The Experts below are selected from a list of 79242 Experts worldwide ranked by ideXlab platform
Stabili Dario - One of the best experts on this subject based on the ideXlab platform.
-
Sicurezza informatica per reti di comunicazione interne di autoveicoli moderni
Università degli studi di Modena e Reggio Emilia, 2020Co-Authors: Stabili DarioAbstract:I sistemi cyber-fisici sono meccanismi integrati in cui uno o più sottosistema è monitorato e controllato da software, possibilmente con un alto grado di autonomia e minime interazioni con l'esterno e con gli utenti. Un esempio largamente diffuso di questi sistemi cyber-fisici sono i moderni autoveicoli, che sono composti da parti meccaniche controllate da centraline elettroniche, le quali sono programmate per eseguire diversi compiti nel sistema. I meccanismi controllati dalle centraline possono essere semplici, come le spazzole lavacristalli o i finestrini elettrici, o più complessi sistemi automatizzati e a tempo reale, quale il controllo motore, lo sterzo elettrico, il controllo elettronico della stabilità, o il sistema di antibloccaggio dei freni. Queste funzionalità software relative alla sicurezza fisica sono estremamente efficaci nel ridurre il numero di incidenti stradali ed il relativo numero di vittime. D’altro canto, permetto agli hacker di esplorare (e sfruttare) un ampio spettro di attacchi basati sul software contro le logiche implementate sulle centraline. Queste minacce sono amplificate dal continuo aumento della connettività dei veicoli. Al giorno d'oggi è comune trovare integrazione tra Bluetooth e telefoni anche su veicoli di fascia bassa, che possono anche offrire accesso diretto a Internet tramite connessione dati mobile. Queste minacce non sono solo teoriche. Recenti ricerche e inchieste giornalistiche hanno dimostrato diversi attacchi informatici ai danni di moderni autoveicoli, sfruttando la rete dati mobile per penetrare la rete interna del veicolo e controllare il motore, i freni e lo sterzo da remoto. Questi recenti studi hanno evidenziato le diverse vulnerabilità dei protocolli di comunicazione e delle reti che permettono alle centraline di comunicare tra loro. Questi sistemi di comunicazione sono basati su standard obsoleti, per centraline con minori capacità computazionali e per reti isolate, non fornendo alcuna garanzia di sicurezza. Questa tesi propone diverse soluzioni per aumentare la sicurezza informatica della rete di comunicazione interna dei veicoli moderni, e indirizza il ciclo di vita completo della sicurezza del veicolo partendo dalla prevenzione fino alla rilevazione di attacchi, proponendo inoltre un metodo automatico per contrastare eventuali conseguenze sull'incolumità fisica a seguito di attacchi informatici. La prevenzione di attacchi informatici richiede l'adozione di protocolli sicuri che includano garanzie di integrità autenticazione per comunicazioni interne al veicolo riguardanti la sicurezza fisica. In questo campo, questa tesi esplora I compromessi tra le diverse strategie per la gestione e la distribuzione di materiale criptografico, considerando il ciclo di vita completo del moderno autoveicolo. La rilevazione di attacchi rappresenta l'argomento principale di questa tesi, la quale propone diversi algoritmi di rilevazione di attacchi pensati appositamente per rilevare anomalie di traffico nelle reti interne dei moderni autoveicoli. Tutti gli algoritmi proposti sono stati testati e validati con esperimenti condotti su traffico reale tra centraline. Gli algoritmi proposti osservano i requisiti stringenti di memoria e di potenza computazionale delle moderne centraline. Per sopperire alla mancanza pubblica delle specifiche delle reti interne, questa tesi propone un algoritmo per l'estrazione automatica di informazioni da messaggi Automotive, che permette di applicare metodologie di rilevazione di intrusioni più dettagliate. Infine, questa tesi propone una tecnica di risposta alla rilevazione di attacchi informatici che sfrutta il la modalità limp (un meccanismo di protezione già presente nelle centraline) per reagire ad attacchi informatici.Cyber-physical Systems (CPS) are highly integrated mechanisms in which one or more subSystems are monitored and controlled by software, possibly with a high degree of autonomy and minimal external inputs coming from users. A prominent example of widespread cyber-physical Systems are modern passenger vehicles, that are composed by many mechanical parts controlled by Electronic Control Units (ECUs), which are programmed to perform different tasks in the Automotive System. Mechanisms controlled through ECUs range from simple tasks activated by