Browse Topic: Cybersecurity

Items (603)
Find
An Efficient Approach to Key Negotiation in an Automotive Environment2026-01-0087To be published on 04/07/2026
Negotiating Keys for applications such as message authentication within a vehicle presents many problems as, in designing the algorithm; the algorithm must be able to be utilized by small, fixed-point processors. In addition, if there is a desire to do this algorithm in the manufacturing environment, there are severe time constraints placed on how long this algorithm can take, as there are strict station time requirements, which are expensive to change, and any time utilized in the plant can negatively affect vehicle throughput. Additionally, negotiating these keys between many ECUs can greatly increase the time required to negotiate a common key using standard multi-party Diffie-Hellman. Timing would also be an issue in the case of using pair-wise Diffie-Hellman for encryption and distribution of keys utilizing a key master. To solve these problems in multi-party key negotiation, we have utilized the Elliptic Curve variation of the Burmester-Desmedt (ECBD) algorithm. ECBD is
Van Dam, TheoMazzara, Bill
Collaborative Cybersecurity in a Shifting Automotive Supply Chain2026-01-0084To be published on 04/07/2026
The evolution toward software-defined vehicles (SDVs) is causing disruption to the traditional automotive supply chain and breaking down the common hierarchical OEM, tier 1 supplier, and tier 2 supplier relationships. With demands for faster software release cycles, more advanced software projects involving multi-party development, and considerations for end-to-end embedded and cloud integrations, new cybersecurity challenges are introduced that no single organization can address alone. Thus, this disruption creates new trust dependencies and requires new models for collaboration, transparency, and joint responsibility in cybersecurity. This paper presents a collaborative cybersecurity model, emphasizing shared responsibility during multi-party development between OEMs, tier 1 and 2 suppliers, engineering services organizations, and technology and services providers. As such, we explore collaborative approaches for each stage in the development lifecycle including design, development
Oka, Dennis KengoVinzenz, Nico
Mitigation of Sensor-Level Cyber-Physical Attacks on Electric Vehicle Powertrains: A Simulation-Based Study2026-01-0091To be published on 04/07/2026
Electric vehicles (EVs) rely extensively on sensor feedback for safe and efficient powertrain operation. However, this dependency introduces cyber-physical vulnerabilities, especially when sensor signals are maliciously manipulated. This paper presents a simulation-based investigation into sensor-level cyberattacks on a mid-sized EV powertrain model developed in MATLAB/Simulink. The study quantifies mechanical consequences and evaluates mitigation strategies to enhance system resilience. Four representative attack scenarios were simulated. Speed sensor spoofing led the controller to misinterpret vehicle velocity, causing a 41% overshoot beyond the 50 km/h setpoint. False data injection into torque/current sensors triggered an unintended torque surge of approximately 20%, resulting in inverter current saturation within 2 seconds. Battery temperature spoofing delayed thermal protection, allowing a deviation of 1.5 °C/min beyond safe operating limits. A hybrid attack combining frozen
Tariq, UsamaSahandabadi, SaherehDianat, Ali
The New Era for Automotive Cybersecurity An Opportunity for Standardization of Automotive Cybersecurity2026-01-0086To be published on 04/07/2026
The automotive industry is moving from a reactive, self-determined approach to cybersecurity to a standardized, regulated one. This document, an update on collaborative work from the SAE TEVEES18B Committee and GlobalPlatform Automotive Task Force, outlines this transition. In the past, cybersecurity challenges in the automotive industry were seen as novel, and each company handled them individually. This era was characterized by self-determination of security mitigations and a unique justification for solutions. Companies often developed cybersecurity concepts based on past incidents and their own risk tolerance. A key tool during this time was the TARA (Threat Analysis and Risk Assessment), which organizations used to justify their security concepts or lack thereof. This led to company-specific policies and a lack of a global standard. The result was a fragmented market where every new project required a novel cybersecurity concept, hindering the development of a robust market for
Mazzara, BillRawlings, Craig
The cure for overgrown process garden or why engineers have given up with ASPICE.2026-01-0067To be published on 04/07/2026
The useability of development processes in automotive decreased in the past years to a level at which their application and being able to benefit from them are questionable. Such degradation can be attributed to new additions to the processes and introduction of FUSA and Cybersecurity standards. The processes try to keep up with the shift from “plan-implement- test-roll out” to more agile methods. In addition, process departments, in charge of these processes, did not target the engineers as users of these processes, they focused on the compliance of processes and the assessor in the assessment. Due to reasons mentioned above, processes have grown in size and complexity which creates unnecessary overhead and forces the usage of complex tools to handle this overhead. Furthermore, the language of this process is written mostly in the language of the assessor, making them hard to understand for an average engineer. As a result, engineers are annoyed in their daily work and are not as
Weber, MatthiasKmiec, MateuszRomijn, MarcelNedkov, Detelin
Securing the AI-Driven Vehicle: A Hardware-Based Security Framework for Scalable, Trustworthy Autonomy2026-01-0085To be published on 04/07/2026
Autonomous driving technology in modern vehicles marks a pivotal evolution in transportation, but it may also introduce system-level vulnerabilities that span from tampering with sensors and interfaces to compromising compute units and communication links. This paper proposes a unified, layered hardware security architecture for AI-equipped automated vehicles. Based on current automotive Ethernet and zonal architectures, it provides end-to-end trust using hardware interface security, accelerated-cryptography, and SRAM PUF-based key provisioning. All security primitives are anchored to a hardware root of trust, delivering cryptographic identity, secure boot enforcement, and trusted key storage across the entire vehicle lifecycle. Our architectural assumptions follow the direction ISO 26262, ISO/SAE 21434 and AI development mandates for next-generation SAE Level 3+ vehicles using zonal Ethernet backbones, Time-Sensitive Networking (TSN), and heterogeneous compute islands (e.g., vision
