Browse Topic: Cybersecurity

Items (517)
Find
LLM-Powered Fuzz Testing of Automotive Diagnostic Protocols2025-01-8091To be published on 04/01/2025
Modern vehicles contain tens of different Electronic Control Units (ECUs) from several vendors. These small computers are connected through several networking busses and protocols, potentially through gateways and converters. Moreover, vehicle-to-vehicle and internet connectivity are now considered to be requirements, adding an addi- tional layer of complexity to an already complex electronic system. Due to this complexity and the safety-critical nature of vehicles, au- tomotive cyber-security a difficult undertaking. One critical aspect of cyber-security is the robust testing of software for potential bugs and vulnerabilities. Fuzz testing is an automated software testing method that injects a large set of inputs to a system. It is an invaluable tech- nique across many industries, and has been increasingly gaining popu- larity since its conception. Its success highly relies on the ”quality” of inputs injected. One shortcoming associated with fuzz testing is the expertise required in
McShane, JohnCelik, LeventBrooks, RichardPesé, Mert D.Aideyan, Iwinosa
Technical Paper
Using CAN Electrical Signals for Cybersecurity and Harness Diagnostics2025-01-8080To be published on 04/01/2025
This paper describes a novel invention which is an Intrusion Detection System based on fingerprints of the CAN bus analogue features. Clusters of CAN message analogue fingerprints can be associated with each ECU on the network. During a learning mode of operation, fingerprints can be learnt with the prior knowledge of which CAN identifier should be transmitted by each ECU. During normal operation, if the fingerprint of analogue features of a particular CAN identifier does not match the one that was learnt then there is a strong possibility that this particular CAN identifier’s message is symptomatic of a problem. It could be that the message has been sent by either an intruder ECU or an existing ECU has been hacked to send the message. In this case an intruder can be defined as a device that has been added to the CAN bus OR a device that has been hacked/manipulated to send CAN messages that it was not designed to (i.e. could be originally transmitted by another device). It could also
Quigley, ChristopherCharles, David
Technical Paper
Utilizing Generative Adversarial Networks for Secure Communication in Software-Defined Vehicles2025-01-8135To be published on 04/01/2025
The increasing complexity of software-defined vehicles (SDVs) necessitates robust and secure communication protocols to protect against cyber threats. This paper explores the utilization of Generative Adversarial Networks (GANs) to enhance the security of communication protocols in SDVs. GANs, consisting of a generator and a discriminator network, are employed to create and evaluate secure communication sequences, ensuring that unauthorized access and potential attacks are effectively mitigated. In this study, we develop a GAN-based framework that generates secure communication protocols tailored for the dynamic environment of SDVs. The generator is trained to produce communication sequences that are indistinguishable from authentic, secure sequences, while the discriminator is tasked with identifying any anomalies or potential vulnerabilities. By iteratively improving both networks, the framework learns to produce highly secure and resilient communication protocols. The performance of
Namburi, Venkata Lakshmi
Technical Paper
Use of Vehicle Cyber Engineering (VCE) testbeds to develop AI Safety enhancements based on ISO TR 54692025-01-8090To be published on 04/01/2025
The University of Detroit-Mercy (UD-M) has developed CLaaS (Cyber-Security Labs as a Service) to support teaching students how to understand and mitigate cyber security attacks. The UD-M Vehicle Cyber Engineering (VCE) laboratory has physical hardware testbeds to support education and research on actual vehicle systems. With the increased use of Machine Learning (ML) and Artificial Intelligence (AI) in on- and offroad vehicles, it is becoming critical to enhance the laboratory to help educate a new generation of engineers that understand the cyber security and functional implications of AI/ML. The ISO TR 5469 Technical Report provides a framework to classify the AI/ML technology based on usage level and the properties and requirements to mitigate cyber and functional safety risks for the technology. This paper provides an overview of the approach used by ISO TR 5469 as well as an example how one of the six ISO TR 5469 desirable properties (resilience to adversarial and intentional
Zachos, MarkSeifert, Heinz
Technical Paper
Securing Smart Manufacturing: A Comprehensive Strategy for OT Security Maturity2025-01-8333To be published on 04/01/2025
Securing machines in manufacturing environments and navigating the complexity of OT security is becoming increasingly challenging in the age of smart manufacturing. OT and IT environments are becoming increasingly connected, and OT lacks the maturity to protect against the evolving IT threat landscape. In particular, the heterogeneity of different production sites and the need to use legacy systems in machines complicates IT approaches to mitigate vulnerabilities. Standard IT practices, such as regularly patching your systems, are challenged by the lack of planned downtime in OT environments, as the primary security objective focuses on availability versus confidentiality and integrity in IT. Therefore, the main focus of this paper is concentrated on a phased approach that enables the transitioning from ad hoc security to a mature and more proactive security effort in OT environments. The practical insights and implications as well as the challenges of leveraging established standards
Pfauntsch, MichaelStenger, Jonas
Technical Paper
Detecting Cyber-Security Vulnerabilities in Legacy Safety-Critical Software2025-01-8088To be published on 04/01/2025
Security flaws in automotive software have catastrophic consequences. Modern automotive engineers must assess the software not only for performance and reliability but also for safety and security. This paper presents a tool to verify software for safety and security. The tool was originally developed for Department of Defense (DoD) to detect cybersecurity vulnerabilities in legacy safety-critical software with tight performance constraints and small memory footprint. We show how the tool and techniques developed for verifying legacy safety-critical software can be applied to automotive and embedded software using real world case studies. We also discuss how this tool can be extended for software comprehension
Awadhutkar, PayasTamrawi, AhmedSauceda, Jeremias
Technical Paper
An Adaptive Risk-Based Access Control with Trusted Execution Environment for Vehicles2025-01-8089To be published on 04/01/2025
The rapid development of intelligent and connected vehicles is transforming them into data-rich information carriers, which generate and store vast amounts of sensitive information. However, the frequent sharing of resources within these vehicles poses substantial risks to user privacy and data security. Should sensitive resources be accessed maliciously, the consequences could be severe, leading to significant threats to the safety, property, and reputation of both drivers and passengers. To address these risks, this paper proposes an adaptive risk-based access control with Trusted Execution Environment (TEE) specifically designed for vehicles, aimed at managing and restricting access permissions based on risk assessments. Firstly, this paper designs an adaptive risk model in accordance with ISO 21434, taking into account factors such as the security levels of subjects and objects, context, and the risk history of subjects to separately quantify threats and impacts. By adjusting the
