Browse Topic: Cryptography
Cybersecurity, particularly in the automotive sector, is of paramount importance in today’s digital age. With the advent of connected commercial vehicles, which leverage telematics for efficient fleet management, the landscape of automotive cybersecurity is rapidly evolving. These vehicles, integral to logistics and transportation businesses, are becoming increasingly connected, thereby escalating the risks associated with cybersecurity threats. These commercial vehicles are becoming prime targets for cyber-attacks due to their connectivity and the valuable data they hold. The potential consequences of these cyber-attacks can range from data breaches to disruptions in fleet operations, and even safety risks. This paper analyses the unique challenges faced by the commercial vehicle sector, such as the need for robust telematics systems, secure communication channels, and stringent data protection measures. Case studies of notable cybersecurity incidents involving commercial vehicles are
ABSTRACT Currently there is no method to ensure that the software loaded on a vehicle has been compromised at the software level. Common practice is to use physical port security to secure all network and data bus connection points with physical devices requiring tool, keys, or damage to tamper evident devices to prevent, inhibit, or discourage unauthorized connection; turn off access to the ports in the BIOS and password protect the BIOS. As well as give non-admin access to user accounts and password protect the operating systems. All these countermeasures help to prevent access but there is no way to tell if the software was compromised if not detected by these methods. Blockchain technology ensures that the software has not been compromised by comparing a hash generated at start up and comparing it to the distributed ledger. This technology helps to bring Warfighter technology into the future
Abstract New technological advancements call for innovative cybersecurity assurance measures in preventing increased vulnerabilities through cyber-attacks and cyber warfare. Current encryption processes are no longer failsafe in secure data management architectures, especially with accessibility to Advanced Encryption Algorithms (AES). Through new technological advancements, including informational technology architectures and autonomous vehicle implementation, it is imperative to provide new paradigms of security against cybersecurity breaches. In all realms of data usage, including the development of the Next Generation of military vehicles, the demand for significant preventative measures in cybersecurity assurance has dramatically increased. The matter of advanced need in cybersecurity can be established through the use of MicroToken Exchange™ (MTE). By way of MicroToken Exchange, it is possible to provide an additional robust layer of security that allows the right data, as well
ABSTRACT The demand for mobile, secure communications has been and will continue to be a fundamental requirement for dismounted, urban and distributed operations in the field. It is imperative that soldiers on the front lines receive actionable information in a timely, secured and uninterrupted manner to increase force protection and effectiveness. In this paper, we describe a novel, high technical maturity (TRL 8+) communications link that offers the mounted and dismounted soldier secure, beyond line of sight, encrypted capability for weapons control and command & control of multiple platforms. An innovative spread spectrum waveform was designed from the ground up to deliver necessary functionality for reliable communications amongst multiple nodes with a data rate and range commensurate with battlefield scenarios
ABSTRACT Bitcoin and other digital currencies utilize blockchain. Blockchain, in summary, is a collection of blocks. Within each block is a collection of transactions. Each computer (node) has the same list of blocks and transactions, which they can see as the blocks are filled with the transactions. While this is the traditional application experienced, there are other applications relevant to cybersecurity. As part of the blockchain technology, the nodes are responsible for decision-making. The blockchain technology may be used for this function in these systems. In adjusting the data flow, this is an option to increase the cybersecurity for a complete system. This addition to the cybersecurity system provides a clear benefit. Citation: Parker, C., “Blockchain Vehicle Applications and Cybersecurity: An Appropriate Use or Use Appropriately?”, In Proceedings of the Ground Vehicle Systems Engineering and Technology Symposium (GVSETS), NDIA, Novi, MI, August 10, 2021
Data encryption is an essential part of keeping patient information private. It’s also remained relatively unchanged in recent decades — a rarity for anything in the cybersecurity space. The dawn of quantum computing will change that
