Transportation Cybersecurity and Privacy

An SAE International Journal

Thomas M. Forest, General Motors Research & Development
Kevin Harnett, Department of Transportation (DOT)/Volpe National Transportation Systems Center
Dr. André Weimerskirch, Lear Corporation

Aims and Scope
Transportation Cybersecurity and Privacy: An SAE International Journal is a scholarly publication of original high-quality scientific articles focusing on the Cyber Physical System (CPS) related areas of transportation cybersecurity and privacy. Articles can present methods, tools, implementations, and applications of research in transportation cybersecurity and privacy around technologies, cybersecurity engineering process, and security economics and environment. The natural scope includes passenger vehicles and commercial and heavy-duty vehicles, as well as aerospace systems. Additional transportation systems, such as rail and maritime systems, are also in scope.

Cybersecurity and Privacy Technologies
• Cybersecurity of sensors and cyber-physical systems
• Design of resilient architectures and applications
• Privacy and data protection issues in transportation systems
• Hardware security and secure hardware modules
• Security of vehicular communications (on-board, between vehicles, and between vehicles and infrastructure)
• Security of application platforms
• Intrusion and anomaly detection systems
• Forensics and analytics
• Security of legally mandated applications (e.g., event data recorders, flight data recorders, tachographs, etc.)
• Security of cloud-based infrastructure
• Security of road pricing, restricted area access and vehicle monitoring
• Security of vehicle theft deterrent, immobilization, and theft response solutions
• Security of vehicular rights control and audit (e.g., feature activation)
• Security of emergent technologies (e.g., automated driving, unmanned aerial vehicle, and electric vehicles)
• Anti-reverse engineering

Cybersecurity and Privacy Engineering Process
• Cybersecurity engineering process
• Privacy by design
• Security throughout the system life-cycle
• Vehicle-related information sharing and vulnerability coordination
• Software assurance and formal methods
• Security standardization
• Supply chain integrity and traceability
• Communication of cybersecurity risks, impacts, and priorities
• Cybersecurity assurance testing
• Information and processes to drive organizational awareness
• Incident response
• Collaboration and engagement of stakeholders
• Reverse engineering and penetration testing

Cybersecurity Economics and Environment
• Security economics of both attackers and defenders
• Security of vehicle-driven business, maintenance, and service models
• Understanding and harnessing the hacker mindset
• Right to repair issues
• Impact of privacy/security requirements that vary by jurisdiction

Call for Papers

General Information and Forms for Journals

Editorial Board


Thomas M. Forest, General Motors Research & Development: Thomas M. Forest (Tom) is a Senior Technical Fellow with General Motors Research & Development in Warren, Michigan. Tom is a member of the Electrical & Controls Systems Research Laboratory, working primarily in the areas of vehicle cybersecurity, vehicle electrical architecture, in-vehicle networking, and safety-critical systems. Since 2011 Tom has been the chairman of the SAE Vehicle Electrical Systems Security Committee and has over 30 years of experience in automotive electrical system design.

Kevin Harnett, Department of Transportation (DOT)/Volpe National Transportation Systems Center: Kevin Harnett is a Program Manager for the United States Department of Transportation (DOT) at the Volpe National Transportation Systems Center located in Cambridge, Massachusetts. Mr. Harnett has over 36 years of combined project management, technical consulting, and implementation skills. Kevin is a Cybersecurity Program Manager (PM) with experience providing technical leadership in planning, implementing, and managing high-priority programs involving cybersecurity and risk management for the DOT, Federal Aviation Administration (FAA), National Highway and Traffic Safety (NHTSA), DOD/USAF, Defense Information Systems Agency (DISA), NASA, DHS, and other agencies. From 2010-2014, Kevin supported NHTSA on their “Research Planning for Cybersecurity of Automotive Safety—Critical Electronic Control Systems” Program and the development of a Vehicle Cybersecurity Threat/Risk Model, Assessment of the Automotive Information Sharing and Analysis Center (Auto ISAC) Model Paper, Vehicle Cybersecurity Testing laboratory, and Vehicle Cybersecurity Guidance. Since October 2014, Kevin has supported DHS Science and Technology (S&T) Cybersecurity Division (CSD) on three major programs focusing on automotive cybersecurity: Automotive Cybersecurity Industry Consortium (ACIC), Cybersecurity for Government Vehicles Program, and Automotive Cybersecurity Tools Research. In support of DHS, Kevin has been evaluating OBD-2 dongles/telematics systems, Open Source CAN tools, CAN Bus, Bluetooth, etc., and state-of-the-art Automotive Cybersecurity countermeasures, such as Intrusion Detection System (IDS), Intrusion Prevention Systems (IPS), Firewalls, etc. in the Volpe Cybersecurity Vehicle Testing Lab. Since 2016, Kevin is also supporting the National Motor Freight Traffic Association (NMFTA) on a new program called Heavy Vehicle Cybersecurity (HVCS), Kevin is evaluating OEM heavy vehicles and telematics system vulnerabilities.

Dr. André Weimerskirch, Lear Corporation: André Weimerskirch is VP Cyber Security at Lear Corporation. Before that, André established the transportation cybersecurity group at the University of Michigan Transportation Research Institute (UMTRI) and co-founded the embedded systems security company ESCRYPT, which was sold to Bosch in 2012.

André is active in all areas of automotive and transportation cybersecurity and privacy, is a main designer of the vehicle-to-vehicle security system, which will likely be the largest security system ever deployed; has published numerous articles in the area of automotive and embedded cybersecurity; and is co-founder of the American workshop on embedded security in cars (escar USA). André is vice chair of the SAE Vehicle Electrical System Security Committee, co-chairs the Michigan Mobility Transformation Center (MTC) cybersecurity working group, co-organizes the SAE ComVEC heavy vehicle cybersecurity session, and is a member of the joint SAE/ISO Cybersecurity Working Group.

Editorial Board
Lisa Boran, Ford, USA
Joshua Corman, Founder—I Am the Cavalry, USA
Andy Davis, NCC, UK
Jeremy Daily, The University of Tulsa, USA
Karim El Defrawy, Southwest Research Institute, USA
Benjamin Glas, Porsche, Germany
Jorge Guajardo, Robert Bosch Research and Technology Center, USA
Karl Heimer, Principal, Heimer & Associates, LLC, USA
Dr. Daniel Johnson, Cybersecurity Fellow, Honeywell Aerospace, USA
Urban Jonson, NMFTA, Inc. USA
Suzanne Lightman, NIST, USA
Bill Mazzara, FCA Group, USA
Ira McDonald, High North, USA
Dariusz Mikulski, TARDEC, USA
Brian Murray, ZF TRW, USA
Aleksey Nogin, HRL Laboratories, USA
Hisashi Oguma, Toyota ITC Ltd, Japan
Christof Paar, Germany
David Pierce, Ph.D. CISSP Security+, Principal Engineer, Product Security, GE Aviation Systems, Engineering & Technology, USA
Neal Probert, Nissan, USA
Derek P. Schatz, Boeing, USA
Craig Smith, Rapid7, USA
Anuja Sonalker, STEER Auto Cyber, USA
Alan Tatourian, Intel USA
Eric Thayer, Assured Information Security, Inc., USA

Contact SAE Sales Team
1-888-875-3976 (U.S. and Canada)
1-724-772-4086 (Outside the U.S.)
HTML for Linking to Page
Page URL

Related Items

Training / Education
Training / Education