C Suriyanarayanan, PavIacob, Radu
Implementation and evaluation of a method to defend in-vehicle networks using SAE J1939-91C to authenticate network messages between multiple ECUs.2026-01-0092To be published on 04/07/2026
The objective of this paper is to understand the effort required to integrate the hardware and software of in-vehicle cybersecurity systems. The in-vehicle cybersecurity method discussed is the SAE J1939-91C, which involves Network formation, Rekeying, and secure Message Exchange between Electronic Control Units (ECUs). The SAE J1939-91C network security protocol operates over a CAN-FD network to perform necessary cryptographic operations and key generation. To evaluate the method, test vectors were created to validate SAE J1939-91C key generations and cryptographic operations on the simulated ECU in-vehicle network system hardware. The evaluation results provide a benchmark for network system performance that can be used in a system test bench to assess compliance with the SAE J1939-91C standard and to test the standard's effectiveness in ambiguous edge cases. In the future, this benchmark could be utilized in "Plugtests" to assign test scores to non-uniform SAE J1939-91C
Zachos, MarkMedam, Krishna Teja
A Cloud-Native Testing-as-a-Service (TaaS) Framework for Safety-Compliant Verification of Automotive Software.2026-01-0192To be published on 04/07/2026
The rapid shift toward Software-Defined Vehicles (SDVs) is driving an unprecedented rise in the complexity of automotive software. At the same time, compliance with functional safety standards such as ISO 26262 and cybersecurity standards such as ISO/SAE 21434 has become non-negotiable. These pressures expose significant gaps in the current verification and validation (V&V) practices. Today, many organizations rely on costly proprietary cloud ecosystems or heavily instrumented on-premises Hardware-in-the-Loop (HIL) labs. While effective in certain contexts, these methods are capital-intensive, difficult to scale, and often lead to fragmented compliance workflows. Most critically, they fall short of delivering a unified, traceable process that aligns seamlessly with Automotive SPICE requirements, particularly SWE.4 (Software Unit Verification), SWE.5 (Software Integration Testing), and SWE.6 (Software Qualification Testing). This paper proposes a cloud-native Testing-as-a-Service (TaaS
Venkatesan, RaghulPogulakonda, MeghnaDaware, Kartik
Achieving Reliability, Safety & Security in SDV OS Architecture2026-28-01222/12/2026
Software-defined vehicles are those whose functionalities and features are primarily governed by software, thus allowing continuous updates, upgrades, and the introduction of new capabilities throughout their lifecycle. This shift from hardware-centric to software-driven architectures is a major transformation that reshapes not only product development and operational strategies but also business models in the automotive industry. An SDV operating system provides the base platform to manage vehicle software and enable those advanced functionalities. Unlike traditional embedded or general-purpose operating systems, it is designed to meet the particular demands of modern automotive architectures. Reliability, safety, and security become crucial because even minor faults may have serious consequences. Key challenges to be handled by the SDV OS include how to handle software bugs, perform real-time processing, address functional safety and SOTIF compliance, adhere to regulations, minimize
Khan, Misbah UllahGupta, Vishal
Quantum Meets Agile: Crypto-Agility for a Post-Quantum World2026-28-01272/12/2026
As the automotive industry transitions toward software-defined vehicles and highly connected ecosystems, cybersecurity is becoming a foundational design requirement. A challenge arises with the advent of quantum computing, which threatens the security of widely deployed cryptographic standards such as RSA and ECC. This paper addresses the need for quantum-resilient security architectures in the automotive domain by introducing a combined approach that leverages Post-Quantum Cryptography (PQC) and crypto-agility. Unlike conventional static cryptographic systems, our approach enables seamless integration and substitution of cryptographic algorithms as standards evolve. Central to this work is the role of Hardware Security Modules (HSMs), which provide secure, tamper-resistant environments for cryptographic operations within vehicles. We present how HSMs can evolve into crypto-agile, quantum-safe platforms capable of supporting both hybrid (RSA/ECC + PQC) and fully post-quantum
Kuntegowda, Jyothi
Automotive Ethernet Proxy-Based Security Architecture in Vehicle Computers2026-28-01212/12/2026
Modern vehicles require sophisticated, secure communication systems to handle the growing complexity of automotive technology. As in-vehicle networks become more integrated with external wireless services, they face increasing cybersecurity vulnerabilities. This paper introduces a specialized Proxy based security architecture designed specifically for Internet Protocol (IP) based communication within vehicles. The framework utilizes proxy servers as security gatekeepers that mediate data exchanges between Electronic Control Units (ECUs) and outside networks. At its foundation, this architecture implements comprehensive traffic management capabilities including filtering, validation, and encryption to ensure only legitimate data traverses the vehicle's internal systems. By embedding proxies within the automotive middleware layer, the framework enables advanced protective measures such as intrusion detection systems, granular access controls, and protected over-the-air (OTA) update
M, ArvindPraneetha, Appana DurgaRemalli, Ravi Teja
Computer Vision Based Driver Health and Wellness Monitoring System: A) Fatigue Detection, B) Emotional Wellbeing2026-26-06391/16/2026
