Abstract: Systems, apparatuses, and methods to identify an electronic control unit transmitting a message on a communication bus, such as an in-vehicle network bus, are provided. ECUs transmit messages by manipulating voltage on conductive lines of the bus. Observation circuitry can observe voltage transitions associated with the transmission at multiple points on the in-vehicle network bus. A voltage waveform can be generated from the observed voltage transitions. ECUs can be identified and/or fingerprinted based on the generated waveforms.

Abstract: Various embodiments are generally directed to providing authentication and confidentiality mechanisms for message communication over an in-vehicle network. For example, authentication data associated with a communicating node may be transmitted over the network by encoding different predefined voltage levels on top of the message bits of the message being communicated. Different voltage levels may represent different encodings, such as a bit-pair or any bit combination of the authentication data. In a further example, messaging confidentiality between at least two communicating nodes may be achieved by pseudo-randomly flipping, or scrambling, the dominant and recessive voltages of the entire message frame at the analog level based on a pseudo-random control bit sequence.

Abstract: Systems, apparatus, methods, and techniques for an ego vehicle to respond to detecting misbehaving information from remote vehicles are provided. An ego vehicle, in addition to reporting misbehaving vehicles to a misbehavior authority via a vehicle-to-anything communication network, can, take additional actions based in part on how confident the ego vehicle is about the evidence of misbehavior. Where the confidence is high the ego vehicle can simply discard the misbehaving data and provide an alternative estimate for such data from alternative sources. Where the confidence is not high the ego vehicle can request assistance from neighboring vehicles and roadside units to provide independent estimates of the data to increase confidence in the evidence of misbehavior.

Abstract: Various embodiments are generally directed to providing authentication and confidentiality mechanisms for message communication over an in-vehicle network. For example, authentication data associated with a communicating node may be transmitted over the network by encoding different predefined voltage levels on top of the message bits of the message being communicated. Different voltage levels may represent different encodings, such as a bit-pair or any bit combination of the authentication data. In a further example, messaging confidentiality between at least two communicating nodes may be achieved by pseudo-randomly flipping, or scrambling, the dominant and recessive voltages of the entire message frame at the analog level based on a pseudo-random control bit sequence.

Abstract: Techniques for clock manager monitoring for time sensitive networks are described. An apparatus, comprises a clock circuitry to manage a clock for a device, a processing circuitry coupled to the clock circuitry, the processing circuitry to execute instructions to perform operations for a clock manager, the clock manager to receive messages with time information for a network and generate clock manager control information to adjust the clock to a network time for the network, and a detector coupled to the processing circuitry and the clock circuitry, the detector to receive the clock manager control information, generate model control information based on a clock model, compare the clock manager control information with the model control information to generate difference information, and determine whether to generate an alert based on the difference information. Other embodiments are described and claimed.

Abstract: Systems, methods, computer-readable storage media, and apparatuses to provide active attack detection in autonomous vehicle networks. An apparatus may comprise a network interface and processing circuitry arranged to receive a first data frame from a first electronic control unit (ECU) via the network interface, determine a voltage fingerprint of the first data frame, compare the voltage fingerprint to a voltage feature of the first ECU, determine that the first data frame is an authentic message when the voltage fingerprint does match the voltage feature of the first ECU, and determine that the first data frame is a malicious message when the voltage fingerprint does not match the voltage feature of the first ECU. Other embodiments are described and claimed.

Abstract: Systems, methods, computer-readable storage media, and apparatuses to provide active attack detection in autonomous vehicle networks. An apparatus may comprise a plurality of electronic control units communicably coupled by a network, and logic, at least a portion of which is implemented in hardware, the logic to: receive an indication from a first electronic control unit (ECU) of the plurality of ECUs specifying to transmit a first data frame via the network, determine, based on a message identifier (ID) of the first ECU, whether a transmit window for the first ECU is open, and permit the first ECU to transmit the first data frame via the network based on a determination that the transmit window for the first ECU is open.

Abstract: A platform comprising numerous reconfigurable circuit components arranged to operate as primary and redundant circuits is provided. The platform further comprises security circuitry arranged to monitor the primary circuit for anomalies and reconfigurable circuit arranged to disconnect the primary circuit from a bus responsive to detection of an anomaly. Furthermore, the present disclosure provides for the quarantine, refurbishment and designation as redundant, the anomalous circuit.

Abstract: Systems, apparatus, methods, and techniques for reporting an attack or intrusion into an in-vehicle network are provided. The attack can be broadcast to connected vehicles over a vehicle-to-vehicle network. The broadcast can include an indication of a sub-system involved in the attack and can include a request for assistance in recovering from the attack. Connected vehicles can broadcast responses over the vehicle-to-vehicle network. The responses can include indications of data related to the compromised sub-system. The vehicle can receive the responses and can use the responses to recover from the attack, such as, estimate data.

Abstract: Systems, methods, computer program products, and apparatuses for low latency, fully reconfigurable hardware logic for ensemble classification methods, such as random forests. An apparatus may comprise circuitry for an interconnect and circuitry for a random forest implemented in hardware. The random forest comprising a plurality of decision trees connected via the interconnect, each decision tree comprising a plurality of nodes connected via the interconnect. A first decision tree of the plurality of decision trees comprising a first node of the plurality of nodes to: receive a plurality of elements of feature data via the interconnect, select a first element of feature data, of the plurality of elements of feature data, based on a configuration of the first node, and generate an output based on the first element of feature data, an operation, and a reference value, the operation and reference value specified in the configuration of the first node.

