an overview of nhtsa s vehicle cybersecurity research
play

AN OVERVIEW OF NHTSAS VEHICLE CYBERSECURITY RESEARCH PROGRAM Cem - PowerPoint PPT Presentation

May 28, 2023 •166 likes •367 views

AN OVERVIEW OF NHTSAS VEHICLE CYBERSECURITY RESEARCH PROGRAM Cem Hatipoglu, Ph.D. Chief, Electronic Systems Safety Division National Highway Traffic Safety Administration NHTSAs Mission Save lives, prevent injuries and reduce

  1. AN OVERVIEW OF NHTSA’S VEHICLE CYBERSECURITY RESEARCH PROGRAM Cem Hatipoglu, Ph.D. Chief, Electronic Systems Safety Division National Highway Traffic Safety Administration

  2. NHTSA’s Mission “ Save lives, prevent injuries and reduce ” economic costs due to road traffic crashes, through education, research, safety standards and enforcement activity.” SAE INTERNATIONAL 2

  3. The Need for Continued Technological Innovations 32,675 people died due to motor vehicle accidents in 2014. • Modern crash avoidance and vehicle-to-vehicle (V2V) communications technologies that heavily rely on electronic systems hold the promise to address most crash challenges SAE INTERNATIONAL 3

  4. The Need for Cybersecurity Research However, these safety features introduce new cybersecurity challenges and vulnerabilities as demonstrated by our research and that of others. Failure to tackle the cybersecurity challenge would threaten the technology-driven safety transformation we all want to achieve. SAE INTERNATIONAL 4

  5. NHTSA and Vehicle Cybersecurity Organizational changes: Establishment of Electronic Systems Safety Research Division and Electronics Council Cybersecurity research program : Identified five actionable goals; layered approach Partnerships : Working with multiple public and private stakeholders http://www.nhtsa.gov/staticfiles/administration/pdf/presentations_speeches/2015/NHTSA-VehicleCybersecurity_07212015.pdf SAE INTERNATIONAL 5

  6. Electronic Systems Safety Program Areas Electronics Vehicle Automated Reliability Cybersecurity Vehicles Protection of vehicular electronic systems, communication networks, control algorithms, software, users, and underlying data from malicious attacks, damage, unauthorized access, or manipulation. SAE INTERNATIONAL 6

  7. Use of Electronics in Cars Not new… Dates back to 1970s (not including uses in radio) Today, a typical automobile features over 100 microprocessors, 50 electronic control units, five miles of wiring and 50-100 million lines of code . •Active Suspension •Event Data Recorder •Active Vibration Control •Hill Hold Control •Adaptive Cruise Control •Idle Stop-Start •Adaptive Front Lighting •Instrument Cluster Control •Airbag Deployment •Intelligent Turn Signals •Anti-lock Braking •Interior Lighting •Autonomous Emergency Braking •Lane Departure Warning •Battery Management •Lane Keeping Assist •Blind Spot Detection •Navigation •Cabin Environment Controls •On-Board Diagnostics •Communication Systems •Parental Controls •Cylinder Deactivation •Parking Systems •Driver Alertness Monitoring •Pre-crash Safety •Electronic Power Steering •Rear-view Camera •Electronic Seat Control •Regenerative Braking •Electronic Stability Control •Remote Keyless Entry •Electronic Throttle Control •Security Systems •Electronic Toll Collection •Tire Pressure Monitoring •Electronic Valve Timing •Traffic Sign Recognition •Engine Control •Transmission Control •Entertainment System •Windshield Wiper Control Sample electronic functions on a modern vehicle SAE INTERNATIONAL 7

  8. Threat Vectors into Vehicle Systems Physical Wireless Short Range Long Range DSRC Bring Your Own Device (BYOD) / Aftermarket Devices* E.g. Insurance dongles on OBD-II; cellphones via USB SAE INTERNATIONAL 8