Aerospace is an industry where competition is high and the need to ensure safety and security while managing costs is foremost. Stakeholders, who gain the most by working together, do not necessarily trust each other. Changing backbone technologies that drive enterprise systems and secure historical records does not happen quickly (if at all). At best, businesses adapt incrementally, building customized applications on top of legacy systems. The complexity of these legacy systems leads to duplication of efforts and data storage, making them very inefficient. Technology that augments, rather than replaces, is needed to transform these complex systems into efficient, digital processes. Blockchain technology offers collaborative opportunities for solving some of the data problems that have long challenged the aerospace industry. The industry has been slow to adopt the technology even though experts agree that it has real potential to revolutionize the global supply chain—including
The University of Detroit Mercy Vehicle Cyber Engineering (VCE) Laboratory together with The University of Arizona is supporting Secure Vehicle Embedded Systems research work and course projects. The University of Detroit Mercy VCE Laboratory has established several testbeds to cover experimental techniques to ensure the security of an embedded design that includes: data isolation, memory protection, virtual memory, secure scheduling, access control and capabilities, hypervisors and system virtualization, input/output virtualization, embedded cryptography implementation, authentication and access control, hacking techniques, malware, trusted computing, intrusion detection systems, cryptography, programming security and secure software/firmware updates. The VCE Laboratory testbeds are connected with an Amazon Web Services (AWS) cloud-based Cyber-security Labs as a Service (CLaaS) system, which allows students and researchers to access the testbeds from any place that has a secure
More than half a century has passed since the birth of quantum signal detection theory, which is the cornerstone of modern quantum communication theory. Quantum stream cipher, the quantum-noise-based direct encryption scheme for optical communications at the center of our research, is based on the foundations of quantum communication theory. For quantum cryptography to progress from a theoretical possibility to a more realistic technology, experimental and theoretical research must be complementary
CAN bus network proved to be efficient and dynamic for small compact cars as well as heavy-duty vehicles (HDV). However, HDVs are more susceptible to malicious attacks due to lack of security in their intra-vehicle communication protocols. SAE proposed a new standard named J1939-91C for CAN-FD networks which provides methods for establishing trust and securing mutual messages with optional encryption. J1939-91C ensures message authenticity, integrity, and confidentiality by implementing complex cryptographic operations including hash functions and random key generation. In this paper, the three main phases of J1939-91C, i.e., Network Formation, Rekeying, and Message Exchange, are simulated and tested on Electronic Control Units (ECUs) supporting CAN-FD network. Numerous test vectors were generated and validated to support SAE J1939-91C. The mentioned vectors were produced by simulating different encryption and hashing algorithms with variable message and key lengths. Moreover, the
The new generation vehicles these days are managed by networked controllers. A large portion of the networks is planned with more security which has recently roused researchers to exhibit various attacks against the system. This paper talks about the liabilities of the Controller Area Network (CAN) inside In-vehicle communication protocol and a few potentials that could take due advantage of it. Moreover, this paper presents a few security measures proposed in the present examination status to defeat the attacks. In any case, the fundamental objective of this paper is to feature a comprehensive methodology known as Intrusion Detection System (IDS), which has been a significant device in getting network data in systems over many years. To the best of our insight, there is no recorded writing on a through outline of IDS execution explicitly in the CAN transport network system. Therefore, we proposed a top-down examination of IDS through a write-up based on the following perspectives
The global big data market had a revenue of $162.6 billion in 2021.1 Data is becoming more valuable to companies than gold. However, this data has been used, historically, without contributors’ informed consent and without them seeing a penny from the discoveries the data led to. This article discusses how non-fungible tokens (NFTs) can provide a helpful tool for pharmaceutical companies to track contributed data and compensate contributors accordingly. NFTs are unique, untradable cryptographic assets that can be tracked on a blockchain. NFTs provide a unique traceable token that cannot be replicated, providing a perfect tool to store biodata. The term biodata refers to details regarding a patient’s history and behavioral patterns
A powerful new generation of test and sim solutions aims to address specific security concerns associated with automotive designs. Today's vehicle is a mobile computer growing in complexity. From infotainment systems to propulsion, to advanced driver assistance systems (ADAS) and autonomous vehicles (AV), computers now drive how automobiles and trucks are designed, how they operate and how they're increasingly connected. For that reason, the transformation of vehicles, roadways and cities has created new design considerations for engineers. One aspect that can't be overlooked is cybersecurity and the need for an all-encompassing approach to ensure vehicle safety. A 2019 study conducted by SAE International (in conjunction with Synopsis) highlights the level of angst around securing the advanced technologies designed into automobiles. Eighty-four percent (84%) of survey respondents are concerned that cybersecurity practices are not keeping up with the security landscape. As worrisome