Computer vision has evolved from a supportive driver-assistance tool into a core technology for intelligent, non-intrusive occupant health monitoring in modern vehicles. Leveraging deep learning, edge optimization, and adaptive image processing, this work presents a dual-module Driver Health and Wellness Monitoring System that simultaneously performs fatigue detection and emotional wellbeing assessment using existing in-cabin RGB cameras without requiring additional sensors or intrusive wearables. The fatigue module employs MediaPipe-based facial and skeletal landmark analysis to track Eye Aspect Ratio (EAR), Mouth Aspect Ratio (MAR), head posture, and gaze dynamics, detecting early drowsiness and postural deviations. Adaptive, driver-specific thresholds combined with CAN-bus data fusion minimize false positives, achieving over 92% detection accuracy even under variable lighting and demographics. The emotional wellbeing module analyzes micro-expressions and facial action units to
Iqbal, ShoaibImteyaz, Shahma
Cybersecurity in Automotive OTA Update Systems and Automotive Software Stores2026-26-06211/16/2026
Automotive Over-the-Air (OTA) software updating has become a cornerstone of the modern connected vehicle, enabling manufacturers to remotely deploy bug fixes, security patches, and new features. However, this convenience comes with significant cybersecurity challenges. This paper provides a detailed examination of automotive OTA update security and the software store (software Applications & services store) mechanisms. I discuss the current industry standards and regulations, notably ISO/SAE 21434 and the United Nations Economic Commission for Europe (UNECE) regulations UN R155 (cybersecurity) and UN R156 (software updates) and explain their relevance to secure OTA and software update management. I then explored the Uptane framework, an open and widely adopted architecture specifically designed to secure automotive OTA updates. Next, OTA-specific threat models are analyzed, detailing potential attack vectors and corresponding mitigation strategies. Real-world case studies are presented
Kurumbudel, Prashanth Ram
Assessment of Cybersecurity Risks in State-Operated Connected Electric Passenger Buses in India2026-26-06101/16/2026
State Transport Units (STUs) are increasingly using electric buses (EVs) as a result of India's quick shift to sustainable mobility. Although there are many operational and environmental benefits to this development, like lower fuel prices, fewer greenhouse gas emissions, and quieter urban transportation, there are also serious cybersecurity dangers. The attack surface for potential cyber threats is expanded by the integration of connected technologies, such as cloud-based fleet management, real-time monitoring, and vehicle telematics. Although these systems make fleet operations smarter and more efficient, they are intrinsically susceptible to remote manipulation, data breaches, and unwanted access. This study looks on cybersecurity flaws unique to connected passenger electric vehicles (EVs) that run on India's public transit system. Electric vehicle supply equipment (EVSE), telematics control units (TCUs), over-the-air (OTA) update systems, and in-car networks (such as the Controller
Mokhare, Devendra Ashok
Proactive AI-Enhanced Cybersecurity for Next-Gen Automotive Infotainment ECU2026-26-06191/16/2026
With the rapid advancement of connected vehicle technologies, infotainment Electronic Control Units (ECUs) have become central to user interaction and connectivity within modern vehicles. However, this enhanced functionality has introduced new vulnerabilities to cyberattacks. This paper explores the application of Artificial Intelligence (AI) in enhancing the cybersecurity framework of infotainment ECUs. The study introduces AI-powered modules for threat detection and response, presents an integrated architecture, and validates performance through simulation using MATLAB, CANoe, and NS-3. This approach addresses real-time intrusion detection, anomaly analysis, and voice command security. Key benefits include zero-day exploit resistance, scalability, and continuous protection via OTA updates. The paper references real-world automotive cyberattack cases such as OTA vulnerability patches, Connected Drive exploits, and Uconnect hack, emphasizing the critical need for AI-enabled proactive
More, ShwetaKulkarni, ShraddhaKumar, PriyanshuGhanwat, HemantJoshi, Vivek
Considerations for Vulnerability Management in the Automotive Industry2026-26-06261/16/2026
With the emergence of Software-Defined Vehicles (SDVs), more complex software and connectivity technologies are introduced to support new advanced use cases such as phone as a key, smart parking and vehicle management. However, complex software functionality and external connectivity also increase the attack surface of vehicles and its ecosystem. In this paper, we first perform a classification of recent automotive cybersecurity attacks. We further perform an analysis of these attacks and associated vulnerabilities considering the application of best practices of vulnerability management approaches including Common Vulnerability Scoring System (CVSS), Exploit Prediction Scoring System (EPSS), and Stakeholder-Specific Vulnerability Categorization (SSVC). CVSS is a standardized framework used to assign severity scores to known vulnerabilities and helps organizations prioritize vulnerability remediation based on severity. EPSS is a predictive model that estimates the probability of a
Oka, Dennis KengoVadamalu, Raja Sangili
A Dynamic Cybersecurity Benchmarking Framework for Automotive Cyber-Physical Systems2026-26-06121/16/2026
The modern vehicle is no longer a mechanical appliance—it has transformed into a software-defined cyber-physical system, integrating OTA updates, cloud-connected diagnostics, V2X services, and telematics-driven personalization. While this evolution promises unprecedented value in consumer experience and fleet operations, it also surfaces a dramatically expanded and evolving attack perimeter, especially across safety-critical ECUs and communication buses. Cyber vulnerabilities have shifted from isolated IT threats to real-time, embedded exploits. Controller area network (CAN), the backbone of vehicle bus systems, remains intrinsically insecure due to its lack of authentication and encryption, making it highly susceptible to message injection and denial-of-service by low-cost tools. Similarly, OEM implementations of BLE-based passive entry systems have proven vulnerable to replay and spoofing attacks with minimal hardware. In the Indian context, the transition to connected mobility is
Shah, RavindraAwasthi, Vibhu VaibhavKarle, Ujjwala
Enhancing Engine Reliability Testing with IoT and ML: Real-Time ML-Based Limit Monitoring and Predictive Maintenance with IoT Sensors2026-26-06471/16/2026
