Browse Topic: Cybersecurity

Items (588)
Find
RAKSH: A Blockchain Derived In-Vehicle Key Management System2026-26-0620To be published on 01/16/2026
Modern cars have advanced significantly with the rapid growth of connectivity and communication technologies. In the wake of rising cyberattacks and enforcement of regulations, implementation of cybersecurity is imperative to safeguard vehicles. The cybersecurity controls such as secure boot, secure updates, secure communication require cryptographic primitives (keys/certificates). These security features are largely dependent on robust Key Management System (KMS), as keys are the sensitive assets that must be protected throughout the lifecycle of vehicle. Several security critical applications like over-the-air and car-to-car interaction essentially needs robust KMS to protect the vehicle assets from expanding attack vector. Traditionally KMS is established centrally in a backend server. The cloud based KMS is becoming complex due to increased number of keys/certificates required to provision in a vehicle. We propose a self-governing in-vehicle key management system for a gateway
Goyal, YogendraSutar, SwapnilJaisingh, Sanjay
Next-Gen Automotive: Enablers and Monetization for Automotive SaaS and Software Defined Vehicles2026-26-0687To be published on 01/16/2026
The automotive industry is undergoing a paradigm shift, changing its model from hardware-centric products to software-driven platforms. It is driven by two underlying paradigms: the emergence of Software-Defined Vehicles (SDVs) and the increasing adoption of Automotive Software-as-a-Service (SaaS) models. Together, these trends are transforming the way the industry generates value, engages with customers, and builds new revenue models. This research examines the most important technical pillars underpinning next-generation automotive ecosystem creation. Of these pillars, centralized computing infrastructures, embedded cloud integration, efficient over-the-air (OTA) update engines, and enhanced cybersecurity models designed to protect larger numbers of connected vehicles are observed. It also evaluates the imperative significance of digital identity management to provide improved personalized experience, the critical role of edge computing to ensure real-time processing, and the promise
Saini, GouravJahagirdar, ShwetaKhandekar, Dhiraj Baburao
"Automotive Cybersecurity: Regulatory Landscape, Type Approval, and the Road Ahead"2026-26-0246To be published on 01/16/2026
Effective communication is the key for bringing harmony - be it the communication between humans and humans, or communication between machine and machine. Today’s car is a sophisticated gadget, equipped with the best of technologies running using millions of lines of codes of software. The effective use of these technologies involve communication between car to car and car to infrastructure using Dedicated Short Range Communication (DSRC), C-V2X (Cellular Vehicle-to-Everything). It is pertinent that any communication using the internet needs to be digitally secure and that the systems are designed to mitigate the perceived threats. The methods used for ensuring cyber safety of automobiles need to be verified before the end product is put to use. Automotive Industry Standards AIS-189 and AIS-190 have been formulated to provide a harmonized verification framework. Both the vehicle manufacturer and the test agency need to equip themselves with necessary skills and tools to ensure
Nayak, PratikTandon, VikramBadusha, AkbarDesai, ManojSathianesan, Rejin
Securing the Future of Electric Vehicle Charging: Identifying and Mitigating Cybersecurity Vulnerabilities2026-26-0614To be published on 01/16/2026
This paper examines the key security vulnerabilities present in modern EV charging infrastructure, with a focus on the potential threats to payment systems, communication protocols, physical security, and data privacy. In particular, it looks at the vulnerabilities associated with unencrypted communication, the risks of unauthorized access to charging stations, and the potential for denial-of-service (DoS) attacks. As the global adoption of electric vehicles (EVs) accelerates, the importance of a secure and reliable EV charging infrastructure becomes paramount. However, the expansion of charging stations and the growing integration of smart technologies introduce significant cybersecurity risks that must be addressed to ensure the safety, privacy, and reliability of the network. In addition to discussing emerging risks in relation to new technologies, such as Vehicle-to-Grid (V2G) systems, and outlining the necessity of industry-wide collaboration and the development of standardized
Aggarwal, AkshitGupta, SaurabhSirohi, KapilArisetty, VenkateshChatterjee, Avik
Cybersecurity threats for connected passenger EV Buses of state transport units in India.2026-26-0610To be published on 01/16/2026
There are several chances to enhance fleet management, passenger safety, and operational efficiency by integrating connected technology into electric passenger buses, especially in Indian state transport agencies. But this connectivity also brings with it a fresh set of cybersecurity threats that might jeopardize these cars' dependability and security. With an emphasis on India's state-run bus fleets, this study examines the cybersecurity risks unique to connected electric vehicles (EVs) utilized for public transportation. Vehicle-to-vehicle (V2V), vehicle-to-infrastructure (V2I), and fleet management communication systems are examined for key vulnerabilities. Potential attack vectors are highlighted, including data interception, GPS spoofing, unauthorized access, and cyberattacks on charging stations. We also look at how these cybersecurity threats affect public safety, operational disruptions, and passenger privacy. This paper also assesses the difficulties Indian state transport
Mokhare, Devendra Ashok
Real-time Intrusion Detection System (IDS) for Vehicle Networks Using Machine Learning for Predictive Threat Analysis2026-26-0617To be published on 01/16/2026
The rapid adoption of connected vehicle technologies and advanced driver assistance systems (ADAS) necessitates robust security mechanisms capable of identifying and mitigating sophisticated cyber threats in real-time. Traditional signature-based intrusion detection systems (IDS) are often inadequate in addressing the dynamic and evolving nature of automotive cybersecurity threats, particularly in modern vehicle networks like Controller Area Network (CAN), CAN with Flexible Data-Rate (CAN-FD), and Automotive Ethernet. This research introduces a novel Real-time Intrusion Detection System utilizing advanced Machine Learning (ML) techniques designed specifically for automotive network environments. The proposed IDS framework employs supervised and unsupervised ML algorithms, including anomaly detection, behavioral analytics, and predictive threat modeling, to achieve high accuracy and rapid threat identification capabilities. Through extensive testing in simulated and actual vehicle
