehicle under CAN and DOS-Induced Delays

Beihang University-Xu Xiangyang, Zhang Hui
China-Li Xiang
  • Technical Paper
  • 2020-01-5016
To be published on 2020-02-24 by SAE International in United States
This paper deals with an integrated motor-transmission (IMT) speed tracking control of the connected vehicle when there are controller area network (CAN)-induced delays and denial of service (DOS)-induced delays. A connected vehicle equipped with an IMT system may be attacked through the external network. Therefore, there are two delays on the CAN of the connected vehicle, which are CAN-induced and cyber-attack delays. A DOS attack generates huge delays in CAN and even makes the control system invalid. To address this problem, a robust dynamic output-feedback controller of the IMT speed tracking system considering event-triggered detectors resisting CAN-induced delays and DOS-induced delays is designed. The event-triggered detector is used to reduce the CAN-induced network congestion with appropriate event trigger conditions on the controller input and output channels. CAN-induced delays and DOS-induced delays are modeled by polytopic inclusions using the Taylor series expansion. Then, an IMT speed tracking system that considers two delays and takes into account the switching stability of the event-triggered detector, a dynamic output-feedback controller that satisfies the energy-to-peak performance is established. The dynamic…
   This content is not included in your SAE MOBILUS subscription, or you are not logged in.
new

Hardware Protected Security for Ground Vehicles

Vehicle Electrical System Security Committee
  • Ground Vehicle Standard
  • J3101_202002
  • Current
Published 2020-02-10 by SAE International in United States

This document presents a common set of requirements to be implemented in hardware-assisted functions to facilitate security-enhanced applications, to achieve an ideal system for hardware protection for ground vehicle applications.

   This content is not included in your SAE MOBILUS subscription, or you are not logged in.
new

Service Specific Permissions and Security Guidelines for Connected Vehicle Applications

Security Technical Committee
  • Ground Vehicle Standard
  • J2945/5_202002
  • Current
Published 2020-02-05 by SAE International in United States

SAE is developing a number of standards, including the SAE J2945/x and SAE J3161/x series, that specify a set of applications using message sets from the SAE J2735 data dictionary. (“Application” is used here to mean “a collection of activities including interactions between different entities in the service of a collection of related goals and associated with a given IEEE Provider Service Identifier (PSID)”). Authenticity and integrity of the communications for these applications are ensured using digital signatures and IEEE 1609.2 digital certificates, which also indicate the permissions of the senders using Provider Service Identifiers (PSIDs) and Service Specific Permissions (SSPs). The PSID is a globally unique identifier associated with an application specification that unambiguously describes how to build interoperable instances of that application. If the application features multiple activities such that different activities have different security impacts, correspond to different roles, or require different capabilities, then the application specifier should define an SSP data structure such that the contents of the SSP in a given certificate indicate which activities the certificate holder is entitled to carry out.