The integration of Internet of Things (IoT), Artificial Intelligence (AI), and Machine Learning (ML) has transformed various industries, offering substantial benefits. The application of these technologies in engine reliability testing has immense potential as they offer real-time monitoring and analysis of engine performance parameters. Engine reliability testing is vital for ensuring the safety, efficiency, and longevity of engines. Traditional methods are time consuming, expensive, and rely heavily on manual inspection and data analysis. This paper shows how IoT and ML technologies can enhance the efficiency of engine reliability testing. The paper includes the following case studies:
Yadav, Sanjay KumarKumar, PrabhakarR, DineshJoon, SushantRai, AyushTripathi, Vinay Mani
Cybersecurity in Electric Vehicle Charging Infrastructure: A Review of Threats, Vulnerabilities, and Mitigation Strategies2026-26-06141/16/2026
The rapid expansion of electric vehicle (EV) charging infrastructure introduces complex cybersecurity challenges across hardware, software, network, and cloud layers. This review paper synthesizes existing research, standards, and documented incidents to identify critical vulnerabilities and propose layered mitigation strategies. We present a structured threat taxonomy based on the STRIDE model, enriched with real-world attack vectors and mapped to mitigation controls. Our analysis spans physical tampering, insecure firmware updates, protocol-level flaws in OCPP and ISO 15118, and cloud misconfigurations. While prior studies often focus on isolated domains, this work unifies fragmented insights into a cohesive framework. We highlight gaps in current literature, such as inconsistent adoption of secure protocols and limited validation of EVSE identity formats. By aligning threats with industry standards (SAE J3061, NIST CSF, IEC 62443) and scoring risks using CVSS v3.1, we offer a
Aggarwal, AkshitGupta, SaurabhSirohi, KapilArisetty, VenkateshChatterjee, Avik
GTSRB Shield: A Novel Machine Learning Approach to Anomaly Detection in German Traffic Signs Recognition Benchmark (GTSRB) Dataset2026-26-06111/16/2026
The escalating dependence of Autonomous Vehicles on Intelligent Transportation Systems (ITS) has highlighted the imperative for comprehensive security protocols to safeguard such vehicles against cyber threats. Intrusion Detection Systems (IDS’s) are pivotal in ensuring the protection of these systems by detecting and alleviating unauthorized access and nefarious activities. The German Traffic Sign Recognition Benchmark (GTSRB) database, which encompasses an extensive compilation of traffic sign imagery, functions as a vital asset for the advancement of machine learning-based IDS. This research elucidates an intrusion detection system (IDS) that employs machine learning algorithms to scrutinize the GTSRB database. The proposed IDS emphasize the preprocessing of the GTSRB dataset to extricate pertinent features that can be employed for the training of machine learning models. Research also focuses on model development with machine learning algorithms to classify traffic signs and
Patil, KamaleshAkbar Badusha, A.Jadhav, SavitriGunale, Kishanprasad
Implementation of Automotive Cybersecurity Assurance Level2026-26-06241/16/2026
This paper explores the implementation of ISO 21434 Automotive Cybersecurity Assurance Levels (CAL), focusing on enhancing component level cybersecurity for a vehicle. CAL values, which range from 1 to 4, provide a metric for ensuring that assets are protected against relevant threats at various phases of the product life cycle. By identifying parameters in the attack feasibility rating and their severity early in the product life cycle, specifically during the concept phase of ISO 21434, organizations can determine the CAL values. The CAL value serves as a benchmark to determine the level of severity required during the design, development and verification phases of the product life cycle. This paper outlines a method to establish CAL values as per ISO 21434 guidelines. The proposed methodology includes a detailed analysis of threat modeling, which is crucial for identifying and mitigating potential cybersecurity risks. By conducting threat modeling, organizations can systematically
Ghosh, SubhamKhader Batcha, Jashic
MOSAIC-TARA: A Comprehensive TARA Methodology for Automotive Cybersecurity2026-26-06091/16/2026
Threat Analysis and Risk Assessment (TARA) is a continuous activity, acting as a foundation of cybersecurity analysis for electrical and electronics automotive products. Existing TARA methodologies in the automotive domain exhibits challenges due to redundant and manual processes, particularly in handling recurring common assets across Electronic Control Units (ECUs) and functional domains. Two primary approaches observed for performing TARA are Manual-Asset-Centric TARA and Catalogue-Driven TARA. Manual-Asset Centric TARA is constructed from scratch by manually identifying the assets, calculating risks by likelihood, and impact determination. Catalogue-Driven TARA utilizes the precompiled likelihood and impact against identified assets. Both approaches lack standardized and modular mechanisms for abstraction and reuse. This results in poor scalability, increased efforts, and difficulty in maintaining consistency across vehicle platforms. The proposed method in this research overcomes
Goyal, YogendraSinha, SwatiSutar, SwapnilJaisingh, Sanjay
Resilient Design Strategies for Wireless Charger ECUs: A Proactive Threat Analysis and Risk Assessment Framework for Ensuring Cybersecurity in EV Charging Ecosystems2026-26-01731/16/2026
The proliferation of wireless charging technology in electric vehicles (EVs) introduces novel cybersecurity challenges that require comprehensive threat analysis and resilient design strategies. This paper presents a proactive framework for assessing and mitigating cybersecurity risks in wireless charger Electronic Control Units (ECUs), addressing the unique vulnerabilities inherent in electromagnetic power transfer systems. Through systematic threat modeling, vulnerability assessment, and the development of defense-in-depth strategies, this research establishes design principles for creating robust wireless charging ecosystems resistant to cyber threats. The proposed framework integrates hardware security modules, encrypted communication protocols, and adaptive threat detection mechanisms to ensure operational integrity while maintaining charging efficiency. Experimental validation demonstrates the effectiveness of the proposed security measures in preventing unauthorized access, data
Uthaman, SreekumarMulay, Abhijit BGadekar, Pundlik
Automotive Cybersecurity Incident Response (CSIR) Framework and Its Integration into OEM Processes2026-26-06131/16/2026