Members of the electric vehicle industry gathered at the National Renewable Energy Laboratory (NREL) in early April to evaluate enhanced cybersecurity for the connections between EVs and charging infrastructure. As more EVs enter the market and connect to the electrical grid, potentially exposing cyber vulnerabilities, vehicle security is drawing increased interest. The collaborative event supports a two-year project led by SAE International to strengthen EV cybersecurity through wide industry engagement on pre-competitive research and technology prototyping in the EV charging space. The event, held at NREL's Golden, Colorado Energy Systems Integration Facility, was organized to evaluate the application of public key infrastructure (PKI) - a method for encrypting information exchange and certifying the trusted authenticity of devices - to help protect the connection between vehicles and charging stations. Although PKI had been adopted for many industries, this kind of authentication
Security in encrypted communication is a top priority because of our highly connected and mobile society’s increasing reliance on the internet. Engineers at Department of Electrical Engineering and Computer Science and the Research Laboratory of Electronics, MIT, have developed a new protocol for high-speed communication between two parties with security vouchsafed by the laws of quantum physics. The protocol can also be used to distribute cryptographic keys, as in quantum key distribution (QKD) at much higher secure key rates than existing QKD methods
The critical role of spectrum superiority in the success of battlefield campaigns is evidenced by the enormous investments being made in electronic warfare (EW) capabilities by governments worldwide. Communication technologies, such as 5G, are quickly being adopted by militaries in an attempt to satisfy the demand for exponentially larger amounts of data transmission in a shorter period of time. As quickly as secure communication strategies are being developed to encrypt mission critical data, so too are the technologies used to detect, decode, and disrupt such communications. The security and integrity of critical communications is of the utmost importance as the world progresses towards an increasingly networked theater of operations. The militaries of the world appear to be in widespread agreement that the critical communication infrastructure of tomorrow's battlefields need to be: Rapidly deployable and reconfigurable for mission readiness. Designed for minimal spectral footprint
The critical role of spectrum superiority in the success of battlefield campaigns is evidenced by the enormous investments being made in electronic warfare (EW) capabilities by governments worldwide. Communication technologies, such as 5G, are quickly being adopted by militaries in an attempt to satisfy the demand for exponentially larger amounts of data transmission in a shorter period of time. As quickly as secure communication strategies are being developed to encrypt mission critical data, so too are the technologies used to detect, decode, and disrupt such communications. The security and integrity of critical communications is of the utmost importance as the world progresses towards an increasingly networked theater of operations
Curtiss-Wright Defense Solutions Ashburn, VA 703-779-7800
The current automotive electronic and electrical (EE) architecture has reached a scalability limit and in order to adapt to the new and upcoming requirements, novel automotive EE architectures are currently being investigated to support: a) an Ethernet backbone, b) consolidation of hardware capabilities leading to a centralized architecture from an existing distributed architecture, c) optimization of wiring to reduce cost, and d) adaptation of service-oriented software architectures. These requirements lead to the development of Zonal EE architectures as a possible solution that require appropriate adaptation of used security mechanisms and the corresponding utilized hardware trust anchors. 1 The current architecture approaches (ECU internal and in-vehicle networking) are being pushed to their limits, simultaneously, the current embedded security solutions also seem to reveal their limitations due to an increase in connectivity. In conjunction with an increasing number of related laws
To help address the issue of message authentication on the Controller Area Network (CAN) bus, researchers at Virginia Tech and Ford Motor Company have developed a proof-of-concept time-evolving watermark-based authentication mechanism that offers robust, cryptographically controlled confirmation of a CAN message's authenticity. This watermark is injected as a common-mode signal on both CAN-HI and CAN-LO bus voltages and has been proven using a low-cost software-defined radio (SDR) testbed. This paper extends prior analysis on the design and proof-of-concept to consider robustness testing over the range of voltages, both steady state drifts and transients, as are commonly witnessed within a vehicle. Overall performance results, along with a dynamic watermark amplitude control, validate the concept as being a practical near-term approach at improving authentication confidence of messages on the CAN bus
