Automotive cybersecurity engineering handbook : the automotive engineer's roadmap to cyber-resilient vehicles

Automotive cybersecurity engineering handbook the automotive engineer's roadmap to cyber-resilient vehicles

Accelerate your journey of securing safety-critical automotive systems through practical and standard-compliant methods Key Features Understand how automotive systems can become vulnerable to cyberattacks Apply security controls to all vehicle layers for mitigating cybersecurity risks Find out how s...

Descripción completa

Detalles Bibliográficos
Otros Autores: Nasser, Ahmad Mk, author (author)
Formato: Libro electrónico
Idioma:Inglés
Publicado: Birmingham, England : Packt Publishing Ltd [2023]
Edición:First edition
Materias:
Automotive computers > Security measures.
Automobile industry and trade > Technological innovations.
Automated vehicles.
Ver en Biblioteca Universitat Ramon Llull:https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009770739806719
Tabla de Contenidos:
  • Cover
  • Title Page
  • Copyright and Credit
  • Dedicated
  • Table of Contents
  • Preface
  • Part 1: Understanding the Cybersecurity Relevance of the Vehicle Electrical Architecture
  • Chapter 1: Introducing the Vehicle Electrical/Electronic Architecture
  • Overview of the basic building blocks of the E/E architecture
  • Electronic control units
  • Looking at MCU-based ECUs
  • Looking at SoC-based ECUs
  • Looking inside the MCU and SoC software layers
  • ECU domains
  • Fuel-based powertrain domain
  • Electric drive powertrain domain
  • Chassis safety control domain
  • Interior cabin domain
  • Infotainment and connectivity domain
  • Cross-domain
  • Exploring the in-vehicle network
  • CAN
  • FlexRay
  • LIN
  • UART
  • SENT
  • GMSL
  • I2C
  • Ethernet
  • J1939
  • Sensors and actuators
  • Sensor types
  • Actuators
  • Exploring the vehicle architecture types
  • Highly distributed E/E architecture
  • Domain-centralized E/E architecture
  • Zone architecture
  • Commercial truck architecture types
  • Summary
  • Answers to discussion points
  • Further reading
  • Chapter 2: Cybersecurity Basics for Automotive Use Cases
  • Exploring the attack classes
  • Passive attacks
  • Active attacks
  • Identifying security objectives
  • Integrity
  • Authenticity
  • Confidentiality
  • Accountability
  • Availability
  • Cryptography applied to automotive use cases
  • Building blocks
  • One-way hash functions
  • Message authentication code algorithms
  • Random number generators
  • Public key cryptography
  • Key management
  • NIST defined security strength
  • Chinese cryptography
  • PQC algorithms
  • Security principles
  • Defense in depth
  • Domain separation
  • Least privilege
  • Least sharing
  • Mediated access
  • Protective defaults
  • Anomaly detection
  • Distributed privilege
  • Hierarchical protection and zero trust
  • Minimal trusted elements
  • Least persistence.
  • Protective failure
  • Continuous protection
  • Redundancy
  • Use of standardized cryptography
  • Summary
  • Further reading
  • Chapter 3: Threat Landscape against Vehicle Components
  • Threats against external vehicle interfaces
  • Backend-related threats
  • Connectivity threats
  • Threats against the E/E topology
  • Highly distributed E/E architecture
  • Domain-centralized E/E architecture
  • Central vehicle computer architecture
  • Threats against in-vehicle networks
  • CAN
  • FlexRay
  • Ethernet
  • The Unified Diagnostic Services (UDS) protocol
  • SAE J1939 protocols
  • SAE J2497 (PLC4TRUCKS)
  • Threats against sensors
  • Common ECU threats
  • Debug ports
  • Flash programming
  • Power and mode manipulation
  • Tampering with machine learning algorithms
  • Software attacks
  • Disclosure and tampering of cryptographic keys
  • Summary
  • References
  • Part 2: Understanding the Secure Engineering Development Process
  • Chapter 4: Exploring the Landscape of Automotive Cybersecurity Standards
  • Primary standards
  • UNECE WP.29
  • Chinese regulation and standardization
  • Secondary standards
  • IATF 16949:2016
  • Automotive SPICE (ASPICE)
  • Trusted Information Security Assessment Exchange (TISAX)
  • SAE J3101 - hardware-protected security for ground vehicles
  • Coding and software standards
  • NIST cryptographic standards
  • Supporting standards and resources
  • MITRE Common Weakness Enumeration (CWE)
  • US DoT NHTSA Cybersecurity Best Practices for the Safety of Modern Vehicles
  • ENISA good practices for the security of smart cars
  • SAE J3061 - cybersecurity guidebook for cyber-physical vehicle systems
  • ISO/IEC 27001
  • NIST SP 800-160
  • Uptane
  • Summary
  • References
  • Chapter 5: Taking a Deep Dive into ISO/SAE21434
  • Notations
  • At a glance - the ISO 21434 standard
  • Organizational cybersecurity management
  • Management systems.
  • Intersection of cybersecurity with other disciplines
  • Tool management
  • Planning