The exponential growth of connected and autonomous vehicles has significantly escalated cybersecurity threats, compelling automotive Original Equipment Manufacturers (OEMs) to adopt robust and structured Cybersecurity Incident Response (CSIR) capabilities. Current automotive cybersecurity regulations, such as AIS 189 in India and UNECE WP.29 globally, mandate precise frameworks for proactive threat detection, timely response, and comprehensive incident documentation. This research presents an innovative, comprehensive CSIR framework specifically tailored to integrate seamlessly into OEM cybersecurity management processes. Leveraging a combination of real-time monitoring systems, structured threat categorization methodologies, and integrated escalation and communication protocols, the proposed CSIR framework ensures efficient incident handling aligned with stringent regulatory compliance. The framework encompasses advanced methodologies including Vehicle Security Operations Center (VSOC
Chaudhary lng, VikashDesai, ManojChatterjee, AvikChatterjee lng, Avik
Cross-ICA Trust Mechanism in Automotive Cybersecurity2026-26-06151/16/2026
With the increasing complexity and connectivity in modern vehicles, cybersecurity has become an indispensable technology. In the era of Software-Defined Vehicles (SDVs) and Ethernet-based architectures, robust authentication between Electronic Control Units (ECUs) is critical to establish a trust. Further, the cloud connected ECUs must perform authentication with backend servers. These authentication requirements often demand multiple certificates to be provisioned within a vehicle, ensuring secure communication between various combinations of ECUs. As a result, a single ECU may end up storing multiple certificates, each serving a specific purpose. This work proposes a method to limit the number of certificates required in a given ECU without compromising security. We introduce a Cross-Intermediate Certificate Authority (Cross-ICA) Trust Architecture, which enables the use of a single certificate per ECU for inter-ECU communication as well as backend server authentication. In this
Venugopal, VaisakhGoyal, YogendraRaja J, SolomonRai, AjayRath, Sowjanya
Security Monitoring for High Performance Vehicle Computers2026-26-06271/16/2026
With the increasing connectivity of modern vehicles, cybersecurity threats have become a critical concern. Intrusion Detection Systems (IDS) play a vital role in securing in-vehicle networks and embedded vehicle computers from malicious attacks. This presentation shares about an IDS framework designed specifically for POSIX-based operating systems used in vehicle computers, leveraging system-level monitoring, anomaly detection, and signature-based methods to identify potential security breaches. The proposed IDS integrates lightweight behavioral analysis to ensure minimal computational overhead while effectively detecting unauthorized access, privilege escalation, communication interface monitoring etc. By employing a combination of rule-based and OS datapoints, the system enhances threat detection accuracy without compromising real-time performance. Practical series deployments demonstrate the effectiveness of this approach in mitigating cyber threats in automotive environments
Shukla, SiddharthChatterjee lng, Avik
Automotive Cybersecurity Measures in ECU Production2026-26-06281/16/2026
Modern vehicles use a network of Electronic Control Units (ECUs) that transmit over thousands of signals. The production of these ECUs is fraught with cybersecurity challenges that can lead to significant vulnerabilities, which pose risks not only to the suppliers but also to Original Equipment Manufacturers (OEMs) and end users. The automotive industry increasingly relies on sophisticated electronic systems but there is a lack of standardized approach to ensure implementation of robust cybersecurity measures during ECU production. It is imperative to establish effective safeguards against potential threats to ensure vehicle and passenger safety. This paper proposes a comprehensive approach to enhancing cybersecurity in ECU production. Key measures include the activation of cybersecurity protections in production units, secure flashing at plant and memory upload process, effective plant password generation, and securing the debug interface to prevent unauthorized access. By
Kulanthaisamy, NagarajanM S, TejaswiniSankar, Ganesh
Navigating the Field of Automotive Cybersecurity Relevant Regulations2026-26-06231/16/2026
In recent years many automotive cybersecurity relevant regulations have been released and some have already started to come into effect. Moreover, some other regulations will come into effect in the next few years. These regulations provide requirements and guidance to automotive organizations with different degree of specifics. In this paper, we review a number of different cybersecurity relevant regulations such as UNR 155, UNR 156, AIS 189, AIS 190, GB 44495, GB 44496, EU Cyber Resilience Act, and BIS Final Rule. We break down and categorize these regulations based on their scope and highlight key areas relevant to different teams within the organizations. These key areas include Cybersecurity Management System (CSMS), Software Update Management System (SUMS), secure software development and software supply chain security, continuous cybersecurity activities (monitoring, incident response), and vulnerability disclosure and management. We then map responsibilities from the
Oka, Dennis KengoVadamalu, Raja Sangili
Enhancing Cybersecurity Protocols for Secure Communication between Electric Vehicles and the Electric Vehicle Supply Equipment2026-26-02021/16/2026
The increasing adoption of electric vehicles (EVs) has raised the importance of secure communication between EVs and Electric Vehicle Supply Equipment (EVSE). As EV infrastructure rapidly evolves, cybersecurity threats targeting the vehicle-charger interface pose major risks to user safety, data integrity, and operational continuity. This paper presents an overview of existing EV-EVSE communication standards and explores their associated vulnerabilities. We identify potential cyber threats, including man-in-the-middle attacks, replay attacks, and protocol spoofing, that could compromise the security of EV charging systems. The study proposes an enhanced cybersecurity framework incorporating session authentication, and anomaly detection techniques to fortify EV-EVSE communication. The proposed mitigation strategies aim to ensure secure, reliable, and resilient charging infrastructure essential for the widespread adoption of electric mobility.
