An Overview of Automotive Service-Oriented Architectures and Implications for Security Countermeasures

New requirements from the customers\u27 and manufacturers\u27 point of view such as adding new software functions during the product life cycle require a transformed architecture design for future vehicles. The paradigm of signal-oriented communication established for many years will increasingly be replaced by service-oriented approaches in order to increase the update and upgrade capability. In this article, we provide an overview of current protocols and communication patterns for automotive architectures based on the service-oriented architecture (SOA) paradigm and compare them with signal-oriented approaches. Resulting challenges and opportunities of SOAs with respect to information security are outlined and discussed. For this purpose, we explain different security countermeasures and present a state of the section of automotive approaches in the fields of firewalls, Intrusion Detection Systems (IDSs) and Identity and Access Management (IAM). Our final discussion is based on an exemplary hybrid architecture (signal- and service-oriented) and examines the adaptation of existing security measures as well as their specific security features

Empowerment in the Context of Transformational Change: A Study of Acquisitions and Privatizations in Eastern Europe

Dieser Beitrag ist mit Zustimmung des Rechteinhabers aufgrund einer (DFG geförderten) Allianz- bzw. Nationallizenz frei zugänglich.This publication is with permission of the rights owner freely accessible due to an Alliance licence and a national licence (funded by the DFG, German Research Foundation) respectively.This paper examines conditions under which empowerment (decision autonomy, dialogic leadership) is connected with positive and negative effects, respectively, in regard to managing transformational change in Eastern Europe. Acquisitions by foreign investors in Poland and Russia (N = 45 companies) and privatizations through employee buy-out in Romania (N = 5 companies) are contrasted in this study. It is shown that empowerment within these two variants of transformational change is connected in different ways with success indicators of crisis management. From these findings, we deduce practical consequences for empowerment and transformational change, along with suggestions for future research

Coxeter-like complexes

Motivated by the Coxeter complex associated to a Coxeter system (W,S), we introduce a simplicial regular cell complex Δ (G,S) with a G-action associated to any pair (G,S) where G is a group and S is a finite set of generators for G which is minimal with respect to inclusion. We examine the topology of Δ (G,S), and in particular the representations of G on its homology groups. We look closely at the case of the symmetric group S_n minimally generated by (not necessarily adjacent) transpositions, and their type-selected subcomplexes. These include not only the Coxeter complexes of type A, but also the well-studied chessboard complexes

iObserve: Integrated Observation and Modeling Techniques to Support Adaptation and Evolution of Software Systems

The goal of iObserve is to develop methods and tools to support evolution and adaptation of long-lived software systems. Future long-living software systems will be engineered using third-party software services and infrastructures. Key challenges for such systems will be caused by dynamic changes of deployment options on cloud platforms. Third-party services and infrastructures are neither owned nor controlled by the users and developers of service-based systems. System users and developers are thus only able to observe third-party services and infrastructures via their interface, but are not able to look into the software and infrastructure that provides those services. In this technical report, we summarize our results of four activities to realize a complete tooling around Kieker, Palladio, and MAMBA, supporting performance and cost prediction, and the evaluation of data privacy in context of geo-locations. Furthermore, the report illustrates our efforts to extend Palladio

CAN Radar: Sensing Physical Devices in CAN Networks based on Time Domain Reflectometry

The presence of security vulnerabilities in automotive networks has already been shown by various publications in recent years. Due to the specification of the Controller Area Network (CAN) as a broadcast medium without security mechanisms, attackers are able to read transmitted messages without being noticed and to inject malicious messages. In order to detect potential attackers within a network or software system as early as possible, Intrusion Detection Systems (IDSs) are prevalent. Many approaches for vehicles are based on techniques which are able to detect deviations from specified CAN network behaviour regarding protocol or payload properties. However, it is challenging to detect attackers who secretly connect to CAN networks and do not actively participate in bus traffic. In this paper, we present an approach that is capable of successfully detecting unknown CAN devices and determining the distance (cable length) between the attacker device and our sensing unit based on Time Domain Reflectometry (TDR) technique. We evaluated our approach on a real vehicle network.Comment: Submitted to conferenc