Luo, FengLi, ZhihaoWang, JiajiaLuo, Cheng
Technical Paper
Designing Software for SAE J1939 ECUs to Improve Cybersecurity2025-01-8082To be published on 04/01/2025
SAE J1939 is a CAN-based standard used for connecting various ECUs together within a vehicle. There are also some related protocols sharing many of the features of SAE J1939 across other industries including ISO11783, RVC and NMEA 2000. The standard has enabled the easy integration of electronic devices into a vehicle. However, as with all CAN-based protocols, several vulnerabilities to cyberattacks have been identified and are discussed in this paper. Many are at the CAN-level, whilst others are in common with those protocols from the SAE J1939 family of protocols. This paper reviews the known vulnerabilities that have been identified with the SAE J1939 protocol at CAN and J1939-levels, along with proposed mitigation strategies that can be implemented in software. At the CAN-level, the weaknesses include ways to spoof the network by exploiting parts of the protocol. Denial of Service is also possible at the CAN-level. At the SAE J1939-level, weaknesses include Denial of Service type
Quigley, Christopher
Technical Paper
DCFC EVSE Security2025-01-8118To be published on 04/01/2025
The rapid spread of electric vehicles (EVs) and EV charging stations requires an urgent focus on the security of the entire charging infrastructure. As EV charging stations are a major interface in the charging infrastructure, ensuring cybersecurity of the personal and private data transmitted to and from chargers is a key component to the overall security. To evaluate the security of a part of the EV charging ecosystem, researchers from Southwest Research Institute® (SwRI®) assessed the vulnerability of a DC Fast Charging (DCFC) EV Supply Equipment (EVSE)’s communication protocol and system. The researchers established an undetected Adversary in the Middle (AitM) between the EV and EVSE to examine the communication used between the two. They identified vulnerabilities that exposed critical data—such as the MAC address of both the EV and EVSE—either sent in plaintext or encrypted with a known algorithm. These values allowed for reprogramming of the non-volatile memory of Power-Line
Kozan, Katherine
Technical Paper
FPGA Implementation of HLS crypto accelerators for embedded security in autonomous vehicles2025-28-0205To be published on 02/07/2025
The growing ubiquity of autonomous vehicles (AVs) has introduced a new attack surface for malicious actors: the embedded systems that govern a vehicle's critical operations. Security breaches in these systems could have catastrophic consequences, potentially leading to loss of control, manipulation of sensor data, or even physical harm. To mitigate these risks, robust cybersecurity measures are paramount. This research delves into a specific threat – side-channel attacks – where attackers exploit data leakage through unintentional physical emanations, like power consumption or electromagnetic waves, to steal cryptographic keys or sensitive information. While various software and hardware countermeasures have been proposed, this study focuses on the implementation of masking techniques within the realm of embedded security. Masking techniques aim to obfuscate sensitive data during cryptographic operations, making it significantly harder for attackers to exploit side-channel
Deepan Kumar, SadhasivamR, Vishnu Ramesh KumarM, BoopathiManojkumar, RR, GobinathM, Vignesh
Technical Paper
In-Vehicle Network Anomaly Detection Based on a Graph Attention Network12-08-04-003401/10/2025
The increased connectivity of vehicles expands the attack surface of in-vehicle networks, enabling attackers to infiltrate through external interfaces and inject malicious traffic. These malicious flows often contain anomalous semantic information, potentially leading to misleading control instructions or erroneous decisions. While most semantic-based anomaly detection methods for in-vehicle networks focus on extracting semantic context, they often overlook interactions and associations between multiple semantics, resulting in a high false positive rate (FPR). To address these challenges, the Adaptive Structure Graph Attention Network Model (AS-GAT) is proposed for in-vehicle network anomaly detection. Our approach combines a semantic extractor with a continuously updated graph structure learning method based on attention weight similarity constraints. The semantic extractor identifies semantic features within messages, while the graph structure learning module adaptively updates the
Luo, FengLuo, ChengWang, JiajiaLi, Zhihao
Journal Article
A Fuzz Testing Method Based on DDPM for Intelligent Connected Vehicles CAN Communication2024-01-704412/13/2024
Modern vehicles are increasingly integrating electronic control units (ECUs), enhancing their intelligence but also amplifying potential security threats. Vehicle network security testing is crucial for ensuring the safety of passengers and vehicles. ECUs communicate via the in-vehicle network, adhering to the Controller Area Network (CAN) bus protocol. Due to its exposed interfaces, lack of data encryption, and absence of identity authentication, the CAN network is susceptible to exploitation by attackers. Fuzz testing is a critical technique for uncovering vulnerabilities in CAN network. However, existing fuzz testing methods primarily generate message randomly, lacking learning from the data, which results in numerous ineffective test cases, affecting the efficiency of fuzz testing. To improve the effectiveness and specificity of testing, understanding of the CAN message format is essential. However, the communication matrix of CAN messages is proprietary to the Original Equipment
Shen, LinXiu, JiapengZhang, ZhuopengYang, Zhengqiu
Technical Paper
SAE J3016 as a Learning Device for the Driving Automation Community: Technical, Socio-technical, and Systemic LearningEPR202402912/12/2024
It is the tenth anniversary of SAE International’s Surface Vehicle Recommended Practice effort SAE J3016 to establish a nomenclature standard for driving automation systems and levels of automation. While not exhaustive, this report covers motivation, initiation, and continued development of J3016 regarding driving automation systems, noting that J3016 evolved as a learning device that facilitated the evolution of driving automation systems. It initially worked by establishing common terminology for the technical learning in the field, but over time, J3016 expanded to recognize the human roles in driving automation systems, with later iterations considering broader transportation ecosystems, including fleet operations and remote assistance centers. SAE J3016 as a Learning Device for the Driving Automation Community: Technical, Socio-technical, and Systemic Learning emphasizes ongoing learning to integrate diverse insights about technical, social, and socio-technical challenges of
Eley IV, T.C.King, John L.Lyytinen, KalleNickerson, Jeffrey V.