  9. NHTSA’s Vehicle Cybersecurity Research Program and Goals 1 Share vehicle cybersecurity knowledgebase Facilitate implementation of voluntary industry 2 standards Foster development of new system solutions to 3 improve cybersecurity Investigating minimum performance based 4 vehicle safety requirements for cybersecurity Develop foundational materials to inform policy 5 decisions SAE INTERNATIONAL 9

  10. NHTSA’s Vehicle Cybersecurity Research Program and Goals Share vehicle cybersecurity knowledgebase 1 Expanding in-house cyber research capabilities Capabilities Future Capabilities Equipment • Vector CANalyzer • Femtocell/cellular • Communication bus monitoring base transceiver • Roller Dynamometer station • RF monitoring • USRP Software Defined • RF Disruption Radio • GPS Spoofing – LTE, DSRC, • GPS Satellite Simulator • GPS Simulation GPS, Radar • Spectrum Analyzer • Firmware Analysis • IDA Pro SAE INTERNATIONAL 10

  11. NHTSA’s Vehicle Cybersecurity Research Program and Goals Share vehicle cybersecurity knowledgebase 1 Researching cybersecurity best practices in relation to vehicle industry Attending, organizing and presenting at cybersecurity events; Engaging in detailed public and private discussions on cybersecurity • OEMs, Tier 1, Tier 2 Suppliers, SAE International; TRB; etc. • Other Government Agencies (NHTSA roundtable discussions). SAE INTERNATIONAL 11

  12. NHTSA’s Vehicle Cybersecurity Research Program and Goals Facilitate implementation of voluntary industry 2 standards Monitoring and participating in industry standard setting efforts Monitoring related global activities • HEAVENS, JASPAR, ISO, Trilateral Working Groups, World Economic Forum, etc. Encouraged vehicle industry to set up an Automotive information sharing and analysis center (ISAC) • Global Automakers and Alliance of Automotive Manufacturers have undertaken the initiative and their investigation led to the establishment of the Auto-ISAC, which started operation in 2015. • Encouraging the group to gradually include other key stakeholders, such as the suppliers. SAE INTERNATIONAL 12

  13. NHTSA’s Vehicle Cybersecurity Research Program and Goals Foster development of new system solutions to 3 improve cybersecurity Researching and monitoring activities on process solutions “Layers of Protection”: Investigating various forms of solutions Secure communications Protective/Preventive Methods Encryption, Gateways, firewalls; Separation of functions Anomaly-based intrusion detection Systems to monitor vehicle data buses Address and isolate intrusions Real-time response mechanisms before vehicle systems compromised Assess Treatment Solutions Feedback loop for continuous improvements (e.g. facilitated by an ISAC –Information Sharing and Analysis Center). SAE INTERNATIONAL 13

  14. NHTSA’s Vehicle Cybersecurity Research Program and Goals Investigating minimum performance based vehicle 4 safety requirements for cybersecurity Develop a systematic vehicle security assessment approach Study vehicle architectures and threat vectors and risks Test and evaluate vehicle cybersecurity environment • Need performance metrics to validate theories in applied settings • Objective test procedures: practical, repeatable, reproducible SAE INTERNATIONAL 14

  15. NHTSA’s Vehicle Cybersecurity Research Program and Goals Develop foundational materials to inform policy 5 decisions Research policy alternatives, certification and enforcement possibilities and associated challenges In October 2014, NHTSA published a federal register (FR) notice on “Automotive Electronic Control Systems Safety and Security” NHTSA has completed the Report to Congress on the need for safety standards with regard to electronic systems based on its examination to date and public comments received to this FR notice • MAP-21 requirement; Expected to be published in the coming weeks SAE INTERNATIONAL 15

  16. Current NHTSA Research on Vehicle Cybersecurity Investigating Protective/Preventive solutions • Message authentication for communications Interfaces ( V2V project initiating) • Gateways, firewalls (project underway) Researching Intrusion Detection Solutions • Vehicle bus monitoring for anomalous behavior; (project underway) Assessing Treatment Solutions • Feedback loop for continuous improvements (Monitoring progress in standing up and operationalizing an Automotive ISAC ). Crosscutting Research • Vulnerability Testing (projects underway at our applied labs) • Software / Firmware Updates – including over the air means (project underway) • Evaluate Heavy Vehicle Cybersecurity (project underway) • Collaboration/coordination with other Federal agencies (e.g. DHS, NIST, FAA) SAE INTERNATIONAL 16

