Abstract
Cybersecurity assumes a major role in the context of the automotive domain, where both existing and forthcoming regulations are heightening the need for robust security engineering. A significant milestone in advancing cybersecurity within the automotive industry is the release of the first international standard for automotive cybersecurity ISO/SAE 21434:2021 'Road Vehicles - Cybersecurity Engineering'. A recently published type approval regulation for automotive cybersecurity (UN R155) is also tailored for member countries of the UNECE WP.29 alliance. Thus, the challenges for embedded automotive systems engineers are increasing while frameworks, tools and shared concepts for cybersecurity engineering and training are scarce. Hence, cybersecurity training in the automotive domain necessitates an understanding of domain-specific intricacies and the unique challenges at the intersection of cybersecurity and embedded systems engineering, elevating the need for improving the skill set and knowledge of automotive cybersecurity engineers. This paper delves into an automotive cybersecurity training concept aimed at enhancing the proficiency of development engineers. In that context, we also consider the framework to train over CAN. While the presented work primarily addresses technical aspects, we recognize the importance of aligning development within the framework of relevant standards. This is crucial because any training courses must adhere to the expectations set by standardization boundaries. The presented PENNE1 framework simulates a network of CAN controllers, which enables the testing and hands-on experiences for attack vectors and mitigation methods in a simulated environment, providing basic implementations for the most common attack types of this network. The framework is extendable for training and testing purposes with series controllers and real-world demonstrators.
Original language | English |
---|---|
Article number | 2024-01-2800 |
Journal | SAE Technical Papers |
DOIs | |
Publication status | Published - 9 Apr 2024 |
Event | 2024 SAE World Congress Experience: WCX 2024 - Detroit, United States Duration: 16 Apr 2024 → 18 Apr 2024 |
ASJC Scopus subject areas
- Automotive Engineering
- Safety, Risk, Reliability and Quality
- Pollution
- Industrial and Manufacturing Engineering