Research Report
Instructions for Using Plug-In Electric Vehicle (PEV) Communications, Interoperability, and Security DocumentsJ2836_202412 (Current)12/12/2024
This SAE Technical Information Report (TIR) establishes the instructions for the documents required for the variety of potential functions for PEV communications, energy transfer options, interoperability, and security. This includes the history, current status, and future plans for migrating through these documents created in the Hybrid Communication and Interoperability Task Force, based on functional objective (e.g., [1] If I want to do V2G with an off-board inverter, what documents and items within them do I need, [2] What do we intend for V3 of SAE J2953
Hybrid - EV Committee
Information Report
Technical Paper for 11 TH SAE India International Mobility Conference Relevance of Autonomous Vehicles in the Indian Context2024-28-012212/05/2024
Autonomous vehicles (AVs) are positioned to revolutionize transportation, by eliminating human intervention through the use of advanced sensors and algorithms, offering improved safety, efficiency, and convenience. In India, where rapid urbanization and traffic congestion present unique challenges, AVs still hold a significant promise. This technical paper discusses the relevance of autonomous vehicles in the Indian context and the challenges that need to be addressed before the widespread adoption of autonomous vehicles in India. These challenges include the lack of infrastructure, concerns regarding road safety, software vulnerabilities, adaptability of change towards autonomous vehicles, and the management of traffic. The paper also highlights the government's initiatives to encourage the development and adoption of autonomous vehicles, ideology behind the legal framework and the required changes in terms of technological advancements, and urban planning. In a brief manner, this
Mishra, AdarshMathur, Gaurav
Technical Paper
Automotive Cybersecurity: Defend the Future of Connected Vehicles2024-28-012312/05/2024
Cybersecurity, particularly in the automotive sector, is of paramount importance in today’s digital age. With the advent of connected commercial vehicles, which leverage telematics for efficient fleet management, the landscape of automotive cybersecurity is rapidly evolving. These vehicles, integral to logistics and transportation businesses, are becoming increasingly connected, thereby escalating the risks associated with cybersecurity threats. These commercial vehicles are becoming prime targets for cyber-attacks due to their connectivity and the valuable data they hold. The potential consequences of these cyber-attacks can range from data breaches to disruptions in fleet operations, and even safety risks. This paper analyses the unique challenges faced by the commercial vehicle sector, such as the need for robust telematics systems, secure communication channels, and stringent data protection measures. Case studies of notable cybersecurity incidents involving commercial vehicles are
Mahendrakar, ShrinidhiMadarla, ManojGangapuram, SivaDadoo, Vishal
Technical Paper
Ethernet-Based IDS for Zonal Architecture2024-28-012112/05/2024
In an era where automotive technology is rapidly advancing towards autonomy and connectivity, the significance of Ethernet in ensuring automotive cybersecurity cannot be overstated. As vehicles increasingly rely on high-speed communication networks like Ethernet, the seamless exchange of information between various vehicle components becomes paramount. This paper introduces a pioneering approach to fortifying automotive security through the development of an Ethernet-Based Intrusion Detection System (IDS) tailored for zonal architecture. Ethernet serves as the backbone for critical automotive applications such as advanced driver-assistance systems (ADAS), infotainment systems, and vehicle-to-everything (V2X) communication, necessitating high-bandwidth communication channels to support real-time data transmission. Additionally, the transition from traditional domain-based architectures to zonal architectures underscores Ethernet's role in facilitating efficient communication between
Appajosyula, kalyanSaiVitalVamsi
Technical Paper
Understanding the Vulnerability in Wireless Backhaul Networks for 5GTBMG-5219912/01/2024
A research team led by Rice University’s Edward Knightly has uncovered an eavesdropping security vulnerability in high-frequency and high-speed wireless backhaul links, widely employed in critical applications such as 5G wireless cell phone signals and low-latency financial trading on Wall Street
Magazine Article
MAKING SOFTWARE-DEFINED VEHICLES CYBER-SECURE24TOFHP12_0312/01/2024
Virtualization features such as digital twins and virtual patching can accelerate development and make commercial vehicles more agile and secure. There is one sure-fire way to secure commercial vehicles from cyber-attacks. “You just remove the connectivity,” quipped Brandon Barry, CEO of Block Harbor Cybersecurity and the moderator of a panel session on “cybersecurity of virtual machines” at the SAE COMVEC 2024 conference in Schaumburg, Illinois. Obviously, that train has left the station - commercial vehicles of all types, including trains, are only becoming more automated and connected, which increases the risks for cyber-attacks. “We have very connected vehicles, so attacks can be posed not just through powertrain solutions but also through telemetry, infotainment systems connected to different applications and services, and also through cloud platforms,” said Trisha Chatterjee, current product support and data specialist for fuel cell and hydrogen technology at Accelera by Cummins
Gehm, Ryan
Magazine Article
Secure Software Updates for Robotic and Autonomous Systems2024-01-397811/15/2024
ABSTRACT Software updates provide critical new functionality and security improvements to commercial and military vehicles. Organizations across the Department of Defense (DoD) are recognizing that the hardened cybersecurity in robotic and autonomous system (RAS) is essential. A secure software update capability will be added to RAS, providing a peer reviewed security by design solution for securing software updates. Citation: C. Mott, D. Mikulski, S. Pereira, “Secure Software Updates for Robotic and Autonomous Systems,” In Proceedings of the Ground Vehicle Systems Engineering and Technology Symposium (GVSETS), NDIA, Novi, MI, Aug. 16-18, 2022
Mott, CameronMikulski, DariuszPereira, Sabrina
Technical Paper
SCALED TESTBEDS FOR AUTOMATED ROBOTIC SYSTEMS2024-01-372111/15/2024
