FOCUS: CYBERSECURITY SUPERCHARGING vehicle cybersecurity performance and functionality of these connected systems. One common maintenance action for a vehicle is to utilize the diagnostics interface to update the firmware for an ECU. This action involves connecting a diagnostic computer (typically a laptop PC) to a vehicle diagnostics adapter (VDA) device. The PC software communicates via the VDA to identify the vehicle's ECU eligible for the firmware update. Before initiating an ECU firmware action, the diagnostics computer device will often send a request via the internet to the manufacturer/supplier of the ECU to determine if there is new firmware available. One of the biggest challenges of detecting an intrusion is classifying any unintended code embedded into the firmware being uploaded to the ECU. This is a challenge because the machine code itself is unknown and potentially unique for every ECU. Therefore, many rule-based anomaly-detection systems will not be able to distinguish a good firmware image from a malicious one by inspection alone. This means that an on-vehicle intrusion-detection system must 22 July 2021 TestCUBE2 Simulator USB Cable - CAN 1 Ch. DTS Monaco 8 and TestCUBE2 Software running on WIN10 Laptop DPA5 via Bluetooth USB Dongle - CAN 1 Ch. System test bench used to verify test SAE J3138 recommendations. be designed to allow for these updates to occur but limit the effect of a particular ECU from being attacked and becoming " rogue. " To confound the issue, the firmware is often considered to be proprietary, which makes testing and validation of an intrusion detection of a firmware reflashing process even harder. Prior to running an SAE J3138 test on actual vehicles, a simulated test on a lab bench can be performed in order to verify the test design rules. The picture shown above describes the bench setup of the test. If the vehicle response to the tool request indicates that the vehicle is not in a safe state (i.e., conditions not correct), the service request aborts and the vehicle test sequence is not executed. However, a defect/malicious actor could try to trick the test (for example, by injecting a false vehicle speed of zero before the actual vehicle speed message) thereby tricking (spoofing) the test to continue. Vehicle safe UPDATE