chaudhary lng, VikashDesai, ManojChatterjee, Avik
Automotive Cybersecurity Incident Response (CSIR) Framework and Its Integration into OEM Processes2026-26-0613To be published on 01/16/2026
The exponential growth of connected and autonomous vehicles has significantly escalated cybersecurity threats, compelling automotive Original Equipment Manufacturers (OEMs) to adopt robust and structured Cybersecurity Incident Response (CSIR) capabilities. Current automotive cybersecurity regulations, such as AIS 189 in India and UNECE WP.29 globally, mandate precise frameworks for proactive threat detection, timely response, and comprehensive incident documentation. This research presents an innovative, comprehensive CSIR framework specifically tailored to integrate seamlessly into OEM cybersecurity management processes. Leveraging a combination of real-time monitoring systems, structured threat categorization methodologies, and integrated escalation and communication protocols, the proposed CSIR framework ensures efficient incident handling aligned with stringent regulatory compliance. The framework encompasses advanced methodologies including Vehicle Security Operations Center (VSOC
chaudhary lng, VIKASHDesai, ManojChatterjee, AvikChatterjee lng, Avik
Implementation of Automotive Cybersecurity Assurance Level2026-26-0624To be published on 01/16/2026
This paper explores the implementation of ISO-21434 Automotive Cybersecurity Assurance Levels (CAL), focusing on enhancing component level cybersecurity for a vehicle. CAL values, which range from 1 to 4, provide a metric for ensuring that assets are protected against relevant threats at various phases of the Software Development Life Cycle (SDLC). By identifying potential attack vectors and their severity early in the SDLC, specifically during the Concept phase of ISO 21434, organizations can determine the CAL values. The CAL value serves as a benchmark to determine the level of severity required during the design, development, and verification phases of the SDLC. This paper outlines a method to establish CAL values as per ISO-21434 guidelines. The proposed methodology includes a detailed analysis of threat modeling, which is crucial for identifying and mitigating potential cybersecurity risks. By conducting threat modeling, organizations can systematically assess vulnerabilities and
Ghosh, SubhamKhader Batcha, Jashic
Navigating the Field of Automotive Cybersecurity Relevant Regulations2026-26-0623To be published on 01/16/2026
In recent years many automotive cybersecurity relevant regulations have been released and some have already started to come into effect. Moreover, some other regulations will come into effect in the next few years. These regulations provide requirements and guidance to automotive organizations with different degree of specifics. In this paper, we review a number of different cybersecurity relevant regulations such as UNR 155, UNR 156, AIS 189, AIS 190, GB 44495, GB 44496, EU Cyber Resilience Act, 15 CFR Part 791. We break down and categorize these regulations based on their scope and highlight key areas relevant to different teams within the organizations. These key areas include cybersecurity management system (CSMS), software update management system (SUMS), secure software development and software supply chain security, continuous cybersecurity activities (monitoring, incident response), and vulnerability disclosure and management. We then map responsibilities from the regulations
Oka, Dennis KengoVadamalu, Raja Sangili
Post-EOL Cybersecurity Validation for Automotive Production ECUs2026-26-0608To be published on 01/16/2026
ISO/SAE 21434 emphasizes comprehensive cybersecurity risk management throughout the automotive lifecycle. However, specific guidance on validating cybersecurity measures at the production level remains limited. This paper addresses the gap in production-stage validation, particularly after End-of-Line (EOL) flashing, which includes configurations of security hardware and software protection (e.g., UCB confirmation, JTAG, and P-flash password settings). Problem articulation: Current automotive cybersecurity validation methods, despite adherence to ISO/SAE 21434, lack specific procedures for the production stage. The existing system-level validation using the ASPICE V-model (e.g., SWE.6, SYS.5) does not ensure the integrity and functionality of cybersecurity features in the final manufactured unit post-EOL flashing. This gap poses a risk of vulnerabilities being introduced during the EOL process, compromising critical security measures. Proposed solution: To mitigate the cybersecurity
Chakraborty, SuchetaKulanthaisamy, NagarajanSankar, Ganesh
Considerations for Vulnerability Management in the Automotive Industry2026-26-0626To be published on 01/16/2026
With the emergence of Software-Defined Vehicles (SDVs), more complex software and connectivity technologies are introduced to support new advanced use cases. These use cases include, e.g., phone as a key, smart parking, summon vehicle, remote diagnostics and vehicle management. However, complex software functionality and external connectivity also increase the attack surface of vehicles and its ecosystem. As such we have seen various cybersecurity attacks targeting vehicles and OEM backends in the past few years. In this paper, we first perform a classification of recent automotive cybersecurity attacks. We further perform an analysis of these attacks and associated vulnerabilities considering the application of best practices of vulnerability management approaches including Common Vulnerability Scoring System (CVSS), Exploit Prediction Scoring System (EPSS), and Stakeholder-Specific Vulnerability Categorization (SSVC). CVSS is a standardized framework used to assign severity scores to
Oka, Dennis KengoVadamalu, Raja Sangili
Security monitoring for High Performance Vehicle Computers2026-26-0627To be published on 01/16/2026
With the increasing connectivity of modern vehicles, cybersecurity threats have become a critical concern. Intrusion Detection Systems (IDS) play a vital role in securing in-vehicle networks and embedded vehicle computers from malicious attacks. This presentation shares about an IDS framework designed specifically for POSIX-based operating systems used in vehicle computers, leveraging system-level monitoring, anomaly detection, and signature-based methods to identify potential security breaches. The proposed IDS integrates lightweight behavioral analysis to ensure minimal computational overhead while effectively detecting unauthorized access, privilege escalation, communication interface monitoring etc. By employing a combination of rules and systems datapoints, the system enhances threat detection accuracy without compromising real-time performance. Practical series deployments demonstrate the effectiveness of this approach in mitigating cyber threats in automotive environments