Uthaman, SreekumarPatil, Urmila
Automotive Cybersecurity: Regulatory Landscape, Type Approval and the Road Ahead2026-26-02461/16/2026
Effective communication is the key for bringing harmony - be it the communication between humans and humans, or communication between machine and machine. Today’s car is a sophisticated gadget, equipped with the best of technologies running using millions of lines of codes of software. The effective use of these technologies involve communication between car to car and car to infrastructure using Dedicated Short-Range Communication (DSRC), C-V2X (Cellular Vehicle-to-Everything). It is pertinent that any communication using the internet needs to be digitally secure and that the systems are designed to mitigate the perceived threats. The methods used for ensuring cyber safety of automobiles need to be verified before the end product is put to use. Automotive Industry Standards AIS-189 and AIS-190 have been formulated to provide a harmonized verification framework. Both the vehicle manufacturer and the test agency need to equip themselves with necessary skills and tools to ensure
Nayak, PratikTandon, VikramBadusha, AkbarDesai, ManojSathianesan, Rejin
Automotive Cybersecurity: Safeguarding Connected and Automomous Mobility2026-26-06291/16/2026
As vehicles transform into complex cyber-physical systems within Intelligent Transportation Systems (ITS), automotive cybersecurity has become a foundational pillar in securing safe, reliable, and trustworthy transportation. This paper examines cybersecurity challenges in connected and autonomous vehicles (CAVs), focusing on Vehicle-to-Everything (V2X) communications technologies, including Vehicle-to-Vehicle (V2V), Vehicle-to-Infrastructure (V2I), and Vehicle-to-Pedestrian (V2P), and critical systems like electronic control units (ECUs), battery management units (BMUs), and sensor fusion modules. Key vulnerabilities, such as remote hacking, denial-of-service (DoS) attacks, malware injection, and data breaches, threaten vehicle functionality, passenger safety, and privacy. Key protection mechanisms, including encryption, intrusion detection systems (IDS), cryptographic protocols, secure over-the-air (OTA) updates, and Advanced Artificial Intelligence (AI) and Machine Learning (ML
Kumar, OmKumar, RajivSankar M, GopiHaregaonkar, Rushikesh Sambhaji
Real-Time Intrusion Detection System (IDS) for Vehicle Networks Using Machine Learning for Predictive Threat Analysis2026-26-06171/16/2026
The rapid adoption of connected vehicle technologies and advanced driver assistance systems (ADAS) necessitates robust security mechanisms capable of identifying and mitigating sophisticated cyber threats in real-time. Traditional signature-based intrusion detection systems (IDS) are often inadequate in addressing the dynamic and evolving nature of automotive cybersecurity threats, particularly in modern vehicle networks like Controller Area Network (CAN), CAN with Flexible Data-Rate (CAN-FD), and Automotive Ethernet. This research introduces a novel Real-time Intrusion Detection System utilizing advanced Machine Learning (ML) techniques designed specifically for automotive network environments. The proposed IDS framework employs supervised and unsupervised ML algorithms, including anomaly detection, behavioral analytics, and predictive threat modeling, to achieve high accuracy and rapid threat identification capabilities. Through extensive testing in simulated and actual vehicle
Chaudhary lng, VikashDesai, ManojChatterjee, Avik
Software-Defined Vehicles: Architecting the Future of Intelligent and Connected Mobility2026-26-06911/16/2026
This paper presents a comprehensive technical review of the Software-Defined Vehicle (SDV), a paradigm that is fundamentally reshaping the automotive industry. We analyze the architectural evolution from distributed Electronic Control Units (ECUs) to centralized zonal compute platforms, examining the critical role of Service-Oriented Architectures (SOA), the AUTOSAR standard, and virtualization technologies in enabling this shift. A comparative analysis of leading High-Performance Computing (HPC) platforms, including NVIDIA DRIVE, Tesla FSD, and Qualcomm Snapdragon Ride, is conducted to evaluate the silicon foundation of the SDV. The paper further investigates key enabling technologies such as Over- the-Air (OTA) updates, Digital Twins, and the integration of Artificial Intelligence (AI) for applications ranging from predictive maintenance to software-defined battery management. We scrutinize the competing V2X communication standards (DSRC vs. C-V2X) and address the paramount
Ahmad, AqueelHemanth, KhimavathKumar, OmKumar, RajivHaregaonkar, Rushikesh Sambhaji
Feasibility and Performance of Post-Quantum Cryptography on Embedded Systems for Two-Wheeler Security2026-26-06221/16/2026
The proliferation of connectivity features (V2X, OTA updates, diagnostics) in modern two-wheelers significantly expands the attack surface, demanding robust security measures. However, the anticipated arrival of quantum computers threatens to break widely deployed publickey cryptography (RSA, ECC), rendering current security protocols obsolete. This paper addresses the critical need for quantum-resistant security in the automotive domain, specifically focusing on the unique challenges of two-wheeler embedded systems. This work presents an original analytical and experimental evaluation of implementing selected Post-Quantum Cryptography (PQC) algorithms, primarily focusing on NIST PQC standardization candidates (e.g., lattice-based KEMs/signatures like Kyber/Dilithium), on microcontroller platforms representative of those used in two-wheeler Electronic Control Units (ECUs) - typically ARM Cortex-M series devices characterized by limited computational power, memory (RAM/ROM), and strict
Mishra, Abhigyan
Post-EOL Cybersecurity Validation for Automotive Production Units2026-26-06081/16/2026
ISO/SAE 21434 emphasizes comprehensive cybersecurity risk management throughout the automotive lifecycle. However, specific guidance on validating cybersecurity measures at the production level remains limited. This paper addresses the gap in production-stage validation, particularly after End-of-Line (EOL) flashing, which includes configurations of security hardware and software protection (e.g., hardware register configuration, Debug and P-flash password settings etc.) Current automotive cybersecurity validation methods, despite adherence to ISO/SAE 21434, lack specific procedures for the production stage. The existing system-level validation using the ASPICE V-model (e.g., SWE.6, SYS.5) does not ensure the integrity and functionality of cybersecurity features in the final manufactured unit post-EOL flashing. This gap poses a risk of vulnerabilities being introduced during the EOL process, compromising critical security measures. To mitigate the cybersecurity risks in production