drivers, such as windshield wipers or power windows, to completely automated, complex and real-time Systems, such as engine control, power steering, Electronic Stability Program (ESP) or the Anti-lock Braking System (ABS). These software-driven safety-relevant features are extremely effective in reducing the overall number of car accidents and fatalities. However, they also open new avenue for cyber-attackers, that can now explore (and possibly exploit) a wide range of software-based attacks against the control logic implemented by ECUs. These threats are also magnified by the current trend toward an increasing connectivity of modern vehicles. It is now common even for low-tier vehicles to integrate Bluetooth connectivity with smartphones (hence an indirect connection to the Internet) or direct Internet connectivity through cellular networks. Similar threats are not only theoretical. Recent research and media reports showcased several cyber-attacks against recent, unmodified licensed vehicles, which exploited cellular connections to penetrate the Automotive network and obtain remote control over the engine, brakes and power steering Systems. These recent works exposed different vulnerabilities of the networking protocols and communication buses enabling communication among safety-relevant ECUs. These Systems are based on outdated standards, that have been designed for simpler ECUs and completely isolated networks, and do not provide any security guarantee. This thesis proposes many solutions for improving the cyber-security of the internal network communications of modern vehicles, and addresses the whole cyber-security lifecycle ranging from the prevention of cyber-attacks to their detection in operational vehicles and up to the proposal of automatic countermeasure that can mitigate the physical consequences of cyber-attacks. Prevention of cyber-attacks requires the adoption of secure protocols that include integrity and authentication guarantees for safety-relevant in-vehicle communications. In this field this thesis explores the trade-offs among different strategies for the management and distribution of cryptographic material, taking into consideration the full lifecycle of a modern vehicle. Attack detection represents the main focus of this thesis, that proposes several novel intrusion detection algorithms specifically designed for the detection of realistic cyber-attacks against modern internal vehicle networks. All the proposed intrusion detection algorithms have been validated through experiments carried out over real communications among ECUs, gathered from modern unmodified vehicles. The proposed algorithms meet the hard computational and memory constraints of common Automotive ECUs. To overcome the limitations caused by the lack of public specifications of internal communications in real vehicles, this thesis also proposes a novel algorithm for automatic reverse-engineering of Automotive data-frames that allows to apply more fine-grained intrusion detection algorithms. Finally, the thesis proposes a novel strategy for reacting to a detected cyber-attack by leveraging the limp-home mode (a protection mechanism already implemented by ECUs) in the service of cybersecurity
-
Sicurezza informatica per reti di comunicazione interne di autoveicoli moderni
Università degli studi di Modena e Reggio Emilia, 2020Co-Authors: Stabili DarioAbstract:I sistemi cyber-fisici sono meccanismi integrati in cui uno o pi\uf9 sottosistema \ue8 monitorato e controllato da software, possibilmente con un alto grado di autonomia e minime interazioni con l'esterno e con gli utenti. Un esempio largamente diffuso di questi sistemi cyber-fisici sono i moderni autoveicoli, che sono composti da parti meccaniche controllate da centraline elettroniche, le quali sono programmate per eseguire diversi compiti nel sistema. I meccanismi controllati dalle centraline possono essere semplici, come le spazzole lavacristalli o i finestrini elettrici, o pi\uf9 complessi sistemi automatizzati e a tempo reale, quale il controllo motore, lo sterzo elettrico, il controllo elettronico della stabilit\ue0, o il sistema di antibloccaggio dei freni. Queste funzionalit\ue0 software relative alla sicurezza fisica sono estremamente efficaci nel ridurre il numero di incidenti stradali ed il relativo numero di vittime. D\u2019altro canto, permetto agli hacker di esplorare (e sfruttare) un ampio spettro di attacchi basati sul software contro le logiche implementate sulle centraline. Queste minacce sono amplificate dal continuo aumento della connettivit\ue0 dei veicoli. Al giorno d'oggi \ue8 comune trovare integrazione tra