Shukla, SiddharthChatterjee lng, Avik
Cybersecurity in Automotive OTA Update Systems and Software Store2026-26-0621To be published on 01/16/2026
Automotive Over-the-Air (OTA) software updating has become a cornerstone of the modern connected vehicle, enabling manufacturers to remotely deploy bug fixes, security patches, and new features. However, this convenience comes with significant cybersecurity challenges. This paper provides a detailed examination of automotive OTA update security and the associated software store (software Applications & services store) mechanisms. I discuss the current industry standards and regulations - notably ISO/SAE 21434 and the United Nations Economic Commission for Europe (UNECE) regulations UN R155 (cybersecurity) and UN R156 (software updates) - and explain their relevance to secure OTA and software update management. I then explore the Uptane framework, an open and widely-adopted architecture specifically designed to secure automotive OTA updates. Next, OTA-specific threat models are analyzed, detailing potential attack vectors (such as malicious update injection, man-in-the-middle attacks
Kurumbudel, Prashanth Ram
Automotive Cybersecurity: Safeguarding Connected and Autonomous Mobility2026-26-0629To be published on 01/16/2026
As vehicles transform into complex cyber-physical systems within Intelligent Transportation Systems (ITS), automotive cybersecurity has become a foundational pillar in securing safe, reliable, and trustworthy transportation. This paper examines cybersecurity challenges in connected and autonomous vehicles (CAVs), focusing on Vehicle-to-Everything (V2X) communications technologies, including Vehicle-to-Vehicle (V2V), Vehicle-to-Infrastructure (V2I), and Vehicle-to-Pedestrian (V2P) and critical systems like electronic control units (ECUs), battery management units (BMUs), and sensor fusion modules. Key vulnerabilities, such as remote hacking, denial-of-service (DoS) attacks, malware injection, and data breaches, threaten vehicle functionality, passenger safety, and privacy. Key protection mechanisms, including encryption, intrusion detection systems (IDS), cryptographic protocols, secure over-the-air (OTA) updates, and Advanced Artificial Intelligence (AI) and Machine Learning (ML
Kumar, OmKumar, RajivSankar M, GopiHaregaonkar, Rushikesh Sambhaji
A Dynamic Cybersecurity Benchmarking Framework for Automotive Cyber-Physical Systems2026-26-0612To be published on 01/16/2026
As the automotive industry accelerates towards greater connectivity and automation, ensuring robust cybersecurity has become a critical priority, especially in emerging markets like India. This paper introduces a comprehensive framework designed to assess and enhance the cybersecurity of production-ready vehicles, with a particular focus on addressing the unique challenges posed by both domestic and international markets. The proposed system combines advanced threat modeling, vulnerability assessment, and dynamic evaluation techniques to continuously monitor and quantify a vehicle’s cybersecurity posture throughout its lifecycle. In the Indian context, where the automotive market is rapidly evolving and the adoption of connected and automated vehicles is on the rise, the need for tailored cybersecurity measures is particularly pressing. By evaluating the impact of cyber threats on safety, data privacy, financial risks, and vehicle functionality, the system generates a detailed
Shah, RavindraAwasthi, Vibhu VaibhavKarle, Ujjwala
GTSRB-Shield: A Novel Machine Learning Framework for Intrusion Detection in Autonomous Vehicles Leveraging the German Traffic Sign Recognition Benchmark2026-26-0611To be published on 01/16/2026
The escalating dependence of Autonomous Vehicles on Intelligent Transportation Systems (ITS) has highlighted the imperative for comprehensive security protocols to safeguard such vehicles against cyber threats. Intrusion Detection Systems (IDS’s) are pivotal in ensuring the protection of these systems by detecting and alleviating unauthorized access and nefarious activities. The German Traffic Sign Recognition Benchmark (GTSRB) database, which encompasses an extensive compilation of traffic sign imagery, functions as a vital asset for the advancement of machine learning-based IDS. This research elucidates an intrusion detection system (IDS) that employs machine learning algorithms to scrutinize the GTSRB database. The proposed IDS emphasize the preprocessing of the GTSRB dataset to extricate pertinent features that can be employed for the training of machine learning models. Research also focuses on model development with machine learning algorithms to classify traffic signs and
Patil, KamaleshAkbar Badusha, A.Jadhav, SavitriGunale, Kishanprasad
A Quality-Driven Approach to Engineering Sign-Off for Software and Robust Product Development2026-26-0581To be published on 01/16/2026
This abstract outline a paper detailing the development and implementation of a comprehensive framework designed to enhance the quality and governance of the product development process in the automotive industry. As the sector undergoes significant transformation—driven by electrification, autonomous systems, and increasing regulatory and customer expectations—the need for structured development approach and robust oversight has become critical to success. The paper introduces a newly developed framework for Final Data Judgment (FDJ) and Engineering Sign-Off (ESO), representing a next-generation strategy to defect free design, robust engineering quality management and product maturity assurance. This methodology emphasizes customer-centric deliverables, risk-based assessments, and technical rigor to minimize post-SOP issues and ensure alignment with end-user expectations. The approach prioritizes end-user impact by embedding rigorous quality checkpoints that align engineering outputs
Digikar, AshishPATHAK, ISHAKothari, Bhushan
MOSAIC-TARA: A Comprehensive TARA Methodology for Automotive Cybersecurity2026-26-0609To be published on 01/16/2026
