SAE Update - May 2022 - 6
TECH FOCUS:
CybErSECUriTy
What is cybersecurity?
U.S. Dept. of Homeland Security
resources for urgent security
improvements, CISA has
compiled a " Shields Up " catalog
of free services from government
partners, and industry to assist.
Shields Up | CISA
According to IBM's 2021
Security report, the most
common initial attack vector,
compromised credentials, was
responsible for 20% of breaches
at an average $4.37 million per
breach.
SAE International has
developed technical
specifications to describe best
practices and considerations to
support secure mobility and
communications between a
vehicle and an off-board device
(e.g., telematics service providers
or an OBD-II scan tool) - for
example, SAE J3005 and J3138
technical documents to provide a
reference and overview of current
best practices that are used for
securing the Data Link Connector
6
May 2022
(DLC) from cybersecurity threats when unsecured
external devices are attached. Such external devices
may include OEM or aftermarket external test
equipment (e.g., diagnostic scan tools), remotely
connected applications (e.g., telematics devices
commonly used by insurance companies), other
wireless connectivity devices, or other unknown
devices. As many researchers are aware, some DLCs on
older model year vehicles may have direct, unrestricted
access to one or more critical in-vehicle networks
vulnerable to cybersecurity threats. The practices
outlined in the SAE documents are examples of secure
in-vehicle diagnostic connectivity methods which are
considered acceptable for use in the automotive
industry.
Cyberscurity is a process
In 2021, the ISO/SAE21434 Cybersecurity Engineering
specification was published. This document specifies
engineering requirements for cybersecurity risk
management, including product development,
production, operation, maintenance, and
decommissioning of electrical and electronic systems
in vehicles. ISO/SAE 21434 also defines a framework
with requirements for cybersecurity processes. The
framework includes recommendations for ongoing
cybersecurity training and continuing education.
UPDATE
https://www.cisa.gov/shields-up
https://www.ibm.com/security/data-breach
https://www.sae.org/standards/content/iso/sae21434/
SAE Update - May 2022
Table of Contents for the Digital Edition of SAE Update - May 2022
SAE Update - May 2022 - Cov1
SAE Update - May 2022 - Cov2
SAE Update - May 2022 - 1
SAE Update - May 2022 - 2
SAE Update - May 2022 - 3
SAE Update - May 2022 - 4
SAE Update - May 2022 - 5
SAE Update - May 2022 - 6
SAE Update - May 2022 - 7
SAE Update - May 2022 - 8
SAE Update - May 2022 - 9
SAE Update - May 2022 - 10
SAE Update - May 2022 - 11
SAE Update - May 2022 - 12
SAE Update - May 2022 - 13
SAE Update - May 2022 - 14
SAE Update - May 2022 - 15
SAE Update - May 2022 - 16
SAE Update - May 2022 - 17
SAE Update - May 2022 - 18
SAE Update - May 2022 - 19
SAE Update - May 2022 - 20
SAE Update - May 2022 - 21
SAE Update - May 2022 - 22
SAE Update - May 2022 - 23
SAE Update - May 2022 - 24
SAE Update - May 2022 - 25
SAE Update - May 2022 - 26
SAE Update - May 2022 - 27
SAE Update - May 2022 - 28
SAE Update - May 2022 - 29
SAE Update - May 2022 - 30
SAE Update - May 2022 - 31
SAE Update - May 2022 - 32
https://www.nxtbook.com/smg/sae/24UPD07
https://www.nxtbook.com/smg/sae/24UPD06
https://www.nxtbook.com/smg/sae/24UPD05
https://www.nxtbook.com/smg/sae/24UPD04
https://www.nxtbook.com/smg/sae/24UPD03
https://www.nxtbook.com/smg/sae/24UPD02
https://www.nxtbook.com/smg/sae/24UPD01
https://www.nxtbook.com/smg/sae/23UPD12
https://www.nxtbook.com/smg/sae/23UPD11
https://www.nxtbook.com/smg/sae/23UPD10
https://www.nxtbook.com/smg/sae/23UPD09
https://www.nxtbook.com/smg/sae/23UPD08
https://www.nxtbook.com/smg/sae/23UPD07
https://www.nxtbook.com/smg/sae/23UPD06
https://www.nxtbook.com/smg/sae/23UPD05
https://www.nxtbook.com/smg/sae/23UPD04
https://www.nxtbook.com/smg/sae/23UPD03
https://www.nxtbook.com/smg/sae/23UPD02
https://www.nxtbook.com/smg/sae/23UPD01
https://www.nxtbook.com/smg/sae/22UPD12
https://www.nxtbook.com/smg/sae/22UPD11
https://www.nxtbook.com/smg/sae/22UPD10
https://www.nxtbook.com/smg/sae/22UPD09
https://www.nxtbook.com/smg/sae/22UPD08
https://www.nxtbook.com/smg/sae/22UPD07
https://www.nxtbook.com/smg/sae/22UPD06
https://www.nxtbook.com/smg/sae/22UPD05
https://www.nxtbook.com/smg/sae/22UPD04
https://www.nxtbook.com/smg/sae/22UPD03
https://www.nxtbook.com/smg/sae/22UPD02
https://www.nxtbook.com/smg/sae/22UPD01
https://www.nxtbook.com/smg/sae/21UPD12
https://www.nxtbook.com/smg/sae/21UPD11
https://www.nxtbook.com/smg/sae/21UPD10
https://www.nxtbook.com/smg/sae/21UPD09
https://www.nxtbook.com/smg/sae/21UPD08
https://www.nxtbook.com/smg/sae/21UPD07
https://www.nxtbook.com/smg/sae/21UPD06
https://www.nxtbook.com/smg/sae/21UPD05
https://www.nxtbook.com/smg/sae/21UPD04
https://www.nxtbook.com/smg/sae/21UPD03
https://www.nxtbook.com/smg/sae/21UPD02
https://www.nxtbookmedia.com