Your Selections

Cybersecurity
Show Only Newly Added Content My Access Full Text Content

Collections

Complimentary Content
Journal Articles Magazine Articles Open Access TBMG Articles Tech Insights White Papers

File Formats

ePUB (11) HTML (48) PDF (43)

Content Types

Magazine Article (23) Technical Paper (17) Book (16) Professional Development (6) Journal Article (5) Magazine Feature Article (5) Magazine Issue (3) Ground Vehicle Standard (2) Aerospace Standard (1)

Dates

Sectors

Automotive (51) Aerospace (26) Commercial Vehicle (21) Medical (2) Govt/Defense (1)

Topics

Cybersecurity (78) Computer software and hardware (28) Architecture (14) Research and development (12) Vehicle networking (12) Connectivity (11) Risk assessments (11) Risk management (9) Communication protocols (8) Mathematical models (8) Internet of things (IoT) (7) Sensors and actuators (7) Vehicle to vehicle (V2V) (7) Autonomous vehicles (6) Electronic control units (6) Medical equipment and supplies (6) Technical review (6) Collaboration and partnering (5) Cryptography (5) Education and training (5) Hardware (5) Infotainment systems (5) Security systems (5) Wireless communication systems (5) Mobility (4) On-board diagnostics (OBD) (4) Regulations (4) Test procedures (4) Big data (3) Commercial vehicles (3) Communication systems (3) Control systems (3) Documentation (3) Embedded software (3) Energy consumption (3) Product development (3) Safety critical systems (3) Simulation and modeling (3) Supply chain management (3) Systems engineering (3) Systems management (3) Vehicle to grid (V2G) (3) Active safety systems (2) Aircraft (2) Avionics (2) Cardiovascular system (2) Certification (2) Commercial aircraft (2) Diagnosis (2) Driver assistance systems (2)

Authors

Costlow, Terry (3) Koepsel, Kirsten M. (2) Shuttleworth, Jennifer (2) Ward, David (2) Armengaud, Eric (1) Arndt, Paul (1) Baker, Arlen (1) Bechler, Marc (1) Ben David, Tal (1) Bochow, Bernd (1) Bosworth, Seymour (1) Brenner, Eugen (1) Buchholz, Kami (1) Bulgakov, Nickolay (1) Chan, Wai Keung (1) Chen, Qi (1) Czerny, Barbara J. (1) Daily, Jeremy (1) Dannebaum, Udo (1) Delgrossi, Luca (1) Economou, John (1) Emmelmann, Marc (1) Felix, Rodrigo (1) Freiwald, Axel (1) Frith, Bob (1) Fujikura, Toshiyuki (1) Gamble, Rose (1) Girimonte, Sam (1) Gowri, Krishnan (1) Gregg, Michael (1) Gritsuk, Igor V. (1) Gui, Kok Cheng (1) Halliwell, John (1) Harel, Assaf (1) Harris, Paul (1) Harry, Evan (1) Hartenstein, Hannes (1) Heidt, Laurent (1) Hirschler, Bernd (1) Hu, Qiang (1) Hwang, Gunn (1) Ibarra, Ireri (1) Iyer, Gopalakrishnan (1) Jakovljevic, Mirko (1) Johnson, James (1) Kabay, M. E. (1) Kashani, Ameer (1) Kawabata, Takeshi (1) Kellum, Christopher (1) Kim, Dae-Kyoo (1)

Publishers

SAE (41) TBMG (16) Wiley (11) ABOUT (1) CTEA (1) NOSTARCH (1)