  17. Cyber Roundtable Discussion on January 19, 2016 “Vehicle Cybersecurity Roundtable” event held on Tuesday, Jan 19, 2016 Discussion topics included:  Best approaches in this domain (regulations, guidelines, voluntary industry standards, best practices, etc.)  How best to capitalize efforts from other environments while applying to distinct aspects of auto industry  The roles of distinct stakeholder groups (government, industry, others)  Policies, plans, strategies appropriate to respond to the speed of change and challenges in cybersecurity  Potential roadblocks to closing gaps or adopting available guidance for the industry The intent of the event was to identify actionable steps for the stakeholder groups to take such that the vehicle manufacturing industry can address the vehicle cybersecurity challenges effectively and expeditiously. A follow on meeting with Federal stakeholders is scheduled for Friday, Jan 22, 2016. SAE INTERNATIONAL 17

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

NHTSA and Automotive Cybersecurity Briefing to the Information Security and Privacy Advisory

NHTSA and Automotive Cybersecurity Briefing to the Information Security and Privacy Advisory

National Highway Traffic Safety Administration NHTSA and Automotive Cybersecurity Briefing to the Information Security and Privacy Advisory Board October 2015 The Need for Cybersecurity Research 32,719 people died due to motor vehicle

556 views • 17 slides
Research Priorities for CAFE Mid-Term Review: NHTSA/Volpe Views Don Pickrell, Volpe Center

Research Priorities for CAFE Mid-Term Review: NHTSA/Volpe Views Don Pickrell, Volpe Center

Research Priorities for CAFE Mid-Term Review: NHTSA/Volpe Views Don Pickrell, Volpe Center Identifying Research Priorities for the Midterm Review of U.S. Light-Duty Vehicle Fuel Economy and Greenhouse Gas Emissions Standards Resources for the

307 views • 12 slides
Utilization of Crash and Medical Data to Reduce Motor Vehicle Crash Severity Funded with NHTSA

Utilization of Crash and Medical Data to Reduce Motor Vehicle Crash Severity Funded with NHTSA

Utilization of Crash and Medical Data to Reduce Motor Vehicle Crash Severity Funded with NHTSA Section 405-C funds through the Executive Office of Public Safety Highway Safety Divisions Highway Safety Division and the Traffic Records

550 views • 18 slides
NHTSA / ANSTSE Traffic Safety for Teen Drivers Presenter: Brett Robinson 2018 Presentation Topics

NHTSA / ANSTSE Traffic Safety for Teen Drivers Presenter: Brett Robinson 2018 Presentation Topics

2018 NHTSA / ANSTSE Traffic Safety for Teen Drivers Presenter: Brett Robinson 2018 Presentation Topics NHTSAs Support for Driver Education The Stakeholder Association ANSTSE Young Motor Vehicle Crashes NHTSA Initiatives

766 views • 51 slides
Managing Potential Conflicts Between Vehicle Safety and Cybersecurity Andy Davis, Transport

Managing Potential Conflicts Between Vehicle Safety and Cybersecurity Andy Davis, Transport

Managing Potential Conflicts Between Vehicle Safety and Cybersecurity Andy Davis, Transport Cybersecurity Practice Director Agenda What do we mean by Safety - critical and Cybersecurity - critical? Potential conflict areas

356 views • 16 slides
NHTSA Novice Driver Initiatives NHTSA Novice Driver Initiatives Driver Education Driver

NHTSA Novice Driver Initiatives NHTSA Novice Driver Initiatives Driver Education Driver

NHTSA Novice Driver Initiatives NHTSA Novice Driver Initiatives Driver Education Driver Education and and Graduated Licensing Graduated Licensing Thomas M. Louizou, Regional Administrator NHTSA Eastern Region May 10, 2007 Crash Rate by