ABSTRACT The automotive and defense industries are going through a period of disruption with the advent of Connected and Automated Vehicles (CAV) driven primarily by innovations in affordable sensor technologies, drive-by-wire systems, and Artificial Intelligence-based decision support systems. One of the primary tools in the testing and validation of these systems is a comparison between virtual and physical-based simulations, which provides a low-cost, systems-approach testing of frequently occurring driving scenarios such as vehicle platooning and edge cases and sensor-spoofing in congested areas. Consequently, the project team developed a robotic vehicle platform—Scaled Testbed for Automated and Robotic Systems (STARS)—to be used for accelerated testing elements of Automated Driving Systems (ADS) including data acquisition through sensor-fusion practices typically observed in the field of robotics. This paper will highlight the implementation of STARS as a scaled testbed for rapid
Lodato, DiegoKamalanathsharma, RajFarber, Maurice
Technical Paper
Cyberattack Detection and Bus Segmentation in Ground Vehicles2024-01-386711/15/2024
ABSTRACT This paper describes an approach to secure previously deployed vehicles by using bus monitoring and segmentation to remove malicious messages from the CAN bus. Modern automotive buses were designed for reliability rather than security. This lack of security means that any node on the bus can transmit a message to any other node and the receiver cannot verify the sender or that the message is unaltered. The intrusion detection and prevention system seeks to solve that issue by actively monitoring traffic on all connected busses, alerting an operator when an error is detected and removing flagged messages from the bus. The system will eventually be installed on an Interim Armored Vehicle (IAV) Stryker. Citation: R. Elder, C. Westrick, P. Moldenhauer, “Cyberattack Detection and Bus Segmentation in Ground Vehicles”, In Proceedings of the Ground Vehicle Systems Engineering and Technology Symposium (GVSETS), NDIA, Novi, MI, Aug. 11-13, 2020
Elder, RyanWestrick, CourtneyMoldenhauer, Peter
Technical Paper
RANSOMWARE VEHICLE EMBEDDED SYSTEM ATTACKS2024-01-388711/15/2024
ABSTRACT Ransomware is not a new method of malware infection. This historically had been experienced in the enterprise in nearly every industry. This has been especially problematic in the medical and manufacturing fields. As the attackers saturate the specifically targeted industries, the attackers will expand their target industries. One of these which has not been significantly explored by the ransomware groups are the embedded systems and automobile environment. This set of targets is massive and provides for a vast attack potential. While this has not experienced this attack methodology at length, the research and efforts are creeping towards this as a natural extension of the business. The research focusses on the history of ransomware, uses in the enterprise, possible attack vectors with automobiles, and defenses to be explored and implemented to secure automobiles, fleets, and the industries. Citation: Parker, C., “Ransomware Vehicle Embedded System Attacks”, In Proceedings of
Parker, Charles
Technical Paper
Cyberattack Defense Through Digital Fingerprinting, Detection Algorithms, and Bus Segmentation in Ground Vehicles2024-01-388611/15/2024
ABSTRACT This paper describes strategies to secure military ground vehicles by using digital fingerprinting, detection algorithms, and bus segmentation to identify and remove anomalous messages from the Controller Area Network (CAN) bus. Modern automotive buses were designed for reliability rather than security. This lack of security means that any node on the bus can transmit a message to any other node, and the receiver cannot verify the sender or that the message is unaltered. The intrusion defense system (IDS) protects the bus by actively monitoring traffic on all connected busses and removing messages identified as anomalies. Digital fingerprinting combined with various detection algorithms identifies these anomalies while bus segmentation simultaneously defends the CAN bus by removing anomalous messages. Citation: J. Wolford, C. Westrick, P. Moldenhauer, “Cyberattack Defense Through Digital Fingerprinting, Detection Algorithms, and Bus Segmentation in Ground Vehicles”, In
Wolford, JonathanWestrick, CourtneyMoldenhauer, Peter
Technical Paper
HIDDEN VULNERABILITIES: OPERATIONAL TECHNOLOGY CYBERSECURITY SHORTFALLS2024-01-386311/15/2024
ABSTRACT The Department of Defense (DoD) lacks a unified cybersecurity solution to provides intrusion prevention and detection capabilities to existing weapons platforms, empowering crews, maintainers, and commanders to achieve understanding and inform confidence in the cyber health and status of their systems. In October 2018, the Government Accountability Office (GAO) reported that DoD weapons systems are highly vulnerable to cyber-attacks. We have identified several major inherent vulnerabilities and likely attack vectors for existing weapon systems. Our Technical White Paper will outline the changing threat landscape for operational technology (OT), the vulnerabilities in the cyber-physical systems and shortfalls in addressing these vulnerabilities, and our analysis on critical capabilities necessary to secure military OT. Citation: J. Correnti, J. Lospinoso, M. Weigand, K. Kramer, “Hidden Vulnerabilities: Operational Technology Cybersecurity Shortfalls,” In Proceedings of the
Correnti, JamesLospinoso, JoshWeigand, MichaelKramer, Kara
Technical Paper
BEST PRACTICES FOR GROUND VEHICLE INTRUSION DETECTION SYSTEMS2024-01-386611/15/2024
ABSTRACT Addressing the well-established need for accurate cyber situational awareness on military vehicles and weapons platforms, we developed a well-tested, robust Intrusion Detection System – Fox Shield™ – currently rated TRL-8. The system is described and the lessons learned during its development are discussed. The basic principles of our anomaly detectors are outlined, and the details of our innovative warning-aggregating Fuser are presented. Many attack detection examples are presented, using a publicly available CANbus dataset. Citation: E.I. Novikova, V. Le, M. Weber, C. Andersen, S.N. Hamilton, “Best Practices For Ground Vehicle Intrusion Detection Systems”, In Proceedings of the Ground Vehicle Systems Engineering and Technology Symposium (GVSETS), NDIA, Novi, MI, Aug. 13-15, 2020
Novikova, Elena I.Le, VuWeber, MichaelAndersen, CoryHamilton, Samuel N.