  • Acquisition and integration of supplier components
  • Supplier capability assessment and the role of the CSIA
  • The concept phase
  • Item-level concept
  • Cybersecurity concept
  • Implications to component-level development
  • Design and implementation
  • Post-development requirements
  • Configuration and calibration
  • Weakness analysis
  • Unit implementation
  • Verification testing
  • Validation testing
  • Product release
  • Cybersecurity case
  • Cybersecurity assessment
  • Production planning
  • Operations and maintenance
  • Monitoring
  • Vulnerability analysis
  • Vulnerability management
  • Updates
  • End of life
  • Summary
  • Chapter 6: Interactions Between Functional Safety and Cybersecurity
  • A tale of two standards
  • A unified versus integrated approach
  • Establishing a foundational understanding of functional safety and cybersecurity
  • Understanding the unique aspects and interdependencies between the two domains
  • Differences between safety and security scope
  • Differences in the level of interdependence between safety and security requirements
  • Conflict resolution
  • Extending the safety and quality supporting processes
  • Planning
  • Supplier management
  • Concept
  • Design
  • Implementation
  • Testing and validation
  • Release
  • Production
  • End of life
  • Creating synergies in the concept phase
  • Item functions
  • Item boundaries and operational environments
  • Damage scenarios and hazards
  • Safety and security goals
  • Safety and security requirements
  • Finding synergies and conflicts in the design phase
  • Leveraging safety and security mechanisms
  • Self-tests across safety and security
  • Leveraging error detection safety mechanisms
  • Eliminating inconsistencies in the error response
  • Parallels in design principles.
  • Secure coding practices versus safe coding techniques
  • Synergies and differences in the testing phase
  • Summary
  • References
  • Part 3: Executing the Process to Engineer a Secure Automotive Product
  • Chapter 7: A Practical Threat Modeling Approach for Automotive Systems
  • The fundamentals of performing an effective TARA
  • Assets
  • Damage scenarios
  • Threat scenarios
  • Attacker model and threat types
  • Attack paths
  • Risk assessment methods
  • Risk treatment
  • Common pitfalls when preparing a TARA
  • Defining the appropriate TARA scope
  • The practical approach
  • Know your system
  • Make your assumptions known
  • Use case-driven analysis
  • Prepare context and data flow diagrams
  • Damages versus assets - where to start
  • Identifying assets with the help of asset categories
  • Building threat catalogs
  • Creating attack paths using a system flow diagram
  • Risk prioritization
  • Defining cybersecurity goals
  • Choosing security controls and operational environment (OE) requirements
  • Tracking shared and accepted risks
  • Review and signoff
  • Case study using a digital video recorder (DVR)
  • Assumptions
  • Context diagram
  • Identifying the assets
  • Damage scenarios
  • Cybersecurity requirements and controls
  • Summary
  • References
  • Chapter 8: Vehicle-Level Security Controls
  • Choosing cybersecurity controls
  • Challenging areas
  • Vehicle-level versus ECU-level controls
  • Policy controls
  • Secure manufacturing
  • Challenges
  • Secure off-board network communication
  • Wi-Fi
  • Bluetooth
  • Cellular
  • Host-based intrusion detection
  • Network intrusion detection and prevention (NIDP)
  • Domain separation and filtering
  • Sensor authentication
  • Secure software updates
  • In-vehicle network protection
  • CAN message authentication
  • Ethernet
  • Securing diagnostic abilities
  • Security access control via UDS service 0x27.
  • Role-based access control via UDS service 0x29
  • Securing flash programming services
  • Secure decommissioning
  • Summary
  • Further reading
  • Chapter 9: ECU-Level Security Controls
  • Understanding control actions and layers
  • Exploring policy controls
  • Exploring hardware controls
  • RoT
  • OTP memory
  • Hardware-protected keystore
  • Secure Universal Flash Storage
  • Cryptographic accelerators
  • Lockable hardware configuration
  • CPU security
  • Isolation through MMUs and MPUs
  • Encrypted volatile memories
  • Debug access management
  • Exploring software security controls
  • Software debug and configuration management
  • Secure manufacturing
  • Key management policies
  • Multi-stage secure boot
  • Trusted runtime configuration
  • TEEs
  • Secure update
  • Spatial isolation
  • Temporal isolation
  • Encrypted and authenticated filesystems
  • Runtime execution hardening
  • Security monitors
  • Exploring physical security controls
  • Tamper detection and prevention
  • Printed circuit board layout pin and trace hiding
  • Concealment and shielding
  • Summary
  • Further reading
  • Index
  • Other Books You May Enjoy.

Ejemplares similares