Transportation Cybersecurity and Privacy

An SAE International Journal

Thomas M. Forest, General Motors Research & Development
Kevin Harnett, Volpe National Transportation Systems Center
Dr. André Weimerskirch, Lear Corporation

Aims and Scope
Transportation Cybersecurity and Privacy: An SAE International Journal is a scholarly publication of original high-quality scientific articles focusing on the Cyber Physical System (CPS) related areas of transportation cybersecurity and privacy. Articles can present methods, tools, implementations, and applications of research in transportation cybersecurity and privacy around technologies, cybersecurity engineering process, and security economics and environment. The natural scope includes passenger vehicles and commercial and heavy-duty vehicles, as well as aerospace systems. Additional transportation systems, such as rail and maritime systems, are also in scope.

Cybersecurity and Privacy Technologies
• Cybersecurity of sensors and cyber-physical systems
• Design of resilient architectures and applications
• Privacy and data protection issues in transportation systems
• Hardware security and secure hardware modules
• Security of vehicular communications (on-board, between vehicles, and between vehicles and infrastructure)
• Security of application platforms
• Intrusion and anomaly detection systems
• Forensics and analytics
• Security of legally mandated applications (e.g., event data recorders, flight data recorders, tachographs, etc.)
• Security of cloud-based infrastructure
• Security of road pricing, restricted area access and vehicle monitoring
• Security of vehicle theft deterrent, immobilization, and theft response solutions
• Security of vehicular rights control and audit (e.g., feature activation)
• Security of emergent technologies (e.g., automated driving, unmanned aerial vehicle, and electric vehicles)
• Anti-reverse engineering

Cybersecurity and Privacy Engineering Process
• Cybersecurity engineering process
• Privacy by design
• Security throughout the system life-cycle
• Vehicle-related information sharing and vulnerability coordination
• Software assurance and formal methods
• Security standardization
• Supply chain integrity and traceability
• Communication of cybersecurity risks, impacts, and priorities
• Cybersecurity assurance testing
• Information and processes to drive organizational awareness
• Incident response
• Collaboration and engagement of stakeholders
• Reverse engineering and penetration testing

Cybersecurity Economics and Environment
• Security economics of both attackers and defenders
• Security of vehicle-driven business, maintenance, and service models
• Understanding and harnessing the hacker mindset
• Right to repair issues
• Impact of privacy/security requirements that vary by jurisdiction

Call for Papers

General Information and Forms for Journals

Editorial Board


Thomas M. Forest, General Motors Research & Development: Thomas M. Forest (Tom) is a Senior Technical Fellow with General Motors Research & Development in Warren, Michigan. Tom is a member of the Electrical & Controls Systems Research Laboratory, working primarily in the areas of vehicle cybersecurity, vehicle electrical architecture, in-vehicle networking, and safety-critical systems. Since 2011 Tom has been the chairman of the SAE Vehicle Electrical Systems Security Committee and has over 30 years of experience in automotive electrical system design.

Kevin Harnett, Volpe National Transportation Systems Center: Kevin Harnett is a Program Manager for the United States Department of Transportation (DOT) at the Volpe National Transportation Systems Center located in Cambridge, Massachusetts. Mr. Harnett has over 36 years of combined project management, technical consulting, and implementation skills. Kevin is a Cybersecurity Program Manager (PM) with experience providing technical leadership in planning, implementing, and managing high-priority programs involving cybersecurity and risk management for the DOT, Federal Aviation Administration (FAA), National Highway and Traffic Safety (NHTSA), DOD/USAF, Defense Information Systems Agency (DISA), NASA, DHS, and other agencies.
From 2010-2014, Kevin supported NHTSA on their “Research Planning for Cybersecurity of Automotive Safety—Critical Electronic Control Systems” Program and the development of a Vehicle Cybersecurity Threat/Risk Model, Assessment of the Automotive Information Sharing and Analysis Center (Auto ISAC) Model Paper, Vehicle Cybersecurity Testing laboratory, and Vehicle Cybersecurity Guidance. Since October 2014, Kevin has supported DHS Science and Technology (S&T) Cybersecurity Division (CSD) on three major programs focusing on automotive cybersecurity: Automotive Cybersecurity Industry Consortium (ACIC), Cybersecurity for Government Vehicles Program, and Automotive Cybersecurity Tools Research. In support of DHS and NHTSA, Kevin has been evaluating OBD-2 dongles/telematics systems, CAN Bus, Bluetooth, etc., and state-of-the-art Automotive Cybersecurity countermeasures, such as Intrusion Detection System (IDS), Intrusion Prevention Systems (IPS), Firewalls, etc. in the Volpe Cybersecurity Vehicle Testing Lab.

Dr. André Weimerskirch, Lear Corporation: André Weimerskirch is VP Cyber Security at Lear Corporation. Before that, André established the transportation cybersecurity group at the University of Michigan Transportation Research Institute (UMTRI) and co-founded the embedded systems security company ESCRYPT, which was sold to Bosch in 2012.
André is active in all areas of automotive and transportation cybersecurity and privacy, is a main designer of the vehicle-to-vehicle security system, which will likely be the largest security system ever deployed; has published numerous articles in the area of automotive and embedded cybersecurity; and is co-founder of the American workshop on embedded security in cars (escar USA). André is vice chair of the SAE Vehicle Electrical System Security Committee, co-chairs the Michigan Mobility Transformation Center (MTC) cybersecurity working group, co-organizes the SAE ComVEC heavy vehicle cybersecurity session, and is a member of the joint SAE/ISO Cybersecurity Working Group.

Editorial Board
Jeremy Daily, University of Tulsa, USA
Karl Heimer, Principal, Heimer & Associates, LLC, USA
Dr. Daniel Johnson, Cybersecurity Fellow, Honeywell Aerospace, USA
Urban Jonson, NFTA, Inc. USA
David Pierce, Ph.D. CISSP Security+, Principal Engineer, Product Security, GE Aviation Systems, Engineering & Technology, USA
Derek P. Schatz, Boeing, USA

Contact SAE Sales Team
1-888-875-3976 (U.S. and Canada)
1-724-772-4086 (Outside the U.S.)
HTML for Linking to Page
Page URL

Related Items

Technical Paper / Journal Article
Technical Paper / Journal Article