3,457 research outputs found
Security Evaluation of Cyber-Physical Systems in Society- Critical Internet of Things
In this paper, we present evaluation of security
awareness of developers and users of cyber-physical systems. Our
study includes interviews, workshops, surveys and one practical
evaluation. We conducted 15 interviews and conducted survey with
55 respondents coming primarily from industry. Furthermore, we
performed practical evaluation of current state of practice for a
society-critical application, a commercial vehicle, and reconfirmed
our findings discussing an attack vector for an off-line societycritical
facility. More work is necessary to increase usage of security
strategies, available methods, processes and standards. The security
information, currently often insufficient, should be provided in the
user manuals of products and services to protect system users. We
confirmed it lately when we conducted an additional survey of
users, with users feeling as left out in their quest for own security
and privacy. Finally, hardware-related security questions begin to
come up on the agenda, with a general increase of interest and
awareness of hardware contribution to the overall cyber-physical
security. At the end of this paper we discuss possible
countermeasures for dealing with threats in infrastructures,
highlighting the role of authorities in this quest
Hardware Security of the Controller Area Network (CAN Bus)
The CAN bus is a multi-master network messaging protocol that is a standard across the vehicular industry to provide intra-vehicular communications. Electronics Control Units within vehicles use this network to exchange critical information to operate the car. With the advent of the internet nearly three decades ago, and an increasingly inter-connected world, it is vital that the security of the CAN bus be addressed and built up to withstand physical and non-physical intrusions with malicious intent. Specifically, this paper looks at the concept of node identifiers and how they allow the strengths of the CAN bus to shine while also increasing the level of security provided at the data-link level
Defending Vehicles Against Cyberthreats: Challenges and a Detection-Based Solution
The lack of concern with security when vehicular network protocols were designed some thirty years ago is about to take its toll as vehicles become more connected and smart. Today as demands for more functionality and connectivity on vehicles continue to grow, a plethora of Electronic Control Units (ECUs) that are able to communicate to external networks are added to the automobile networks. The proliferation of ECU and the increasing autonomy level give drivers more control over their vehicles and make driving easier, but at the same time they expand the attack surface, bringing more vulnerabilities to vehicles that might be exploited by hackers. Possible outcomes of a compromised vehicle range from personal information theft to human life loss, raising the importance of automotive cybersecurity to a whole different level. Therefore, network safety has become a necessary and vital consideration of a vehicle. This project is two-fold: the first half will focus on the background of vehicle cybersecurity, characteristics of vehicular networks that could be leveraged during a hacking process, including ECU, Controller Area Network (CAN bus) and On-Board Diagnostics (OBD). It also discusses and evaluates previous hacking experiments conducted by researchers and their proposed countermeasures. The second half is an evaluation of approaches to design an Intrusion Detection System (IDS). The aim of this project is to find an effective and suitable solution todefend vehicles against various types of cyber threats
- …