Abstract: Systems, methods, computer program products, and apparatuses for low latency, fully reconfigurable hardware logic for ensemble classification methods, such as random forests. An apparatus may comprise circuitry for an interconnect and circuitry for a random forest implemented in hardware. The random forest comprising a plurality of decision trees connected via the interconnect, each decision tree comprising a plurality of nodes connected via the interconnect. A first decision tree of the plurality of decision trees comprising a first node of the plurality of nodes to: receive a plurality of elements of feature data via the interconnect, select a first element of feature data, of the plurality of elements of feature data, based on a configuration of the first node, and generate an output based on the first element of feature data, an operation, and a reference value, the operation and reference value specified in the configuration of the first node.

Abstract: Systems, apparatus, methods, and techniques for an ego vehicle to respond to detecting misbehaving information from remote vehicles are provided. An ego vehicle, in addition to reporting misbehaving vehicles to a misbehavior authority via a vehicle-to-anything communication network, can, take additional actions based in part on how confident the ego vehicle is about the evidence of misbehavior. Where the confidence is high the ego vehicle can simply discard the misbehaving data and provide an alternative estimate for such data from alternative sources. Where the confidence is not high the ego vehicle can request assistance from neighboring vehicles and roadside units to provide independent estimates of the data to increase confidence in the evidence of misbehavior.

Abstract: A computing node to implement a management entity in a CP-based network. The node including processing circuitry configured to encode an inquiry message requesting information on CPS capabilities. Response messages are received from a set of sensing nodes of a plurality of sensing nodes in response to the inquiry message. The response messages include the information on the CPS capabilities of the set of sensing nodes. A notification message indicating selecting of a sensing node as a sensing coordinator is encoded for transmission. Sensed data received in a broadcast message from the sensing coordinator is decoded. The sensed data including data associated with one or more non-V2X capable sensing nodes.

Abstract: Techniques to secure a time sensitive network are described. An apparatus may establish a data stream between a first device and a second device in a network domain, the network domain includes a plurality of switching nodes, receive messages from the first device by the second device in the network domain, the messages to comprise time information to synchronize a first clock for the first device and a second clock for the second device to a network time for the network domain, update a correction field for a received message with a residence time and time delay value by the second device, determine whether the updated message is benign or malicious, update the correction field for the updated message with an inference time when the updated message is benign, and prevent relay of the updated message to other devices in the network domain when the updated message is malicious.

Abstract: A method and system for remediating vulnerable code libraries, including open source libraries, in a software application are disclosed. An application that uses code libraries and information regarding known library vulnerabilities is received, then it can be determined if one or more libraries in the application is vulnerable based upon the information. For each of the one or more vulnerable libraries a library version that minimizes risk is determined. The determined library version is incorporated into the application to form a test application, and an application test is performed on the test application. If the application test is below a predetermined threshold, the determined library version is incorporated into a final application precursor. A final application can be determined from the final application precursor for each vulnerable library.

Abstract: Time recovery techniques are described. A method comprises receiving messages from the first device by the second device in the first network domain, the messages to comprise time information to synchronize a first clock for the first device and a second clock for the second device to a network time, determining the second clock is to recover the network time for the second device without new messages from the first device, retrieving a first set of timestamps previously stored for events in the first network domain using the network time from the second clock, retrieving a second set of timestamps previously stored for the events in the first network domain using a redundant time from a third clock, where the third clock is not synchronized with the first and second clocks, and recovering the network time using a regression model and the redundant time from the third clock.

Abstract: Systems, apparatus, methods, and techniques for reporting an attack or intrusion into an in-vehicle network are provided. The attack can be broadcast to connected vehicles over a vehicle-to-vehicle network. The broadcast can include an indication of a sub-system involved in the attack and can include a request for assistance in recovering from the attack. Connected vehicles can broadcast responses over the vehicle-to-vehicle network. The responses can include indications of data related to the compromised sub-system. The vehicle can receive the responses and can use the responses to recover from the attack, such as, estimate data.

Abstract: A platform comprising numerous reconfigurable circuit components arranged to operate as primary and redundant circuits is provided. The platform further comprises security circuitry arranged to monitor the primary circuit for anomalies and reconfigurable circuit arranged to disconnect the primary circuit from a bus responsive to detection of an anomaly. Furthermore, the present disclosure provides for the quarantine, refurbishment and designation as redundant, the anomalous circuit.

Abstract: Various embodiments are generally directed to techniques for providing improved privacy protection against vehicle tracking for connected vehicles of a vehicular network. For example, at least one road side unit may: identify a set of vehicles that require pseudonym changes and send an invitation for a pseudonym change event to each of the vehicles, determine at least a total number of the acceptances, determine whether the total number meets or exceeds a predetermined threshold number, send acknowledgement messages to the accepting vehicles if the threshold number is met, and form a vehicle group to coordinate the pseudonym change event during a privacy period. During the privacy period, the RSU and the vehicles may communicate with each other in a confidential and private manner via key-session-based unicast transmission, and coordinate transmission power and vehicle trajectory adjustments to maximize the benefits for safety and obfuscation for privacy.

Abstract: A method and system for remediating vulnerable code libraries, including open source libraries, in a software application. An application that uses code libraries and information regarding known library vulnerabilities are received, then it identifies one or more libraries in the application that are vulnerable based upon the information. For each of the one or more vulnerable libraries, a library version that minimizes risk is determined. The determined library version is incorporated into the application to form a test application, and an application test is performed on the test application. If an application test score on the test application is below a predetermined threshold, the determined library version is incorporated into a final application precursor. A final application can be determined from the final application precursor for each of the one or more vulnerable libraries.