Threat Analysis and Risk Assessment (TARA) is a continuous activity, acting as a foundation of cybersecurity analysis for electrical and electronics automotive products. Existing TARA methodologies in the automotive domain exhibits challenges due to redundant and manual processes, particularly in handling recurring common assets across Electronic Control Units (ECUs) and functional domains. Two primary approaches observed for performing TARA are Manual-Asset-Centric TARA and Catalogue-Driven TARA. Manual-Asset Centric TARA is constructed from scratch by manually identifying the assets, calculating risks by likelihood, and impact determination. Catalogue-Driven TARA utilizes the precompiled likelihood and impact against identified assets. Both approaches lack standardized and modular mechanisms for abstraction and reuse. This results in poor scalability, increased efforts, and difficulty in maintaining consistency across vehicle platforms. The proposed method in this research overcomes
Goyal, YogendraSinha, SwatiSutar, SwapnilJaisingh, Sanjay
Proactive AI-Enhanced Cybersecurity for Next-Gen Automotive Infotainment ECU2026-26-0619To be published on 01/16/2026
Abstract With the rapid advancement of connected vehicle technologies, infotainment Electronic Control Units (ECUs) have become central to user interaction and connectivity within modern vehicles. However, this enhanced functionality has introduced new vulnerabilities to cyberattacks. This paper explores the application of Artificial Intelligence (AI) in enhancing the cybersecurity framework of infotainment ECUs. The study introduces AI-powered modules for threat detection and response, presents an integrated architecture, and validates performance through simulation using MATLAB, CANoe, and NS-3. This approach addresses real-time intrusion detection, anomaly analysis, and voice command security. Key benefits include zero-day exploit resistance, scalability, and continuous protection via OTA updates. The paper references real-world automotive cyberattack cases such as Tesla's OTA vulnerability patches, BMW ConnectedDrive exploits, and Jeep Cherokee's Uconnect hack, emphasizing the
More, ShwetaKulkarni, ShraddhaKumar, PriyanshuGHANWAT, HEMANTJoshi, Vivek
Software-Defined Vehicles: Architecting the Future of Intelligent and Connected Mobility2026-26-0691To be published on 01/16/2026
The rise of Software-Defined Vehicles (SDVs) marks a fundamental shift in automotive design, where software, rather than hardware, defines vehicle capabilities. This review explores the SDV paradigm within Intelligent Transportation Systems (ITS), emphasizing centralized computing, over-the-air (OTA) updates, and service-oriented architectures (SOA). Key enablers such as high-performance computing units, middleware platforms (e.g., AUTOSAR Adaptive), and digital twins support scalable, flexible software deployment and real-time functionality. Artificial Intelligence (AI) and Machine Learning (ML) enhance features like predictive maintenance, driver personalization, and autonomous decision-making. However, SDVs also introduce complex challenges, including software validation, real-time performance, and system interoperability. Cybersecurity becomes critical, especially as vehicles interface with cloud platforms, edge computing, and Vehicle-to-Everything (V2X) networks. The paper also
Ahmad, AqueelHemanth, KhimavathKumar, OmKumar, RajivHaregaonkar, Rushikesh Sambhaji
Resilient Design Strategies for Wireless Charger ECUs: A Proactive Threat Analysis and Risk Assessment Framework for Ensuring Cybersecurity in EV Charging Ecosystems2026-26-0173To be published on 01/16/2026
The goal of Automotive cybersecurity is safety, reliability, confidentiality and authenticity. As the automotive industry grows smarter, so too do the cybersecurity protocols used to protect vehicles from malicious actors. Automotive cybersecurity secures communication networks, electronic systems, software and data collected by the new wave of intelligent cars The paper describes the cyber security threats its analysis ion wireless charging
Uthaman, SreekumarMulay, Abhijit BGadekar, Pundlik
Feasibility and Performance of Post-Quantum Cryptography on Embedded Systems for Two-Wheeler Security2026-26-0622To be published on 01/16/2026
The proliferation of connectivity features (V2X, OTA updates, diagnostics) in modern two-wheelers significantly expands the attack surface, demanding robust security measures. However, the anticipated arrival of quantum computers threatens to break widely deployed public-key cryptography (RSA, ECC), rendering current security protocols obsolete. This paper addresses the critical need for quantum-resistant security in the automotive domain, specifically focusing on the unique challenges of two-wheeler embedded systems. This work presents an original analytical and experimental evaluation of implementing selected Post-Quantum Cryptography (PQC) algorithms, primarily focusing on NIST PQC standardization candidates (e.g., lattice-based KEMs/signatures like Kyber/Dilithium), on microcontroller platforms representative of those used in two-wheeler Electronic Control Units (ECUs) – typically ARM Cortex-M series devices characterized by limited computational power, memory (RAM/ROM), and strict
Mishra, Abhigyan
Enhancing Engine Reliability Testing with IoT, AI and ML: Real-Time ML-based Limit Monitoring and Predictive Maintenance with IoT sensor2026-26-0647To be published on 01/16/2026
The integration of Internet of Things (IoT), Artificial Intelligence (AI), and Machine Learning (ML) has transformed various industries, offering substantial benefits. The application of these technologies in engine reliability testing has immense potential as they offer real-time monitoring and analysis of engine performance parameters. Engine reliability testing is vital for ensuring the safety, efficiency, and longevity of engines. Traditional methods are time consuming, expensive, and rely heavily on manual inspection and data analysis. This paper shows how IoT, AI and ML technologies can greatly enhance the efficiency of engine reliability testing. The paper includes the following case studies: 1. ML-based Limit Monitoring for test data: With the help of machine learning models, we monitor the Engine health by comparing predicted and measured values during real-time testing. Intelligent algorithms predict and compare values, detect anomalies, and identify root causes in real-time
Yadav, Sanjay Kumarkumar, prabhakarR, DineshJoon, SushantRai, AyushTripathi, Vinay Mani
Research on Ship Network Security Situation Awareness and Defense Mechanism Based on Improved Spatiotemporal Attention and Deep Reinforcement Learning2025-99-012611/11/2025