Bitcoin and other digital currencies utilize blockchain. Blockchain, in summary, is a collection of blocks. Within each block is a collection of transactions. Each computer (node) has the same list of blocks and transactions, which they can see as the blocks are filled with the transactions. While this is the traditional application experienced, there are other applications relevant to cybersecurity. As part of the blockchain technology, the nodes are responsible for decision-making. The blockchain technology may be used for this function in these systems. In adjusting the data flow, this is an option to increase the cybersecurity for a complete system. This addition to the cybersecurity system provides a clear benefit
Multiple approaches have been created to enhance intra-vehicle communications security over the past three decades since the introduction of the Controller Area Network (CAN) protocol. The twin pair differential-mode communications bus is tremendously robust in the face of interference, yet physical access to the bus offers a variety of potential attack vectors whereby false messages and/or denial of service are achievable. This paper evaluates extensions of a Physical-layer (PHY) common-mode watermark-based authentication technique recently developed to improve authentication on the CAN bus by considering the watermark as a side-channel communications means for high value information. We also propose and analyze higher layer algorithms, with benefits and pitfalls, for employing the watermark as a physical-layer firewall. All of these results are backed by a software-defined radio (SDR) based hardware testbed that verifies backwards compatibility with commercial CAN transceivers and
The advancements of the automotive system in all the aspects from safety to user experience brings never ending list of electronics components into the system. One of the pure critical components in providing the vehicle safety is the digital key or wireless vehicle entry systems. This component is responsible for protecting all the other components of the vehicle and the vehicle itself from thieves and illegal usage of the vehicle. The compromisations of this critical component is equivalent to a compromisations of the entire vehicle along with some legal implications on the vehicle owner. There are numerous additional systems in automotive electronics which enhances the security of the critical, digital key/wireless vehicle entry system in protecting the vehicles from attackers. However, there is no component available in the market which does user/owner authentication considering its impact and criticality on both the vehicle and its owner. Either the lost key or the stolen key in
The internet of things (IoT) is no stranger to most of us at this point. IoT devices can be seen as belonging either to the consumer, medical, or industrial markets. Whether the device is a video doorbell, an insulin pump, or an industrial sensor, the user will face two significant challenges: 1) getting the device physically/logically connected to the network and 2) making sure that the device has the proper credentials to enable it to interoperate with other devices on the same network or with the server(s) that are expected to collect the device's data. These challenges can be largely grouped into a process known as provisioning
FPGAs are devices programmed using languages and methodologies originally developed for describing the circuit layouts used in today’s integrated circuits. As such, they are well suited for applications involving bit manipulations performed on a continuous stream of data. However, their general applicability to HPC applications is open to debate
To find out about the impact of 5G mobile broadband service on the IoT/IIoT, I interviewed Jai Suri, Vice President, IoT and Blockchain Applications Development, Oracle, and Mike Anderson, Embedded Systems Architect, and consultant in the aerospace industry. I asked them if we are close to bringing 5G to industry or whether other applications will likely come first. According to them both, it’s complicated
The lack of traceability in today’s supply-chain system for auto components makes counterfeiting a significant problem leading to millions of dollars of lost revenue every year and putting the lives of customers at risk. Traditional solutions are usually built upon hardware such as radio-frequency identification (RFID) tags and barcodes, and these solutions cannot stop attacks from supply-chain (insider) parties themselves as they can simply duplicate products in their local database. This industry-academia collaborative work studies the benefits and challenges associated with the use of distributed ledger (or blockchain) technology toward preventing counterfeiting in the presence of malicious supply-chain parties. We illustrate that the provision of a distributed and append-only ledger jointly governed by supply-chain parties themselves makes permissioned blockchains such as Hyperledger Fabric a promising approach toward mitigating counterfeiting. Meanwhile, we demonstrate that the
Items per page:
50
1 – 50 of 123