Technical Paper
Demystifying Cyber Systems Engineering2024-01-386411/15/2024
ABSTRACT As the United States’ (US) Department of Defense (DoD) works to maintain our battlefield superiority in the ground domain, we rapidly integrate new electronic capabilities into vehicles that communicate and cooperate over vehicle-to-infrastructure networks. These new capabilities contribute to increasing the potential attack surface, as described in the 2018 Government Accountability Office (GAO) report on Weapon System Cyber Security [1]. To understand the increasingly complex attack surface and to reduce ground platform exposures through cyberspace, we need new engineering analysis and design techniques. Today, most engineering methodologies treat cybersecurity as an add-on to traditional process flows. For example, until recently, the International Council on Systems Engineering (INCOSE) gave little attention to cybersecurity in their industry definition of the Vee-Model used widely in defense contracting. We argue that until we give cybersecurity first-class status and
Lofy, CheriVriesenga, Mark
Technical Paper
Latent Dirichlet Allocation (LDA) for Anomaly Detection in Ground Vehicle Network Traffic2024-01-386211/15/2024
ABSTRACT Latent Dirichlet Allocation (LDA) and Variational Inference are applied in near real-time to detect anomalies in ground vehicle network traffic for VICTORY enabled networks. The technical approach, that utilizes the Natural Language Processing (NLP) technique to detect potential malicious attacks and network configuration issues, is described and the results of a proof of concept implementation are provided. Citation: A. Thornton, B. Meiners, D. Poole, M. Russell, “Latent Dirichlet Allocation (LDA) for Anomaly Detection in Ground Vehicle Network Traffic”, In Proceedings of the Ground Vehicle Systems Engineering and Technology Symposium (GVSETS), NDIA, Novi, MI, Aug. 11-13, 2019
Thornton, AdamMieners, BrandonPoole, DonaldRussell, Mark
Technical Paper
GVSETS 2020 Paper: Multiple Crew Station Xecutor (MCSX2024-01-386011/15/2024
ABSTRACT Technology and innovation are growing at a rapid rate, placing increasing demands on military vehicles. With these advances come additional burdens to our ground vehicle systems due to escalating threats in areas such as situational awareness and cybersecurity. In order to deal with this ever-changing threat environment, additional computing resources are needed. Given the additional costs of high performance hardware, harnesses, software development, sustainment, and licensing fees, consolidation of resources can be essential in reducing costs. Leveraging today's latest technologies in distributed systems, advanced microprocessors, and accelerated graphics, this research proposes a solution to consolidate multiple crew stations into a single processing resource. Not only are these computing resources more powerful, they come at a more affordable price when configured properly. Citation: S. Sopel, M. Russell, K. Zwick, “Multiple Crew Station Xecutor (MCSX)”, In Proceedings of
Sopel, Shane G.Russell, Mark G.Zwick, Keith E.