With the development of ship intelligence, network security threats are increasing day by day. This paper proposes a ship network security situation awareness algorithm based on an improved spatiotemporal attention mechanism, and constructs a supporting defense mechanism. The algorithm accurately captures changes in network security situation through dynamic weight allocation and multi-scale feature extraction. In the experimental simulation, OMNeT++ is combined with SUMO to build a ship network simulation environment, and Maritime - CPS - Dataset and other data sets are used for testing. The algorithm in this paper is compared with ARIMA, LSTM, GRU and other algorithms. The results show that in terms of situation awareness accuracy, the algorithm in this paper reaches 95.6%, which is 27.8% higher than ARIMA, 12.3% higher than LSTM, and 10.1% higher than GRU respectively; the average response time of the defense mechanism is shortened to 2.3 seconds, which is 40% faster than the
Kong, ZeyuZhou, BofeiWan, Shiyao
AI-Empowered Lightweight In-Vehicle Network Security Mechanisms: From Cryptographic Algorithms to Collaborative Defense Architectures2025-99-013211/11/2025
With the rapid development of Internet of Vehicles (IoV) and cyber-physical systems (CPS), connected autonomous vehicles (CAVs) have also developed rapidly. However, at the same time, in-vehicle networks also face more security challenges, mainly in terms of resource constraints, dynamic attacks, protocol heterogeneity, and high real-time requirements. Firstly, the trade-offs between lightweight encryption primitives and their software and hardware collaborative design in terms of performance, resource overhead, and security strength are analyzed. Secondly, the resource efficiency of AI-based intrusion detection system (IDS) is evaluated at the edge. Finally, we propose a dynamic adaptive collaborative defense framework (DACDF), which integrates federated learning with dynamic weight distillation, blockchain authentication with lightweight verifiable delay function (Light-VDF) and cross-domain IDS with hierarchical attention feature fusion to deal with collaborative attacks in resource
Zhou, YouZhang, JiguiDing, KaniYang, Guozhi
Cybersecurity: Applying Threat Modeling to Sensor-Control Architectures in Autonomous Off-Highway Vehicles2025-28-031611/06/2025
The rapid evolution of autonomy in Off-Highway Vehicles (OHVs)—spanning agriculture, mining, and construction—demands robust cybersecurity strategies. Sensor-control systems, the cognitive core of autonomous OHVs, operate in harsh, connectivity-limited environments. This paper presents a structured approach to applying threat modeling to these architectures, ensuring secure-by-design systems that uphold safety, resilience, and operational integrity.
Kotal, Amit
The Digital Backbone of Manufacturing: A Framework for Network Protocol Selection2025-28-024511/06/2025
Manufacturers need pragmatic guidance when choosing network protocols that must balance responsiveness, high data throughput, and long-term maintainability. This paper presents a step-by-step, criteria-driven framework that scores protocols on six practical dimensions, real-time behavior, bandwidth, interoperability, security, IIoT readiness, and legacy support and demonstrates the approach on both greenfield and brownfield scenarios. By combining vendor specifications, peer-reviewed studies, and field experience, the framework delivers transparent, weighted rankings designed to help engineers make defensible deployment choices. This paper explores how network protocols can be mapped to different layers of the automation pyramid, ranging from field-level communication to enterprise-level. For example, Profinet is shown to be highly effective for time-critical applications such as robotic assembly and motion control due to its deterministic, real-time ethernet capabilities. Meanwhile
Tarapure, Prasad
Spatial-temporal Information Organization Model with All Elements in Whole Domain for Shuozhou-Huanghua Railway2025-99-007910/17/2025
In view of the complexity of railway engineering structure, the systematicness of professional collaboration and the high reliability of operation safety, this paper studied the spatial-temporal information data organization model with all elements in whole domain for Shuozhou-Huanghua Railway from the aspect of Shuozhou-Huanghua Railway spatial-temporal information security. Taking the unique spatial-temporal benchmark as the main line, the paper associated different spatial-temporal information to form an efficient organization model of Shuozhou-Huanghua Railway spatial-temporal information with all elements in the whole domain, so as to implement the effective organization of massive spatial-temporal information in various specialties and fields of Shuozhou-Huanghua Railway; By using GIS (Geographic Information System) visualization technology, spatial analysis technology and big data real-time dynamic rendering technology, it was realized the real-time dynamic visualization display
Liu, KunYu, HongshengZhu, PanfengLiu, WenbinWang, Yaoyao
Reducing Powertrain Software Release Cycles from Months to Days: Streamlined Compliance and Rapid Deployment2025-01-037910/07/2025
The automotive industry's rapid shift towards electric and connected vehicles intensifies the demand for robust solutions addressing software integrity, cybersecurity, and stringent regulatory compliance, particularly concerning powertrain components and related control units. This paper addresses the significant challenge faced by automotive companies in efficiently managing and deploying an exponentially increasing number of software and hardware variants under the rigorous requirements of UNECE Regulation No. 156. This regulation mandates secure, traceable, and systematic software update processes for new vehicles and their components [1]. The proposed solution demonstrates a transformative approach that significantly reduces the software release cycle for Over-The-Air (OTA) updates which usually take 6 to 8 months to emerge [2]. By leveraging advanced techniques in automated compliance tracking, efficient parameter management, and centralized documentation, this approach bridges
Sammer, GeraldSchuch, NikolasKammerhofer, Markus
High Performance Enclosure Systems for Aerospace and Defense Applications: Preparing for What's Next25AERP10_0210/01/2025
As mission-critical systems demand more processing power, real-time data movement, and multi-domain interoperability, rugged embedded systems are being transformed. Today's military and aerospace applications increasingly demand the merging of AI computing, enhanced sensor interfaces, and cybersecurity - all under harsh environmental conditions. At the heart of this evolution is the 3U OpenVPX form factor, a modular, compact, and ruggedized hardware standard and increasingly the SOSA aligned subset of the architecture. However, next-generation systems need to go further: supporting higher bandwidth, better thermal efficiency, improved security, while maintaining multi-vendor interoperability and long-term sustainability. We'll discuss some of today's enclosure solutions as well as emerging technologies.