Bluetooth e telefoni anche su veicoli di fascia bassa, che possono anche offrire accesso diretto a Internet tramite connessione dati mobile. Queste minacce non sono solo teoriche. Recenti ricerche e inchieste giornalistiche hanno dimostrato diversi attacchi informatici ai danni di moderni autoveicoli, sfruttando la rete dati mobile per penetrare la rete interna del veicolo e controllare il motore, i freni e lo sterzo da remoto. Questi recenti studi hanno evidenziato le diverse vulnerabilit\ue0 dei protocolli di comunicazione e delle reti che permettono alle centraline di comunicare tra loro. Questi sistemi di comunicazione sono basati su standard obsoleti, per centraline con minori capacit\ue0 computazionali e per reti isolate, non fornendo alcuna garanzia di sicurezza. Questa tesi propone diverse soluzioni per aumentare la sicurezza informatica della rete di comunicazione interna dei veicoli moderni, e indirizza il ciclo di vita completo della sicurezza del veicolo partendo dalla prevenzione fino alla rilevazione di attacchi, proponendo inoltre un metodo automatico per contrastare eventuali conseguenze sull'incolumit\ue0 fisica a seguito di attacchi informatici. La prevenzione di attacchi informatici richiede l'adozione di protocolli sicuri che includano garanzie di integrit\ue0 autenticazione per comunicazioni interne al veicolo riguardanti la sicurezza fisica. In questo campo, questa tesi esplora I compromessi tra le diverse strategie per la gestione e la distribuzione di materiale criptografico, considerando il ciclo di vita completo del moderno autoveicolo. La rilevazione di attacchi rappresenta l'argomento principale di questa tesi, la quale propone diversi algoritmi di rilevazione di attacchi pensati appositamente per rilevare anomalie di traffico nelle reti interne dei moderni autoveicoli. Tutti gli algoritmi proposti sono stati testati e validati con esperimenti condotti su traffico reale tra centraline. Gli algoritmi proposti osservano i requisiti stringenti di memoria e di potenza computazionale delle moderne centraline. Per sopperire alla mancanza pubblica delle specifiche delle reti interne, questa tesi propone un algoritmo per l'estrazione automatica di informazioni da messaggi Automotive, che permette di applicare metodologie di rilevazione di intrusioni pi\uf9 dettagliate. Infine, questa tesi propone una tecnica di risposta alla rilevazione di attacchi informatici che sfrutta il la modalit\ue0 limp (un meccanismo di protezione gi\ue0 presente nelle centraline) per reagire ad attacchi informatici.Cyber-physical Systems (CPS) are highly integrated mechanisms in which one or more subSystems are monitored and controlled by software, possibly with a high degree of autonomy and minimal external inputs coming from users. A prominent example of widespread cyber-physical Systems are modern passenger vehicles, that are composed by many mechanical parts controlled by Electronic Control Units (ECUs), which are programmed to perform different tasks in the Automotive System. Mechanisms controlled through ECUs range from simple tasks activated by drivers, such as windshield wipers or power windows, to completely automated, complex and real-time Systems, such as engine control, power steering, Electronic Stability Program (ESP) or the Anti-lock Braking System (ABS). These software-driven safety-relevant features are extremely effective in reducing the overall number of car accidents and fatalities. However, they also open new avenue for cyber-attackers, that can now explore (and possibly exploit) a wide range of software-based attacks against the control logic implemented by ECUs. These threats are also magnified by the current trend toward an increasing connectivity of modern vehicles. It is now common even for low-tier vehicles to integrate Bluetooth connectivity with smartphones (hence an indirect connection to the Internet) or direct Internet connectivity through cellular networks. Similar threats are not only theoretical. Recent research and media reports showcased several cyber-attacks against recent, unmodified licensed vehicles, which exploited cellular connections to penetrate the Automotive network and obtain remote control over the engine, brakes and power steering Systems. These recent works exposed different vulnerabilities of the networking protocols and communication buses enabling communication among safety-relevant ECUs. These Systems are based on outdated standards, that have been designed for simpler ECUs and completely isolated networks, and do not provide any security guarantee. This thesis proposes many solutions for improving the cyber-security of the