Technical Paper
BLOCKCHAIN VEHICLE APPLICATIONS AND CYBERSECURITY: AN APPROPRIATE USE OR USE APPROPRIATELY2024-01-389211/15/2024
ABSTRACT Bitcoin and other digital currencies utilize blockchain. Blockchain, in summary, is a collection of blocks. Within each block is a collection of transactions. Each computer (node) has the same list of blocks and transactions, which they can see as the blocks are filled with the transactions. While this is the traditional application experienced, there are other applications relevant to cybersecurity. As part of the blockchain technology, the nodes are responsible for decision-making. The blockchain technology may be used for this function in these systems. In adjusting the data flow, this is an option to increase the cybersecurity for a complete system. This addition to the cybersecurity system provides a clear benefit. Citation: Parker, C., “Blockchain Vehicle Applications and Cybersecurity: An Appropriate Use or Use Appropriately?”, In Proceedings of the Ground Vehicle Systems Engineering and Technology Symposium (GVSETS), NDIA, Novi, MI, August 10, 2021
Parker, Charles
Technical Paper
Cyberattack Defense Through Digital Fingerprinting, Detection Algorithms, and Bus Segmentation in Ground Vehicles2024-01-389111/15/2024
ABSTRACT This paper describes strategies to secure military ground vehicles by using digital fingerprinting, detection algorithms, and bus segmentation to identify and remove anomalous messages from the Controller Area Network (CAN) bus. Modern automotive buses were designed for reliability rather than security. This lack of security means that any node on the bus can transmit a message to any other node, and the receiver cannot verify the sender or that the message is unaltered. The intrusion defense system (IDS) protects the bus by actively monitoring traffic on all connected busses and removing messages identified as anomalies. Digital fingerprinting combined with various detection algorithms identifies these anomalies while bus segmentation simultaneously defends the CAN bus by removing anomalous messages. Citation: J. Wolford, C. Westrick, P. Moldenhauer, “Cyberattack Defense Through Digital Fingerprinting, Detection Algorithms, and Bus Segmentation in Ground Vehicles”, In
Wolford, JonathanWestrick, CourtneyMoldenhauer, Peter
Technical Paper
Secure Connected Vehicle Architecture for Software and Telecommunications2024-01-376011/15/2024
ABSTRACT The advent of both new bidirectional communications capabilities and increasing levels of automation to offload driver workload is requiring the vehicle’s architecture to evolve substantially. Military vehicles of the US Armed Forces are subject to even greater cybersecurity threats. New vehicle hardware includes many sensors, cameras and other systems to capture road, weather and traffic conditions. These systems will be communicating the data both internally and externally from the vehicle. In addition, the vehicles will send and receive data via multiple communications protocols. Each of these communication protocols have unique capabilities and inherent weaknesses with regard to secure communications. With this vehicle evolution, and with the pervasive cyber threats, the vehicle will have to be architected for holistic vehicle cyber situational awareness. The US Army and US Marine Corps need to be fully versed and trained to recognize threats and effectively deal with them
McCormick, Scott J.Farnsworth, Elaina
Technical Paper
The seL4 Microkernel – A Robust, Resilient, and Open-Source Foundation for Ground Vehicle Electronics Architecture2024-01-375811/15/2024
ABSTRACT There has been a lot of interest in the secure embedded L4 (seL4) microkernel in recent years as the basis of a cyber-security platform because it has been formally proven to be correct and free of common defects. However, while the seL4 microkernel has a formal proof of correctness, it does so at the cost of deferring functionality to the user space that most developers and system integrators would deem necessary for real life products and solutions, and use of formal proofs for user space can be prohibitively expensive. DornerWorks took an approach to bypass the need for native seL4 user space applications to develop a representative real-world system for GVSC VEA based on seL4 by enabling its virtual machine monitor functionality for ARMv8 platforms, allowing feature rich software stacks to be run in isolation guaranteed by the seL4 formal proofs. This paper describes that system and the efforts undertaken to achieve real world functionality. Citation: R. VanVossen, J
VanVossen, RobbieMillwood, JesseGuikema, ChrisElliott, LeonardRoach, Jarvis
Technical Paper
DETECTION AND MITIGATION OF ERRONEOUS AND MALICIOUS DATA IN VEHICLE SENSOR NETWORKS2024-01-398011/15/2024
ABSTRACT This paper describes research into the applicability of anomaly detection algorithms using machine learning and time-magnitude thresholding to determine when an autonomous vehicle sensor network has been subjected to a cyber-attack or sensor error. While the research community has been active in autonomous vehicle vulnerability exploitation, there are often no well-established solutions to address these threats. In order to better address the lag, it is necessary to develop generalizable solutions which can be applied broadly across a variety of vehicle sensors. The current measured results achieved for time-magnitude thresholding during this research shows a promising aptitude for anomaly detection on direct sensor data in autonomous vehicle platforms. The results of this research can lead to a solution that fully addresses concerns of cyber-security and information assurance in autonomous vehicles. Citation: R. McBee, J. Wolford, A. Garza, “Detection and Mitigation of
McBee, RyanWolford, JonathanGarza, Abe
Technical Paper
The Tactical Smart NIC2024-01-397711/15/2024
ABSTRACT This paper describes a novel network security appliance -- the Tactical Smart Network Interface Card (TSNIC) – that leverages state-of-the-art Field Programmable Gate Array (FPGA) technologies to continuously maintain the integrity of tactical missions. The Smart NIC appears as an all-hardware “bump-in-the-wire” along any network segment or attached to an industry standard bus interface providing infrastructure defense for ground vehicles. It can be custom configured to provide encryption, protocol and file format validation, and/or protocol encapsulation. These capabilities are achieved by several innovations: high-level synthesis (HLS) for rapid circuit development, automated parser generation to adapt to mission requirements, and a hardware nano-marshal to dynamically adapt defensive posture in the face of changing threat profiles. Citation: J. Dahlstrom, S. Padnos, J. Brock, and S. Taylor, “The Tactical Smart NIC,” In Proceedings of the Ground Vehicle Systems Engineering
Dahlstrom, JasonPadnos, StephenBrock, JamesTaylor, Stephen
Technical Paper
Advanced Cyber Testing With Virtualization2024-01-388811/15/2024