246 views • 14 slides
Security and Privacy-Aware Cyber-Physical Systems: Legal Considerations Christopher S. Yoo

Security and Privacy-Aware Cyber-Physical Systems: Legal Considerations Christopher S. Yoo

Security and Privacy-Aware Cyber-Physical Systems: Legal Considerations Christopher S. Yoo University of Pennsylvania July 12, 2018 Overview of Research Tort and products liability for CPS Privacy and cybersecurity regulation NHTSA

472 views • 25 slides
Research Overview: Technology, Vehicle Characteristics, and Costs of Fuel Economy/GHG Standards

Research Overview: Technology, Vehicle Characteristics, and Costs of Fuel Economy/GHG Standards

Research Overview: Technology, Vehicle Characteristics, and Costs of Fuel Economy/GHG Standards Joshua Linn (Resources for the Future) December 17, 2013 Recent Research Passenger vehicle rebound effect How does fuel economy (as

399 views • 13 slides
Research to Support a Far- side NCAP Test Kennerly Digges George Washington University NHTSA

Research to Support a Far- side NCAP Test Kennerly Digges George Washington University NHTSA

Research to Support a Far- side NCAP Test Kennerly Digges George Washington University NHTSA Meeting June 9, 2015 Outline Far-side Crash Tests Conducted by GWU Application of the Far-side International Collaborative Research a Far-

438 views • 30 slides
Cybersecurity research and education: Helping meet the high demand for cybersecurity experts

Cybersecurity research and education: Helping meet the high demand for cybersecurity experts

West Virginia University Cybersecurity research and education: Helping meet the high demand for cybersecurity experts Katerina Goseva-Popstojanova Professor Lane Department of Computer Science and Electrical Engineering (LCSEE) West

538 views • 21 slides
Automated Vehicles November 16, 2017 Ian Grossman, AAMVA 1 1 1. AAMVA Automated Vehicle

Automated Vehicles November 16, 2017 Ian Grossman, AAMVA 1 1 1. AAMVA Automated Vehicle

Automated Vehicles November 16, 2017 Ian Grossman, AAMVA 1 1 1. AAMVA Automated Vehicle Working Group 2. NHTSA Automated Vehicle Policy 2.0 3. Federal Legislation 4. State Approaches 2 2 The AVWG The Working Group established fall 2014

800 views • 18 slides
U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity cybersecurity? William J. Perry Martin Casado Keith Coleman Dan Wendlandt MS&E 91SI Spring 2004 Stanford University U.S. National Cybersecurity

79 views • 7 slides
What the polls show: Americans and cybersecurity Aaron Smith Associate Director, Research

What the polls show: Americans and cybersecurity Aaron Smith Associate Director, Research

What the polls show: Americans and cybersecurity Aaron Smith Associate Director, Research Overview of our cybersecurity work Part o t of our ur o ong ngoing w work o on n Americans privacy y atti ttitud udes and nd b behaviors

300 views • 12 slides
EU in action about cybersecurity NIS Directive 5G Cybersecurity Act GDPR Contractual ISACs

EU in action about cybersecurity NIS Directive 5G Cybersecurity Act GDPR Contractual ISACs

EU Cybersecurity European policy overview e-IRG e-IRG 4 December 2019 Brussels Anni Hellman, Senior Expert, Permanent Representation of Finland to the European Union Seconded for the Finnish Presidency from the Directorate General

320 views • 28 slides
Towards defining priorities for cybersecurity research in Horizon 2020's work programme 2016-2017

Towards defining priorities for cybersecurity research in Horizon 2020's work programme 2016-2017

Towards defining priorities for cybersecurity research in Horizon 2020's work programme 2016-2017 Contributions from the Working Group on Secure ICT - Research and Innovation of the NIS Platform 8 April 2014 CYBERSECURITY RESEARCH FRAMEWORK

441 views • 8 slides
Automated Vehicles June 28, 2017 1 1 American Association of Motor Vehicle Administrators

Automated Vehicles June 28, 2017 1 1 American Association of Motor Vehicle Administrators