Infoscraps: Enforcing Information Security by Mechanism2025-01-049509/16/2025
Several information security problems currently require the vigilance of the defender to prevent exploitation or misclassification of information, specifically code injection vulnerabilities and enforcement of Security Classification Guides. This paper discusses a potential solution that can enforce some of these rules by computer mechanism, reducing the potential for security problems. The solution is to replace using simple text strings with data structures containing both a string and a key-value data store. This metadata allows the computer to apply automated rules to enforce data sanitization and classification.
Czerniak, Gregory P.
Post Quantum Cryptography on Intravehicular Networks2025-01-045109/16/2025
This research evaluated the practicality of implementing Post-Quantum Cryptography (PQC) algorithms onboard resource-constrained computing devices, especially those found in automotive platforms. While computational efficiency within PQC is high, memory size and bandwidth constraints become relevant upon consideration of end-to-end implementation. The Controller Area Network (CAN) protocol utilizes only eight (8) bytes of data payload per message, requiring the large keys of PQC algorithms to be split into several messages. Power efficient 32-bit ARM microcontrollers were used for testing. Comparison was made between software implementations of both PQC and modern algorithms to evaluate relative computational cost. Ultimately, this research determined that the communication overhead required by PQC algorithms such as CRYSTALS-Kyber, CRYSTALS-Dilithium, and Falcon is not so egregious as to preclude them from implementation on board vehicular networks.
Smith, SethOwens, KyleKozan, Katherine
A Novel Orchestration Framework for Zero Trust Unmanned Vehicular Networks in ROS 22025-01-043409/16/2025
As unmanned vehicular networks become more prevalent in civilian and defense applications, the need for robust security solutions grows in parallel. While ROS 2 offers a flexible platform for robotic operations, its security model lacks the adaptability required for dynamic trust management and proactive threat mitigation. To address these shortcomings, we propose a novel framework that integrates containerized ROS 2 nodes with Kubernetes-based orchestration, a dynamic trust management subsystem, and integrability with simulators for real-time and protocol-flexible network simulation. By embedding trust management directly within each ROS 2 container and leveraging Kubernetes, we overcome ROS 2’s security limitations by enabling real-time monitoring and machine learning-driven anomaly detection (via an autoencoder trained on custom data), facilitating the isolation or removal of suspicious nodes. Additionally, Kubernetes policies allow seamless scaling and enforcement of trust-based
Tinker, NoahBoone, JuliaWang, Kuang-Ching
Advancing Automotive Software Supply Chain Security: A Blockchain-Reproducible Build Approach2025-01-045609/16/2025
The automotive industry’s systems and over-the-air (OTA) updates have vulnerabilities in its software supply chain (SSC). Although frameworks like Uptane have improved OTA security, gaps remain in ensuring software integrity and provenance. In this paper, we examine challenges securing the automotive SSC and introduce a framework, GUIXCHAIN, that integrates version control, reproducible builds, blockchain technology, and software bills of materials (SBoMs) for transparency, auditability, and resilience. Reproducible builds guarantee identical resulting binaries when compiling the same source code in different environments, as any deviation in the final output indicates a potential compromise in the build process, such as malware injection. Our preliminary study shows Guixchain’s use of reproducible builds ensures consistent and integrity-secured software across various build environments. The blockchain provides forensic capabilities, offering a history of the what, who and where of
Aideyan, IwinosaPesé, Mert D.Brooks, Richard
IMPLI-FI: A Secure Wireless Communications Technology for Contested Logistics2025-01-049209/16/2025
Data security remains an issue of the utmost concern in contested environments. Mechanisms such as data encryption, beam-forming antennas, and frequency-hopping radio have emerged to mitigate some of the concerns in radio-frequency (RF) communications, but they do not remove all risk. Consequently, there is still a consistent appetite for alternative solutions. This paper presents a case for the use of the free-space optical (FSO) communications technology ImpLi-Fi as one such alternative. FSO communication is promising because of the ease with which the signal beam may be steered and limited, making detection and interception more difficult than with RF, and ImpLi-Fi in particular is desirable for its exceptional outdoor performance and ease of integration into existing light sources. The paper briefly illustrates the origins of the contested logistics (CL) problem and CL use cases for secure communication channels, before describing the ImpLi-Fi technology in some detail; exploring
Brzozowski, AaronReimann, JethroLakshmanan, SridharMarrero, Pedro “Pete”Moyer, Benjamin D.