Affiliations

Chrysler Group LLC (2) AUDI AG (1) AVL List GmbH (1) Baylor University (1) Colorado State University (1) Corporate Research & Development Center, Toshiba Corporation (1) Cranfield Univ. (1) DENSO Corporation (1) DENSO International America Inc (1) DENSO International America Inc. (1) Donbas National Academy of Civil Engineering & Architecture (1) dSPACE (1) EPRI (1) Ford Motor Co. (1) Ford Motor Company (1) General Motors Company (1) Graz University of Technology (1) Grenoble Institute of Technology (1) HORIBA MIRA Ltd (1) HP Chemie Pelzer Ltd. (1) I.S.C.N. GesmbH/LTD (1) Infineon Technologies (1) Infineon Technologies AG (1) Infineon Technologies AG Germany (1) Infineon Technologies Korea Co., Ltd. (1) INVENSITY GmbH (1) Karamba Security (1) Kharkiv National Auto and Highway University (1) Kharkov National Auto and Highway University (1) Kherson State Maritime Academy (1) MIRA Ltd (1) Motorola, Inc. (1) Nagoya University (1) National Aerospace University (1) National Transport University (NTU) (1) Nissan Technical Center NA Inc. (1) Oakland University (1) Pacific Northwest National Laboratory (1) SAE Industry Technologies Consortia (1) Synercon Technologies (1) Tongji Univ (1) Tongji University (1) Toyota InfoTechnology Center USA (1) TTTech (1) TTTech. Computertechnik AG (1) University of Tulsa (1) Wind River Systems (1) Yocum Communications (1)

Committees

Hybrid - EV Committee (1) PNT Position, Navigation, and Timing (1) Vehicle E E System Diagnostic Standards Committee (1)

Events

WCX World Congress Experience (5) WCX™ 17: SAE World Congress Experience (4) SAE 2013 World Congress & Exhibition (2) 1998 International Congress on Transportation Electronics (1) Aerospace Systems and Technology Conference (1) AeroTech Congress & Exhibition (1) Intelligent and Connected Vehicles Symposium (1) Noise and Vibration Conference and Exhibition (1) SAE 2011 World Congress & Exhibition (1) SAE 2014 Aerospace Systems and Technology Conference (1) SAE 2016 Brake Colloquium & Exhibition - 34th Annual (1) SAE 2016 Commercial Vehicle Engineering Congress (1) SAE 2016 World Congress and Exhibition (1)

Magazine

Automotive Engineering® (7) Truck & Off-Highway Engineering™ (2) MOMENTUM The Magazine for Student Members of SAE International® (1) MOMENTUM, The Magazine for Student Members of SAE International® (1) Off-Highway Engineering® (1)

Cyber Security Enhancements for a Safety-Critical Avionics Platform

  • Wind River Systems - Arlen Baker, Paul Parkinson
  • Technical Paper
  • 2018-01-1940
To be published on 2018-10-30 by SAE International in United States
Safety-critical software standards and processes for avionics software have facilitated the development and deployment of safety-critical software in avionics systems on many civil and military aircraft. Historically, these avionics systems have often been isolated from external security threats through physical isolation or air-gap security. The evolution of airborne networking, and increased network connectivity through satellite broadband to aircraft and the advent of the Internet of Things (IoT) means that avionics systems now need to be developed with both safety and security in mind. In this paper, we discuss the role of avionics security standards RTCA DO-326A, DO-355 and DO-356 and their impact on the development of safety-critical avionics systems, and their on-going assurance post deployment. In addition, we present a case study in relation to the security enhancement of an ARINC 653-compliant avionics software platform to address specific Confidentiality, Integrity and Availability requirements, and the implementation approach undertaken using Secure Boot, AES encryption, Digital Signature Verification and other techniques.
new

Introduction to Car Hacking with CANbus

  • Professional Development
  • C1857
Published 2018-08-02
Vehicle cybersecurity vulnerabilities could impact a vehicle's safe operation. Therefore, engineers should ensure that systems are designed free of unreasonable risks to motor vehicle safety, including those that may result due to existence of potential cybersecurity vulnerabilities. The automotive industry is making vehicle cybersecurity an organizational priority. Prioritizing vehicle cybersecurity also means learning about vehicle hacking techniques in order to ensure that systems will be reasonably safe under expected real-world conditions, including those that may arise due to potential vehicle cybersecurity vulnerabilities from hacking the CAN communications or OBD-II interface. The automotive cybersecurity environment is dynamic and is expected to change continually and, at times, rapidly. Developing a basic understanding of car hacking can provide a good foundation for developing approaches to vehicle cybersecurity. Attendees will be introduced to modern automotive in-vehicle communication networks, the CAN communications protocol and the OBD-II interface threat models, hacking into the OBD-II diagnostics interface, ECU cracking, and vehicle network cyber penetration testing. This course will cover existing in-vehicle communication protocols and associated vulnerabilities as well as the limitations of…
new