Chakraborty, SuchetaKulanthaisamy, NagarajanSankar, Ganesh
RAKSH: A Blockchain Derived in-Vehicle Key Management System2026-26-06201/16/2026
Modern cars have advanced significantly with the rapid growth of connectivity and communication technologies. In the wake of rising cyber attacks and enforcement of regulations, implementation of cybersecurity is imperative to safeguard vehicles. The cybersecurity controls such as secure boot, secure updates, and secure communication require cryptographic primitives (keys/certificates). These security features are largely dependent on robust Key Management System (KMS), as keys are the sensitive assets that must be protected throughout the lifecycle of vehicle. Several security critical applications like over-the-air and car-to-car interaction essentially needs robust KMS to protect the vehicle assets from expanding attack vectors. Traditionally KMS is established centrally in a backend server. The cloud based KMS is becoming complex due to increased number of keys/certificates required to provision in a vehicle. We propose a self-governing in-vehicle key management system for a
Goyal, YogendraSutar, SwapnilJaisingh, Sanjay
A Quality-Driven Approach to Engineering Sign-Off for Software and Robust Product Development2026-26-05811/16/2026
Automotive Product Development is a very complex process involving many functions across the organization along with the application of numerous technologies. Generally, most original equipment manufacturers follow a stage-gate process for any new product development. The increasing application of electrical and electronic systems, software and enhanced regulations focusing on overall safety of the eco-system further increases the complexity during development. This paper details the development and implementation of a comprehensive framework designed to enhance the quality and governance of the product development in the automotive industry. As the sector undergoes significant transformation, the need for structured development approach and robust oversight has become critical to success. The paper introduces a newly developed framework for Final Data Judgment (FDJ) and Engineering Sign-Off (ESO), representing a next-generation strategy towards defect free design, robust engineering
Digikar, AshishPathak, IshaKothari, Bhushan
Next-Gen Automotive: Enablers and Monetization for Automotive SaaS and Software Defined Vehicles2026-26-06871/16/2026
Commercial vehicles form the backbone of global supply chains. In India, the commercial vehicle (CV) industry is at a transformative crossroads, evolving from traditional hardware-centric models to advanced, software-defined architectures. Central to this shift are Software-Defined Vehicles (SDVs) and Automotive Software-as-a-Service (SaaS), catalysing a move toward intelligent, connected, and highly productive mobility solutions. With the Indian CV market surpassing $50 billion in 2024 and witnessing robust growth due to expanding e-commerce, infrastructure projects and regulatory evolution. Indian original equipment manufacturers (OEMs) are spearheading this revolution. This paper presents a comprehensive analysis of the technological enablers, monetization strategies, distinct challenges and opportunities encountered by Indian OEMs during their shift toward SDVs and automotive SaaS based business models. This research also examines the most important technical pillars underpinning
Saini, GouravJahagirdar, ShwetaKhandekar, Dhiraj Baburao
To Study and Compare Communication Protocol for Fast Charging in Electric Two-Wheeler with Respect to CCS 2.0: An Indian Perspective2026-26-01981/16/2026
This comprehensive research presents an in-depth analysis of communication protocols essential for implementing fast charging systems in India's rapidly expanding electric two-wheeler and three-wheeler market. As India witnesses unprecedented growth in electric mobility, with two-wheelers representing over 95% of current EV sales, the establishment of standardized, secure, and efficient charging protocols becomes paramount for widespread adoption. This study examines the current landscape of AC charging methodologies, evaluates the technical and economic feasibility of DC fast charging implementation, and provides detailed comparative analysis of existing international standards including IS 17017-25, IS 17017-31, ChaoJi, and CCS 2.0. The research concludes with strategic recommendations for developing cyber-secure, cost-effective charging infrastructure specifically tailored to meet India's unique market requirements and operational constraints.
Uthaman, SreekumarMulay, Abhijit B
Research and Development of a System Adaptation Strategy for the AUTOSAR Crypto Stack2025-01-733412/31/2025
As automotive electronic systems become increasingly complex, the demand for robust data security and privacy protection mechanisms has grown significantly. The AUTOSAR (Automotive Open System Architecture) standard has emerged as a widely adopted framework in the automotive industry due to its strong support for interoperability, functional safety, and cybersecurity. Within the AUTOSAR Classic Platform (CP), the Crypto Stack Service as a core component that enables critical security functionalities such as encryption, decryption, digital signature verification, and key management. However, the deployment of the Crypto Stack across heterogeneous Electronic Control Units (ECUs) introduces a series of technical challenges. These challenges stem primarily from variations in hardware resources, differences in operating system implementations, and inconsistencies in software execution environments. As a result, issues such as architectural compatibility, task scheduling efficiency, and
Wu, ShudiFan, SunjiaYu, YaqiXiu, Jiapeng
Safety, ADAS, and Cybersecurity: Vol. 4EPRCOMPV01202512/29/2025
Burton, SimonChalmers, SethWishart, JeffreyZheng, Ling
ARINC 835-2 Guidance for Security of Loadable Software Parts Using Digital SignaturesARINC835-2 (Current)12/2/2025
This document provides a comprehensive overview of methods and standards for securing loadable software parts (LSPs) used in aircraft systems. It focuses on ensuring the integrity, authenticity, and trustworthiness of aircraft software, independent of the transport mechanism or media type, through the use of digital signatures and Public Key Infrastructure (PKI) technologies. The document captures solutions developed by major aerospace manufacturers and industry participants and encourages standardization to reduce costs and complexity in software security processes.