ABSTRACT The growing sophistication and emergence of widespread cyber threats today has driven the DOD to place Cyber Resiliency requirements on new and legacy defense systems. The DOD has recently garnered a massive defensive DevSecOps effort aimed at defining structured practices to unify software (Dev), Security (Sec), and operations (Ops) under the umbrella of more OpSec-driven engineering practices. According to the DOD DevSecOps practicum referenced in this document [1], “Practicing DevSecOps provides demonstrable quality and security improvements over the traditional software lifecycle, enabling application security, secure deployments, and secure operations in close alignment with mission objectives.” Modern systems often contain greater networking capability and are therefore more exposed to cyber-threats. Legacy systems were often conceived prior to the field of cyber warfare maturing, resulting in unpatched potential vulnerabilities that could be exploited through trusting
Wysocki, WilliamPrice, GregFriedman, SteveConage, Adrianne
Technical Paper
Advanced Cyber Testing With Virtualization2024-01-389311/15/2024
ABSTRACT The growing sophistication and emergence of widespread cyber threats today has driven the DOD to place Cyber Resiliency requirements on new and legacy defense systems. The DOD has recently garnered a massive defensive DevSecOps effort aimed at defining structured practices to unify software (Dev), Security (Sec), and operations (Ops) under the umbrella of more OpSec-driven engineering practices. According to the DOD DevSecOps practicum referenced in this document [1], “Practicing DevSecOps provides demonstrable quality and security improvements over the traditional software lifecycle, enabling application security, secure deployments, and secure operations in close alignment with mission objectives.” Modern systems often contain greater networking capability and are therefore more exposed to cyber-threats. Legacy systems were often conceived prior to the field of cyber warfare maturing, resulting in unpatched potential vulnerabilities that could be exploited through trusting
Wysocki, WilliamPrice, GregFriedman, SteveConage, Adrianne
Technical Paper
Containerization in Embedded Trusted Computing2024-01-398211/15/2024
ABSTRACT Interest in application containerization has been on the rise in recent years within the embedded and secure computing communities. Containerization within embedded systems is still relatively new and thus the question of its practical use in secure environments is still unanswered. By using proven kernels and virtual machines, containerization can help play a key role in application development and ease of deployment within trusted computing environments. Containerization can bring many benefits to the development and deployment of secure applications. These benefits range between ease of development and deployment through use of unified environments to security benefits of namespaces and network isolation. When combined with the seL4 microkernel and DornerWorks use of the VM Composer toolset, mixed criticality systems incorporating containerization can be rapidly and easily developed and deployed to embedded hardware. This paper describes the various advantages, use-cases
Prins, TaylorVanVossen, RobertBarnett, TomElliott, Leonard
Technical Paper
Attribute-Based Access Control (ABAC)- Is it the Solution for a Mobile Net-Centric Army2024-01-324111/15/2024
ABSTRACT Access Control sets the bounds directing use of a resource. Equipment, applications, and information in a military environment require access control to provide security where intelligence superiority is an integral part the battlefield. The Role-Based Access Control (RBAC) employed for Information Systems and IT networks where permissions for Army roles change slowly do not scale to the dynamics of distributed mobile systems in a rapidly changing tactical environment. As ground systems fulfill the Net Centric Warfare (NCW) charter, Attribute-Based Access Control (ABAC) provides a distributed, rule-based approach to support dynamic attributes for access control
Mangin, JosephDorny, Jonathan
Technical Paper
DEMYSTIFYING PLATFORM CYBER RESILIENCE2024-01-376711/15/2024
ABSTRACT Today’s platform systems (satellites, aircraft, surface ships, ground vehicles, and subsurface vehicles) have large numbers of electronic components including microprocessors, microcontrollers, sensors, actuators, and internal (onboard) and external (off-board) communication networks. Hardening and securing these systems is currently performed using checklist approaches like the Risk Management Framework (RMF) that derive from decades of information technology (IT) best practices. However, these approaches do not translate well to platforms because they inadequately address security issues that are unique to cyber-physical and the embedded nature of platform systems. In this paper, we describe key resilience concepts and two analytic models for improving platform cyber resilience. These models balance knowledge of offensive attack vectors with Resilience-in-Depth™ controls. The Platform Cyber Attack Model (PCAM) provides a multi-scale construct for identifying, describing, and
Lofy, CheriVriesenga, Mark
Technical Paper
Implementing Cybersecurity Risk Management Framework for the MAPS Base Kit2024-01-376311/15/2024
ABSTRACT The Modular Active Protection System (MAPS) Science and Technology Objective (STO) program led by the CCDC- Ground Vehicle Systems Center (CCDC-GVSC) has undertaken and committed to delivering a product baseline that can readily support performance requirements for Vehicle Protection System (VPS) capabilities while meeting cybersecurity requirements. DoD investments in a cyber-secure common kit can provide many benefits to the DoD as each program (i.e., Abrams, Bradley, Stryker, AMPV) will be able to leverage the initial investments without having to create their own technical solution per platform. It is broadly acknowledged that implementing security controls early in the product’s life cycle provides better capabilities, reduces vulnerabilities, reduces program schedule, and reduces program cost compared to attempting to add cybersecurity later in the production and test phases. As the MAPS open-architecture enables programs to leverage occupant and vehicle protection
Nowc, MattShvartsman, AndreyMoon, EdTucker, Lucas
Technical Paper
Holistically Increasing Cyber Resilience of Ground Vehicles2024-01-376511/15/2024
ABSTRACT This paper explores a holistic approach to increasing the cyber resiliency of Army and USMC ground vehicles. Today’s current approach to securing weapon systems focuses on complying with the Risk Management Framework and applying required security controls to obtain government authority to operate (ATO). This method of securing our weapon systems is better than nothing, but runs the risk of giving us a false sense of security. Citation: D. Woolrich, “Holistically Increasing Cyber Resilience of Ground Vehicles”, In Proceedings of the Ground Vehicle Systems Engineering and Technology Symposium (GVSETS), NDIA, Novi, MI, Aug. 13-15, 2019
Woolrich, David K.