The Aerospace Supply Chain and Cyber Security - Challenges Ahead

  • Kirsten M. Koepsel
  • Book
  • T-133
Published 2018-07-20 by SAE International in United States
The Aerospace Supply Chain and Cyber Security - Challenges Ahead looks at the current state of commercial aviation and cyber security, how information technology and its attractiveness to cyber attacks is affecting it, and the way supply chains have become a vital part of the industry's cyber-security strategy.More than ever before, commercial aviation relies on information and communications technology. Some examples of this include the use of e-tickets by passengers, electronic flight bags by pilots, wireless web access in flight, not to mention the thousands of sensors throughout the aircraft constantly gathering and sharing data with the crew on the ground.The same way technology opens the doors for speed, efficiency and convenience, it also offers the unintended opportunity for malicious cyber attacks, with threat agents becoming bolder and choosing any possible apertures to breach security. Supply chains are now being seriously targeted as a pathway to the vital core of organizations around the world.Written in a direct and informative way, The Aerospace Supply Chain and Cyber Security - Challenges Ahead discusses the importance of deeply…
new

Instructions for Using Plug-In Electric Vehicle (PEV) Communications, Interoperability and Security Documents

  • Ground Vehicle Standard
  • J2836_201807
  • Current
Published 2018-07-18 by SAE International in United States
This SAE Information Report J2836 establishes the instructions for the documents required for the variety of potential functions for PEV communications, energy transfer options, interoperability and security. This includes the history, current status and future plans for migrating through these documents created in the Hybrid Communication and Interoperability Task Force, based on functional objective (e.g., (1) if I want to do V2G with an off-board inverter, what documents and items within them do I need, (2) What do we intend for V3 of SAE J2953, …).

Passive Hardware Considerations for Medical Body Area Network Transceivers

  • Magazine Article
  • TBMG-29112
Published 2018-06-01 by Tech Briefs Media Group in United States
In hospitals and healthcare institutions, the sheer amount of patient metrics to track for the staff of doctors and nurses can be been a point of contention. Lawsuits based on the grounds of negligence are a risk that all healthcare practitioners take. Furthermore, there is an estimated 200,000 patients that die in the United States annually from medical errors. 1 Introducing wireless patient monitoring in these environments can potentially mitigate the risks that are innately involved in an environment geared at treatment and maintenance of sick people. There is always the potential for cyberattacks, but the rewards may outweigh the risks. Wired technologies limit patient mobility, increase the difficulty in transporting patients, and often introduce significant delays and hassle for the caregiver in arranging the cables.

A Centrally Managed Identity-Anonymized CAN Communication System*

  • Corporate Research & Development Center, Toshiba Corporation - Zhengfan Xia, Yuichi Komano, Takeshi Kawabata, Hideo Shimizu
  • Journal Article
  • 11-01-01-0002
Published 2018-05-16 by SAE International in United States
Identity-Anonymized CAN (IA-CAN) protocol is a secure CAN protocol, which provides the sender authentication by inserting a secret sequence of anonymous IDs (A-IDs) shared among the communication nodes. To prevent malicious attacks from the IA-CAN protocol, a secure and robust system error recovery mechanism is required. This article presents a central management method of IA-CAN, named the IA-CAN with a global A-ID, where a gateway plays a central role in the session initiation and system error recovery. Each ECU self-diagnoses the system errors, and (if an error happens) it automatically resynchronizes its A-ID generation by acquiring the recovery information from the gateway. We prototype both a hardware version of an IA-CAN controller and a system for the IA-CAN with a global A-ID using the controller to verify our concept.