UNECE/NHTSA Workshop on Governance of the Safety of Automated Vehicles June 28, 2017 1 1 American Association of Motor Vehicle Administrators (AAMVA) at a glance Highly Automated Vehicles and AAMVA member collaboration U.S. Model

465 views • 20 slides
CORPORATE PRESENTATION AES GENER September 2017 AES Gener at a Glance Leading power generation

CORPORATE PRESENTATION AES GENER September 2017 AES Gener at a Glance Leading power generation

CORPORATE PRESENTATION AES GENER September 2017 AES Gener at a Glance Leading power generation company controlled by AES Corporation AES GENER IS ENERGIZED BY A $813 M $2.8 B REGIONAL WORKFORCE OF +1,500 PEOPLE EBITDA MARKET CAP IMPROVING

529 views • 37 slides
GASLOG LTD. AND GASLOG PARTNERS LP Q1 2020 results 7 May 2020 FORWARD-LOOKING STATEMENTS All

GASLOG LTD. AND GASLOG PARTNERS LP Q1 2020 results 7 May 2020 FORWARD-LOOKING STATEMENTS All

GASLOG LTD. AND GASLOG PARTNERS LP Q1 2020 results 7 May 2020 FORWARD-LOOKING STATEMENTS All statements in this presentation that are not statements of historical fact are forward - looking statements within the meani ng of the U.S. Private

586 views • 31 slides
Orlando, Florida Spring - 2020 New Band Families, Freshman & Choir We are excited to have

Orlando, Florida Spring - 2020 New Band Families, Freshman & Choir We are excited to have

Orlando, Florida Spring - 2020 New Band Families, Freshman & Choir We are excited to have you join us. Meeting Plan Presentation of Trip: Overview/highlights of Trip Trip Date Public Performance How We Get

350 views • 11 slides
Enel Amricas 9M 2019 October 28 th , 2019 Key highlights of the period The largest capital

Enel Amricas 9M 2019 October 28 th , 2019 Key highlights of the period The largest capital

Enel Amricas 9M 2019 October 28 th , 2019 Key highlights of the period The largest capital increase ever in Chile already completed 1 EBITDA of US$ 2,972 mn, an increase of 25% vs same period 2018 Net of Fx impact EBITDA would have increased

488 views • 35 slides
Fiesta Description: Fiesta is a selective bio-herbicide for the control of broadleaf weeds,

Fiesta Description: Fiesta is a selective bio-herbicide for the control of broadleaf weeds,

Fiesta Description: Fiesta is a selective bio-herbicide for the control of broadleaf weeds, moss, and algae in turf The active ingredient in Fiesta is iron (present as FeHEDTA) 26.52% Use sites : Lawns and ornamental areas including

257 views • 10 slides
Fixed Income Investor Presentation August 2, 2016 Cautionary Note on Forward-Looking Statements

Fixed Income Investor Presentation August 2, 2016 Cautionary Note on Forward-Looking Statements

Fixed Income Investor Presentation August 2, 2016 Cautionary Note on Forward-Looking Statements This presentation may include forward-looking statements. These statements are not historical facts, but instead represent only the Firms beliefs

519 views • 14 slides
LAK-Vrooman Road B id Bridge Replacement R l t ODOT Project ID 5669 Sponsored by the Lake

LAK-Vrooman Road B id Bridge Replacement R l t ODOT Project ID 5669 Sponsored by the Lake

LAK-Vrooman Road B id Bridge Replacement R l t ODOT Project ID 5669 Sponsored by the Lake County Engineer Sponsored by the Lake County Engineer Vrooman Road over the Grand River Bridge Replacement P bli M Public Meeting ti January 27,

832 views • 51 slides
Earnings Conference Call First Quarter 2020 May 8, 2020 Cautionary Statements Regarding

Earnings Conference Call First Quarter 2020 May 8, 2020 Cautionary Statements Regarding

Earnings Conference Call First Quarter 2020 May 8, 2020 Cautionary Statements Regarding Forward-Looking Information This presentation contains certain written and oral forward-looking statements within the meaning of the Private Securities

562 views • 53 slides

More recommend