Technical Paper
A TWO-STAGE DEEP LEARNING APPROACH FOR CAN INTRUSION DETECTION2024-01-368811/15/2024
ABSTRACT With recent advancements in the automotive world and the introductions of autonomous vehicles, automotive cybersecurity has become a main and primary issue for every automaker. In order to come up with measures to detect and protect against malicious attacks, intrusion detection systems (IDS) are commonly used. These systems identify attacks while comparing normal behavior with abnormalities. In this paper, we propose a novel, two-stage IDS based on deep-learning and rule-based systems. The objective of this IDS is to detect malicious attacks and ensure CAN security in real time. Deep Learning has already been used in CAN IDS and is already proven to be a successful algorithm when it comes to extensive datasets but comes with the cost of high computational requirements. The novelty of this paper is to use Deep Learning to achieve high predictability results while keeping low computational requirements by offsetting it with rule-based systems. In addition, we examine the
Zhang, LinxiKaja, NevrusShi, LyndonMa, Di
Technical Paper
Assurance and Verification of Vehicular Microelectronic Systems (AV2MS): Supply Chain Assurance through Utilization of Side Channel Radio Frequency Emissions for Improved Ground Vehicle Cybersecurity2024-01-398511/15/2024
ABSTRACT Modern vehicular systems are comprised of numerous electronics control units (ECUs) that consist of thousands of microelectronics components. Individual ECU systems are reliant upon “trust” in the supply chain for defense. This paper describes an approach utilizing historically offensive-based cybersecurity technology, side-channels, to quantify and qualify malicious ECU states in a bus-agnostic, logically-decoupled method of assurance and verification. Providing a measure of supply chain assurance to end-users. Citation: Yale Empie, Matthew Bayer, “Assurance and Verification of Vehicular Microelectronic Systems (AV2MS): Supply Chain Assurance through Utilization of Side Channel Radio Frequency Emissions for Improved Ground Vehicle Cybersecurity,” In Proceedings of the Ground Vehicle Systems Engineering and Technology Symposium (GVSETS), NDIA, Novi, MI, Aug. 16-18, 2022
Empie, YaleBayer, Matthew
Technical Paper
Automotive Ethernet Cyberattack Defense in Ground Vehicles2024-01-398411/15/2024
ABSTRACT This paper describes the strategies and challenges involved to secure vehicles which use automotive Ethernet-based networks. Since the early 1990’s, the Controller Area Network (CAN) bus has been the standard in automotive networking systems. However, automotive Ethernet is becoming more common in recent years and is considered the future in automotive networking. This new technology has unique advantages over traditional CAN bus networks (e.g. higher bandwidth that can support hashing and encryption), and it still requires additional security measures such as monitoring and detection of anomalies to better secure the vehicle. Southwest Research Institute (SwRI) has previously developed a CAN-only intrusion detection system (IDS) which protects a vehicle’s CAN bus by actively monitoring traffic and flagging messages that are identified as anomalies. SwRI successfully implemented the ability to read, train, and detect on automotive Ethernet data in the IDS. The integration of
Moldenhauer, PeterEsquivel, Jonathan
Technical Paper
System Safety and Cybersecurity within the Model Based System Engineering (MBSE) System Model2024-01-396611/15/2024
ABSTRACT Model Based System Engineering (MBSE) offers the ability to connect an ever expanding set of disciplines through the system model into specialty areas, having a dramatic impact early and lasting throughout the system lifecycle. System safety and cybersecurity are two such areas that are far too often “patched” into a system design versus properly integrated. MBSE and the use of a system model provides a methodology to integrate these areas early in the design process. Addressing system safety and cybersecurity concerns from the beginning stages of development will enforce adoption of principals and best practices throughout the life of the system
Holmes, JustinTecos, WilliamGraham, StephenBeeson, BradleySpeers, Micah
Technical Paper
Defensive Cyber Architecture for Vehicles & System-of-Systems2024-01-368511/15/2024
Nowlin, Anne
Technical Paper
Cyber Security: An Evolving Systems Engineering Requirement2024-01-340311/15/2024
Abstract Increased connectivity, burgeoning functionality, as well as surging software and integration complexity all conspire to blur the lines for requirements sourcing and implementation of new Ground Vehicles
Ridge, MikeShull, Forrest
Technical Paper
SUBSCRIBER CONDITIONAL ACCESS SOLUTION FOR DYNAMIC IN-FIELD PKI AUTHENTICATION2024-01-350911/15/2024
ABSTRACT This paper will lay out the critical challenges of in-field Public Key Infrastructure (PKI), namely Integrity, Availability, and Confidentiality, and will assess multiple conceptual solutions against them. The history and mechanisms of Subscriber Conditional Access will be detailed to provide understanding of this technology. Mapping of PKI data into a Subscriber Conditional Access system will be provided, showing a solution which meets all challenges. Analysis of organizational hierarchies, dynamic control latency, and required data bandwidths will be provided. Finally, a reference architecture showing how to implement a Subscriber Conditional Access system for Dynamic In-field PKI Authentication will be provided
Jedynak, David
Technical Paper
ADVANCED MODULAR VEHICLE ARCHITECTURES AND CYBER RESILIANCE IN THE SOFTWARE DEFINED VEHICLE2024-01-403511/15/2024
ABSTRACT Automotive electrical/electronic (E/E) architectures are continuously evolving to meet the technological challenges of the highly connected, software-defined vehicle. Advances are being made in µController/µProcessor compute hardware, software, and cyber security methodologies, to provide enhanced security, safety, flexibility and functionality. These advancements will mature through millions of miles of road/lab testing and reach TRLs suitable for use by the Army to implement safe and secure cyber-resilient platforms for manned and unmanned ground vehicle systems. This paper will describe three specific advances that will benefit Army vehicle programs of the future: Software that leverages the Modular Open Systems Approach (MOSA) as a secure and flexible Service Oriented Architecture (SOA) framework; Hardware-based Communication Engines for high bandwidth/low latency network communications; and a Hardware Security Module (HSM) that enhances the cyber-resilience of the next
Cates, JameyNielson, KarlStempnik, Joe
Technical Paper
Items per page:
1 – 50 of 517