internal network communications of modern vehicles, and addresses the whole cyber-security lifecycle ranging from the prevention of cyber-attacks to their detection in operational vehicles and up to the proposal of automatic countermeasure that can mitigate the physical consequences of cyber-attacks. Prevention of cyber-attacks requires the adoption of secure protocols that include integrity and authentication guarantees for safety-relevant in-vehicle communications. In this field this thesis explores the trade-offs among different strategies for the management and distribution of cryptographic material, taking into consideration the full lifecycle of a modern vehicle. Attack detection represents the main focus of this thesis, that proposes several novel intrusion detection algorithms specifically designed for the detection of realistic cyber-attacks against modern internal vehicle networks. All the proposed intrusion detection algorithms have been validated through experiments carried out over real communications among ECUs, gathered from modern unmodified vehicles. The proposed algorithms meet the hard computational and memory constraints of common Automotive ECUs. To overcome the limitations caused by the lack of public specifications of internal communications in real vehicles, this thesis also proposes a novel algorithm for automatic reverse-engineering of Automotive data-frames that allows to apply more fine-grained intrusion detection algorithms. Finally, the thesis proposes a novel strategy for reacting to a detected cyber-attack by leveraging the limp-home mode (a protection mechanism already implemented by ECUs) in the service of cybersecurity
Eunyoung Kang - One of the best experts on this subject based on the ideXlab platform.
-
formal verification of safety security related timing constraints for a cooperative Automotive System
Fundamental Approaches to Software Engineering, 2019Co-Authors: Li Huang, Eunyoung KangAbstract:Modeling and analysis of timing constraints is crucial in real-time Automotive Systems. Modern vehicles are interconnected through wireless networks which creates vulnerabilities to external malicious attacks. Violations of cyber-security can cause safety related accidents and serious damages. To identify the potential impacts of security related threats on safety properties of interconnected Automotive Systems, this paper presents analysis techniques that support verification and validation (V&V) of safety & security (S/S) related timing constraints on those Systems: Probabilistic extension of S/S timing constraints are specified in PrCcsl (probabilistic extension of clock constraint specification language) and the semantics of the extended constraints are translated into verifiable Uppaal models with stochastic semantics for formal verification. A set of mapping rules are proposed to facilitate the translation. An automatic translation tool, namely ProTL, is implemented based on the mapping rules. Formal verification are performed on the S/S timing constraints using Uppaal-SMC under different attack scenarios. Our approach is demonstrated on a cooperative Automotive System case study.
Li Huang - One of the best experts on this subject based on the ideXlab platform.
-
formal verification of safety security related timing constraints for a cooperative Automotive System
Fundamental Approaches to Software Engineering, 2019Co-Authors: Li Huang, Eunyoung KangAbstract:Modeling and analysis of timing constraints is crucial in real-time Automotive Systems. Modern vehicles are interconnected through wireless networks which creates vulnerabilities to external malicious attacks. Violations of cyber-security can cause safety related accidents and serious damages. To identify the potential impacts of security related threats on safety properties of interconnected Automotive Systems, this paper presents analysis techniques that support verification and validation (V&V) of safety & security (S/S) related timing constraints on those Systems: Probabilistic extension of S/S timing constraints are specified in PrCcsl (probabilistic extension of clock constraint specification language) and the semantics of the extended constraints are translated into verifiable Uppaal models with stochastic semantics for formal verification. A set of mapping rules are proposed to facilitate the translation. An automatic translation tool, namely ProTL, is implemented based on the mapping rules. Formal verification are performed on the S/S timing constraints using Uppaal-SMC under different attack scenarios. Our approach is demonstrated on a cooperative Automotive System case study.
