1 option
Towards Deployment of a Zero-Trust Architecture (ZTA) for Automated Vehicles (AV) Southwest Research Institute, San Antonio, TX
- Format:
- Book
- Conference/Event
- Author/Creator:
- Murray, Victor, author.
- Conference Name:
- 2024 NDIA Michigan Chapter Ground Vehicle Systems Engineering and Technology Symposium (2024-08-13 : Novi, Michigan, United States)
- Language:
- English
- Physical Description:
- 1 online resource cm
- Place of Publication:
- Warrendale, PA SAE International 2024
- Summary:
- Automated Vehicles (A)V development historically placed a significant focus on functionality and less on security. Programs such as Cybersecurity for Robotics and Autonomous Systems Hardening (CRASH) are addressing AV cybersecurity, strengthening security while simultaneously supporting the developer focus on functionality. This task is challenging due to continuous interaction by AVs with the environment through sensors and actuators, command and control, and remote connectivity. This paper presents an approach balancing functionality and security through an AV Zero-Trust Architecture (ZTA) which leverages authentication, cyber policy enforcement, and monitoring to detect and mitigate cyber-attacks. The AV ZTA approach is traceable to NIST 800-217 guidance for applying ZT concepts to Information Technology (IT) networks.The presented AV architecture example begins with a non-self-driving baseline, adding sensors, actuators, command/control, and remote connectivity. NIST 800-207 principles are distilled into three (3) components: 1. Authentication 2. Policy Enforcement and 3. Monitoring. Authentication includes verifying software authenticity prior to booting, and use of a combination of public/private key encryption, symmetric key encryption, and Message Authentication Codes (MACs) to secure network communication. Policy Enforcement occurs at every AV network node and is overseen by a central gateway. The gateway also monitors traffic and logs issues. Together, these combine into an AV ZTA.Several recent programs have partially implemented the outlined AV ZTA. For example, the CRASH program has implemented authentication for networked communication, policy enforcement, and monitoring. Other programs are tackling monitoring automotive CAN and ethernet busses and improving resiliency through sensor redundancy and fusion. There remain other unaddressed pieces to fully implement an AV ZTA
- Notes:
- Vendor supplied data
- Publisher Number:
- 2024-01-4115
- Access Restriction:
- Restricted for use by site license
The Penn Libraries is committed to describing library materials using current, accurate, and responsible language. If you discover outdated or inaccurate language, please fill out this feedback form to report it and suggest alternative language.