MENU
Home Home Home
 

Cybersecurity Consulting Services

UMTRI supports sponsors and clients in all aspects of transportation cybersecurity and privacy. Examples of UMTRI’s cybersecurity and privacy consulting services are listed below:

- Risk assessment. UMTRI performs risk assessments for transportation and embedded systems. The risk assessments are based on accepted NIST standards and provide a roadmap of cybersecurity in terms of solutions and priority.

- In-vehicle platform security design. design of secure in-vehicle electronics architectures, communication security protocols, secure wireless and wired interfaces, trustworthy computing platforms with secure micro-controllers, and security applications.

- Security strategies. define security strategies, evaluate potential risks and risk levels, and suggest roadmaps. Such security strategies were developed for a large variety of systems, reaching from entire product lines to individual electronic control units (ECU).

- Connected vehicle / V2X cybersecurity and privacy. design and optimize privacy preserving and secure vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communication security mechanisms.

- Intrusion detection and prevention systems (IPS). design and optimize strategies to monitor the in-vehicle electronic control units, detect attacks and intrusion, prevent such attacks from further intrusion into the vehicle electronics, and react to attacks. On-going work is targeting current vehicle architectures and future work will also cover partly and fully automated vehicles.

- Secure CAN. design and optimize a secure in-vehicle communication protocol for the controller area network (CAN), and develop a prototype implementation of this secure communication software stack.

- Protection of component integrity. design of component identification protocols, secure software updates over-the-air, and secure boot solutions to protect the integrity of systems at start-up and during run-time.

- Transportation privacy. evaluation of existing systems in terms of end-user privacy and stakeholder confidentiality, and design of privacy preserving systems. The scope includes in-vehicle systems (e.g. event data recorder/black box), cloud systems, and communication systems (e.g. vehicle-to-vehicle communication).

For further information, please contact Dr. André Weimerskirch.