Hardware Protected Security Environment - GlobalPlatform Technologies Information ReportJ3101-5_202509 (Current)09/12/2025
The scope of the analysis is on the GlobalPlatform Secure Element (SE) and Trusted Execution Environment (TEE) standard specifications correspondence to SAE J3101 recommended practices. This analysis includes focuses on the platform specifications but not the scope of any future security application/applets. Both of these GlobalPlatform specifications have associated protection profiles to validate compliance, although GlobalPlatform does not currently have any specific SAE J3101 protection profiles. GlobalPlatform has communicated that it is assessing whether or not to develop application-level protection profiles to more explicitly cover the remaining requirements of SAE J3101 in order to allow for standardized testing and certification of complete solutions.
Vehicle Electrical System Security Committee
800P3-2 Cabin Connectors and Cables, Part 3, Specification of CablesARINC800P3-2 (Current)07/07/2025
This specification describes the general cable and wire characteristics recommended for use in cabin systems for commercial aircraft. Supplement 1 adds new definitions of 26 AWG 2-pair (Quad), 4-pair (Oct) data cables, and copper-fiber optic hybrid composite cables. Supplement 2 includes definitions of shielded twisted pair ethernet over single pair for data rates up to 1000Base-T1.
Airlines Electronic Engineering Committee
Assessment of Cooperative Navigation Algorithms for CAVs in Threat Scenarios12-09-01-000706/14/2025
This article introduces a comprehensive cooperative navigation algorithm to improve vehicular system safety and efficiency. The algorithm employs surrogate optimization to prevent collisions with cooperative cruise control and lane-keeping functionalities. These strategies address real-world traffic challenges. The dynamic model supports precise prediction and optimization within the MPC framework, enabling effective real-time decision-making for collision avoidance. The critical component of the algorithm incorporates multiple parameters such as relative vehicle positions, velocities, and safety margins to ensure optimal and safe navigation. In the cybersecurity evaluation, the four scenarios explore the system’s response to different types of cyberattacks, including data manipulation, signal interference, and spoofing. These scenarios test the algorithm’s ability to detect and mitigate the effects of malicious disruptions. Evaluate how well the system can maintain stability and avoid
Khan, Rahan RasheedHanif, AtharAhmed, Qadeer
Edge Artificial Intelligence in Connected, Cooperative and Automated MobilityEPR202500905/20/2025
With many stakeholders involved, and major investments supporting it, the advancements in automated driving (AD) are undoubtedly there. Generally speaking, the motivation for advancing AD is driver convenience and road safety. Regarding the development of AD, original equipment manufacturers, technology start-ups, and AD systems developers have taken different approaches for automated vehicles (AVs). Some manufacturers are on the path toward stand-alone vehicles, mostly relying on onboard sensors and intelligence. On the other hand, the connected, cooperative, and automated mobility (CCAM) approach relies on additional communication and information exchange to ensure safe and secure operation. CCAM holds great potential to improve traffic management, road safety, equity, and convenience. In both approaches, there are increasingly large amounts of data generated and used for AD functions in perception, situational awareness, path prediction, and decision-making. The use of artificial
Van Schijndel-de Nooij, MargrietBeiker, Sven
Cybersecurity Testing, Verification, and Validation MethodsJ3322_202505 (Current)05/03/2025
This document specifically pertains to cybersecurity for vehicles. It has been developed by SAE International (SAE) Committee Technical Committee on Vehicle Electrical and Electronic Systems, “Cybersecurity Testing Task Force,” a subcommittee of SAE Committee, “Vehicle Cybersecurity Systems Engineering Committee.” This committee is authorized under the scope and authority of the SAE Electronic Design Automation Steering Committee, which is organized under the scope and authority of the SAE Electrical Systems Committee (also known as the Electrical Systems Group), which is directly under the scope and authority of the SAE Motor Vehicle Council. The SAE Motor Vehicle Council’s stated scope of influence and authority, as defined by SAE, includes, “passenger car and light truck.” By definition, this excludes motorcycles, certain trailers, heavy trucks, buses, snowmobiles, watercraft, marine vessels, off-road, multi-purpose vehicles, certain other specialty vehicles, and aircraft.