Airlines Electronic Engineering Committee
Hardware Protected Security Environment – Trusted Application Isolation Security ModelsJ3101-2_202511 (Current)11/17/2025
This information report identifies and evaluates isolation building blocks applicable to TA sandboxing within a HPSE. These building blocks can be used to support SAE J3101 TA requirements for sandboxing of TAs and secure communication between TAs. TAs must execute within their own trust domain to prevent compromise of the HPSE and other TAs. TA trust domain isolation strength may vary depending on the risk profile of the TA deployed, hence the requirement for isolation building blocks to match the risk profile. A multitenancy TA HPSE has a higher risk profile than multiple TAs from the same source (e.g., OEM). TA multitenancy must not compromise the security properties of the HPSE (the secure integration and execution of trusted multi-vendor code). In this report, we provide information on the following: HPSE TA use cases and risk profiles HPSE TA isolation building blocks for manufacturers Threat analysis to determine the effectiveness of isolation security models As the ECU E/E
Vehicle Electrical System Security Committee
Research on Ship Network Security Situation Awareness and Defense Mechanism Based on Improved Spatiotemporal Attention and Deep Reinforcement Learning2025-99-012611/11/2025
With the development of ship intelligence, network security threats are increasing day by day. This paper proposes a ship network security situation awareness algorithm based on an improved spatiotemporal attention mechanism, and constructs a supporting defense mechanism. The algorithm accurately captures changes in network security situation through dynamic weight allocation and multi-scale feature extraction. In the experimental simulation, OMNeT++ is combined with SUMO to build a ship network simulation environment, and Maritime - CPS - Dataset and other data sets are used for testing. The algorithm in this paper is compared with ARIMA, LSTM, GRU and other algorithms. The results show that in terms of situation awareness accuracy, the algorithm in this paper reaches 95.6%, which is 27.8% higher than ARIMA, 12.3% higher than LSTM, and 10.1% higher than GRU respectively; the average response time of the defense mechanism is shortened to 2.3 seconds, which is 40% faster than the
Kong, ZeyuZhou, BofeiWan, Shiyao
AI-Empowered Lightweight In-Vehicle Network Security Mechanisms: From Cryptographic Algorithms to Collaborative Defense Architectures2025-99-013211/11/2025
With the rapid development of Internet of Vehicles (IoV) and cyber-physical systems (CPS), connected autonomous vehicles (CAVs) have also developed rapidly. However, at the same time, in-vehicle networks also face more security challenges, mainly in terms of resource constraints, dynamic attacks, protocol heterogeneity, and high real-time requirements. Firstly, the trade-offs between lightweight encryption primitives and their software and hardware collaborative design in terms of performance, resource overhead, and security strength are analyzed. Secondly, the resource efficiency of AI-based intrusion detection system (IDS) is evaluated at the edge. Finally, we propose a dynamic adaptive collaborative defense framework (DACDF), which integrates federated learning with dynamic weight distillation, blockchain authentication with lightweight verifiable delay function (Light-VDF) and cross-domain IDS with hierarchical attention feature fusion to deal with collaborative attacks in resource
Zhou, YouZhang, JiguiDing, KaniYang, Guozhi
Establishing a Sustainability Certification System for Aviation Fuel in China01-18-03-001211/7/2025
Amid escalating global warming challenges, the aviation industry must adopt low-carbon and green practices. China, aiming to meet its dual carbon goals, urgently requires enhanced research and development in sustainable aviation fuels (SAF), including their sustainability certification. However, China’s regulatory framework and limited research foundation in biofuels exacerbate this endeavor. This article summarizes the development status of SAF sustainability certification internationally and within China, encompassing the indicator framework, full life cycle greenhouse gas (GHG) calculation methodologies, and emission reduction thresholds. It also highlights issues encountered in the application of current international sustainability certification systems in China, such as high certification costs and inadequate data security. Advancement in domestic sustainability certification in China faces obstacles related to the incomplete foundational database, despite possessing life cycle
Zhang, ShupingHe, YinJia, QuanxingJia, QinTao, ZanMiao, JiaheShi, YaoZhang, XiangpingWang, Siyu
The Digital Backbone of Manufacturing: A Framework for Network Protocol Selection2025-28-024511/6/2025
Manufacturers need pragmatic guidance when choosing network protocols that must balance responsiveness, high data throughput, and long-term maintainability. This paper presents a step-by-step, criteria-driven framework that scores protocols on six practical dimensions, real-time behavior, bandwidth, interoperability, security, IIoT readiness, and legacy support and demonstrates the approach on both greenfield and brownfield scenarios. By combining vendor specifications, peer-reviewed studies, and field experience, the framework delivers transparent, weighted rankings designed to help engineers make defensible deployment choices. This paper explores how network protocols can be mapped to different layers of the automation pyramid, ranging from field-level communication to enterprise-level. For example, Profinet is shown to be highly effective for time-critical applications such as robotic assembly and motion control due to its deterministic, real-time ethernet capabilities. Meanwhile
Tarapure, Prasad
Cybersecurity: Applying Threat Modeling to Sensor-Control Architectures in Autonomous Off-Highway Vehicles2025-28-031611/6/2025
The rapid evolution of autonomy in Off-Highway Vehicles (OHVs)—spanning agriculture, mining, and construction—demands robust cybersecurity strategies. Sensor-control systems, the cognitive core of autonomous OHVs, operate in harsh, connectivity-limited environments. This paper presents a structured approach to applying threat modeling to these architectures, ensuring secure-by-design systems that uphold safety, resilience, and operational integrity.
Kotal, Amit
Spatial-temporal Information Organization Model with All Elements in Whole Domain for Shuozhou-Huanghua Railway2025-99-007910/17/2025
In view of the complexity of railway engineering structure, the systematicness of professional collaboration and the high reliability of operation safety, this paper studied the spatial-temporal information data organization model with all elements in whole domain for Shuozhou-Huanghua Railway from the aspect of Shuozhou-Huanghua Railway spatial-temporal information security. Taking the unique spatial-temporal benchmark as the main line, the paper associated different spatial-temporal information to form an efficient organization model of Shuozhou-Huanghua Railway spatial-temporal information with all elements in the whole domain, so as to implement the effective organization of massive spatial-temporal information in various specialties and fields of Shuozhou-Huanghua Railway; By using GIS (Geographic Information System) visualization technology, spatial analysis technology and big data real-time dynamic rendering technology, it was realized the real-time dynamic visualization display
Liu, KunYu, HongshengZhu, PanfengLiu, WenbinWang, Yaoyao
Reducing Powertrain Software Release Cycles from Months to Days: Streamlined Compliance and Rapid Deployment2025-01-037910/7/2025
The automotive industry's rapid shift towards electric and connected vehicles intensifies the demand for robust solutions addressing software integrity, cybersecurity, and stringent regulatory compliance, particularly concerning powertrain components and related control units. This paper addresses the significant challenge faced by automotive companies in efficiently managing and deploying an exponentially increasing number of software and hardware variants under the rigorous requirements of UNECE Regulation No. 156. This regulation mandates secure, traceable, and systematic software update processes for new vehicles and their components [1]. The proposed solution demonstrates a transformative approach that significantly reduces the software release cycle for Over-The-Air (OTA) updates which usually take 6 to 8 months to emerge [2]. By leveraging advanced techniques in automated compliance tracking, efficient parameter management, and centralized documentation, this approach bridges
Sammer, GeraldSchuch, NikolasKammerhofer, Markus
Items per page:
1 – 50 of 603