Jae Wook Jeon - One of the best experts on this subject based on the ideXlab platform.
-
method of improved hardware redundancy for Automotive System
International Symposium on Communications and Information Technologies, 2014Co-Authors: Keyho Kwon, Jae Wook JeonAbstract:Performance improvements in transistors have also brought about lower threshold voltages and tighter noise margins. Therefore, microprocessors are becoming more vulnerable to transient faults, and Lockstep is a technology that has been developed to provide a good method to address such transient faults. In Lockstep, two processors perform and compare the same computation during every cycle. Consequently, transient faults can be detected with a high fault-detection rate. However, this technique only gives a warning of wrong information or executes a reset simply by comparing replications of the data in the cores. Thus, they are not appropriate for real-time Systems used in the Automotive industry. To this end, we propose a method to provide hardware redundancy in a System. This System uses an extra core and a voting algorithm when a fault occurs, and it is appropriate for real-time Systems.
-
Ethernet-Based Integrated Network for Active Safety Sensors
Proceedings of the FISITA 2012 World Automotive Congress, 2013Co-Authors: Jin-ho Kim, Jae Wook JeonAbstract:The number of active safety sensors in an Automotive System is increasing exponentially. However, there is no international standard or de facto standard for active safety sensor networks. Therefore, each sensor manufacturer uses a different network protocol and makes vendor-specific command protocols for their sensors. This makes active safety sensors difficult to use and increases the development costs for intelligent Automotive Systems using active safety sensors. Thus, we propose an Ethernet-based integrated network protocol for solving the above problems. The proposed network protocol includes a physical layer, a data link layer, a communication layer, a service layer and an application layer. To verify this proposal, we implement an embedded System that supports the proposed network and measures the synchronization performance and cycle time.
-
simulation with consideration of hardware characteristics and auto generated code using matlab simulink
International Conference on Control Automation and Systems, 2007Co-Authors: Taeyoon Moon, Jin-ho Kim, Sukhyun Seo, Sungho Hwang, Jae Wook JeonAbstract:There are many embedded Systems in the environment. Users are demanding increasingly advanced embedded Systems. For these reasons, embedded Systems have became more complicated and require a lot of time for designing. Model-based programming has came into the spotlight in the embedded System industry that demands short time-to-market, especially in the Automotive industry. Model-based programming allows the developer to design and implement the System easily by using blocks that provide automatic code-generation function. In addition, blocks provide the simulation function at the design and implementation step. Among the model-based programming's features, simulation is of greatest importance because accurate simulation can reduce cost, time and effort. Most simulators just estimate that the model works correctly without consideration of hardware characteristics. Therefore, this paper proposes the new hybrid-block that can simulate not only functions of the model, but also features of hardware. We develop the 16-bit embedded System for the Electronic Control Unit (ECU) in the Automotive System and implement the hybrid-blocks that have two modes of automatic code-generation and simulation. The application model can be constructed by using the hybrid-block. In automatic code-generation mode, models can generate complete C program code for a specific platform without any modification. In simulation mode, the model can be simulated by considering the hardware and software characteristics of the model. In this paper, consequence of simulation with real-value in the 16-bit embedded System is compared.
Keyho Kwon - One of the best experts on this subject based on the ideXlab platform.
-
method of improved hardware redundancy for Automotive System
International Symposium on Communications and Information Technologies, 2014Co-Authors: Keyho Kwon, Jae Wook JeonAbstract:Performance improvements in transistors have also brought about lower threshold voltages and tighter noise margins. Therefore, microprocessors are becoming more vulnerable to transient faults, and Lockstep is a technology that has been developed to provide a good method to address such transient faults. In Lockstep, two processors perform and compare the same computation during every cycle. Consequently, transient faults can be detected with a high fault-detection rate. However, this technique only gives a warning of wrong information or executes a reset simply by comparing replications of the data in the cores. Thus, they are not appropriate for real-time Systems used in the Automotive industry. To this end, we propose a method to provide hardware redundancy in a System. This System uses an extra core and a voting algorithm when a fault occurs, and it is appropriate for real-time Systems.