Vehicle Cybersecurity Systems Engineering Committee
MBSE Framework for Developing Data-Driven Passenger Services in Aircraft Cabins2025-01-017105/02/2025
The aircraft cabin plays a crucial role in airline differentiation strategies, particularly when introducing novel, data-driven services. These services aim to enhance the passenger experience during the flight and to improve cabin crew efficiency in order to reduce workload and ensure continued growth of airline revenue. Digitalization and extensive exchange of information across the entire aircraft transport system have emerged as key enablers for these services. The development of aircraft and aircraft systems that realize these services is characterized by a multi-level development process. Various development levels are considered to initially identify the functions of an aircraft in the air transport system, refine its systems and break them down into their components until a level of detail is reached that allows the implementation of the component functions. In addition to the high complexity, a major challenge in this development is to ensure traceability and consistency
Blecken, MarvinHintze, HartmutGiertzsch, FabianGod, Ralf
Enhancing Airworthiness Security: SysML-Based Approach to Modelling Security Scope Definitions2025-01-017205/02/2025
Airworthiness certification of aircraft requires an Airworthiness Security Process (AWSP) to ensure safe operation under potential unauthorized interactions, particularly in the context of growing cyber threats. Regulatory authorities mandate the consideration of Intentional Unauthorized Electronic Interactions (IUEI) in the development of aircraft, airborne software, and equipment. As the industry increasingly adopts Model-Based Systems Engineering (MBSE) to accelerate development, we aim to enhance this effort by focusing on security scope definitions – a critical step within the AWSP for security risk assessment that establishes the boundaries and extent of security measures. However, our findings indicate that, despite the increasing use of model-based tools in development, these security scope definitions often remain either document-based or, when modeled, are presented at overly abstract levels, both of which limit their utility. Furthermore, we found that these definitions
Hechelmann, AdrianMannchen, Thomas
Assignment Criteria for Function Allocation to Commercial Aviation System Security Domains2025-01-015605/02/2025
Aircraft cabin management is characterized by operational and business processes. Both are defined as a logical sequence of activities that occur during the flight. While the operational process includes activities to ensure flight safety, such as take-off, cruise and landing, the business process activities are related to adding value to the customer, i.e. the passenger. They are to be certified by the authority as a part of the aircraft type certification. These processes are defined by the airline and are described as part of the airline’s business model. While the scope of operational processes for passenger safety within the aircraft cabin should remain as unchanged as possible, the increasing competitive pressure on airlines is leading to a constantly rising number of services in the cabin. To prevent compromising cabin safety from increased cabin crew workload during the cruise phase, there is a growing trend toward digitizing operational and business processes. The digitized
Hintze, HartmutBlecken, MarvinGod, RalfPereira, Daniel
Legal Issues and Policy: Vol. 3EPRCOMPV05202404/30/2025
Abdul Hamid, Umar ZakirEastman, Brittany
Safety, ADAS, and Cybersecurity: Vol. 3EPRCOMPV06202404/30/2025
Ahmed, QadeerRenganathan, VishnuO'Neil, AnneKemper, Bart
ZT4SDV Dynamic Trust for SW Defined Vehicles*2025-01-808404/01/2025
Today’s vehicle architectures build trust on a framework that is static, binary and rigid; tomorrow’s software defined vehicle architectures require a trust model that is dynamic, nuanced, and adaptive. The Zero Trust paradigm supports this dynamic need, but current implementations focus on protecting information, not considering the challenges that automobiles face interacting with the physical world. We propose expanding Zero Trust for cyber-physical systems by weighing the potential safety impact of taking action based on information provided against the amount of trust in the message and develop a method to evaluate the effectiveness of this strategy. This strategy offers a potential solution to the problems of implementing real-time responses to active attacks over vehicle lifetime.
Kaster, RobertMa, Di
Detecting Cyber-Security Vulnerabilities in Legacy Safety-Critical Software with Tight Performance Constraints2025-01-808804/01/2025
Security flaws in automotive software have significant consequences. Modern automotive engineers must assess software not only for performance and reliability but also for safety and security. This paper presents a tool to verify software for safety and security. The tool was originally developed for the Department of Defense (DoD) to detect cybersecurity vulnerabilities in legacy safety-critical software with tight performance constraints and a small memory footprint. We show how the tool and techniques developed for verifying legacy safety-critical software can be applied to automotive and embedded software using real-world case studies. We also discuss how this tool can be extended for software comprehension.
Awadhutkar, PayasTamrawi, AhmedSauceda, Jeremias
An Adaptive Risk-Based Access Control with Trusted Execution Environment for Vehicles2025-01-808904/01/2025
The rapid development of intelligent and connected vehicles is transforming them into data-rich information carriers, which generate and store vast amounts of sensitive information. However, the frequent sharing of resources within these vehicles poses substantial risks to user privacy and data security. Should sensitive resources be accessed maliciously, the consequences could be severe, leading to significant threats to the safety, property, and reputation of both drivers and passengers. To address these risks, this paper proposes an adaptive risk-based access control with Trusted Execution Environment (TEE) specifically designed for vehicles, aimed at managing and restricting access permissions based on risk assessments. Firstly, this paper designs an adaptive risk model in accordance with ISO/SAE 21434, taking into account factors such as the security levels of subjects and objects, context, and the risk history of subjects to separately quantify threats and impacts. By adjusting
Luo, FengLi, ZhihaoWang, JiajiaLuo, Cheng
Designing Software for SAE J1939 ECUs to Improve Cybersecurity2025-01-808204/01/2025
SAE J1939 is a CAN-based standard used for connecting various ECUs together within a vehicle. There are also some related protocols sharing many of the features of SAE J1939 across other industries including ISO11783, RVC and NMEA 2000. The standard has enabled the easy integration of electronic devices into a vehicle. However, as with all CAN-based protocols, several vulnerabilities to cyberattacks have been identified and are discussed in this paper. Many are at the CAN-level, whilst others are in common with those protocols from the SAE J1939 family of protocols. This paper reviews the known vulnerabilities that have been identified with the SAE J1939 protocol at CAN and J1939-levels, along with proposed mitigation strategies that can be implemented in software. At the CAN-level, the weaknesses include ways to spoof the network by exploiting parts of the protocol. Denial of Service is also possible at the CAN-level. At the SAE J1939-level, weaknesses include Denial of Service type
Quigley, Christopher
Uncovering Security Flaws in DC Chargers for Electric Vehicles2025-01-811804/01/2025
The added connectivity and transmission of personal and payment information in electric vehicle (EV) charging technology creates larger attack surfaces and incentives for malicious hackers to act. As EV charging stations are a major and direct user interface in the charging infrastructure, ensuring cybersecurity of the personal and private data transmitted to and from chargers is a key component to the overall security. Researchers at Southwest Research Institute® (SwRI®) evaluated the security of direct current fast charging (DCFC) EV supply equipment (EVSE). Identified vulnerabilities included values such as the MAC addresses of both the EV and EVSE, either sent in plaintext or encrypted with a known algorithm. These values allowed for reprogramming of non-volatile memory of power-line communication (PLC) devices as well as the EV’s parameter information block (PIB). Discovering these values allowed the researchers to access the IPv6 layer on the connection between the EV and EVSE
Kozan, Katherine
Items per page:
1 – 50 of 588