Requirements for a Terrestrial Based Positioning, Navigation, and Timing (PNT) System to Improve Navigation Solutions and Ensure Critical Infrastructure Security

  • Aerospace Standard
  • SAE6857
  • Current
Published 2018-04-24 by SAE International in United States
This Recommended Practice defines the technical requirements for a terrestrial-based PNT system to improve vehicle (e.g., unmanned, aerial, ground, maritime) positioning/navigation solutions and ensure critical infrastructure security, complementing GNSS technologies.

Mitigating Unknown Cybersecurity Threats in Performance Constrained Electronic Control Units

  • Karamba Security - Assaf Harel, Tal Ben David
  • DENSO International America Inc. - Ameer Kashani
  • Show More
Published 2018-04-03 by SAE International in United States
Externally-connected Electronic Control Units (ECUs) contain millions of lines of code, which may contain security vulnerabilities. Hackers may exploit these vulnerabilities to gain code execution privileges, which affect public safety. Traditional Cybersecurity solutions fall short in meeting automotive ECU constraints such as zero false positives, intermittent connectivity, and low performance impact. A desirable solution would be deterministic, require minimum resources, and protect against known and unknown security threats. We integrated Autonomous Security on a BeagleBone Black (BBB) system to evaluate the feasibility of mitigating Cybersecurity risks against potential threats. We identified key metrics that should be measured, such as level of security, ease of integration and system performance impact. In this paper, we describe the integration and evaluation process and present its results. We show that Autonomous Security can provide this protection with zero false-positives while meeting automotive constraints.

Security Mechanisms Design for In-Vehicle Network Gateway

  • Tongji University - Feng Luo, Qiang Hu
Published 2018-04-03 by SAE International in United States
In the automotive network architecture, the basic functions of gateway include routing, diagnostic, network management and so on. With the rapid development of connected vehicles, the cybersecurity has become an important topic in the automotive network. A spoof ECU can be used to hack the automotive network. In order to prevent the in-vehicle networks from attacking, the automotive gateway is an important part of the security architecture. A secure gateway should be able to authenticate the connected ECU and control the access to the critical network domain. The data and signals transferred between gateway and ECUs should be protected to against wiretap attacking. The purpose of this paper is to design a secure gateway for in-vehicle networks. In this paper, the designing process of the automotive secure gateway is presented. Based on the threat analysis, security requirements for automotive gateway are defined. Secure communication, key master, and firewall are proposed as the security mechanisms to protect the automotive gateway. Secure communication mechanisms contain the message authentication and data encryption. Key master is a gateway function to distribute and update the keys for the secure communication of connected ECUs. Firewall based on message filter is designed to isolate the untrusted network domain and trusted network domain. The security functions of the automotive gateway are validated in a simulated attacking environment. A microcontroller with HSM is used to implement the secure gateway. Considering the influences of security mechanisms, the network latency is tested and the results have proved the secure gateway is effective and efficient.

Safe and Secure Development: Challenges and Opportunities

  • INVENSITY GmbH - Jana Karina von Wedel, Paul Arndt
Published 2018-04-03 by SAE International in United States
The ever-increasing complexity and connectivity of driver assist functions pose challenges for both Functional Safety and Cyber Security. Several of these challenges arise not only due to the new functionalities themselves but due to numerous interdependencies between safety and security. Safety and security goals can conflict, safety mechanisms might be intentionally triggered by attackers to impact functionality negatively, or mechanisms can compete for limited resources like processing power or memory to name just some conflict potentials. But there is also the potential for synergies, both in the implementation as well as during the development. For example, both disciplines require mechanisms to check data integrity, are concerned with freedom from interference and require architecture based analyses. So far there is no consensus in the industry on how to best deal with these interdependencies in automotive development projects. SAE J3061 introduces a process framework for Cyber Security development that is intentionally very similar to that for Functional Safety as defined in ISO 26262. While these parallel frameworks help to identify interdependencies and show that aligned processes are possible, a joint process seems unreasonable due to the vastly different implementation frameworks and methods. Using concrete examples, we show problems that can arise if Functional Safety and Cyber Security processes are not properly aligned and integrated into the overall development process. Based on this we then propose steps towards coordinated safety and security processes that can prevent such problems and show how such an approach at the same time allows to benefit from synergies.