×

Happy to Help!

This website doesn't store cookies. Enjoy the experience, without worrying about your data!

Great, thanks!

Monthly Archives: December 2018

  • December 27, 2018
  • 0

What are the Important Security Aspects of DoIP based In-Vehicle Network and Related Best Practices

Category : Embedded Blog

Let’s consider a scenario where a driver experiences a technical snag while driving in an inclement weather. Let’s say this happens in a remote area where road-side vehicle assistance is not accessible.

Diagnostics over Internet Protocol (DoIP), a vehicle diagnostics software protocol, can come in very handy in such scenarios! DoIP will be able to diagnose the fault in the vehicle remotely. And if the issue stems from an outdated software, the software update patch can be sent over DoIP to rectify the fault.

Intriguing, right? Let us try to understand how this magic is played out by DoIP, under the hood?

  • The cloud server, typically managed by an OEM, is interfaced with the vehicle ECU over the internet.
  • Via this interface, the cloud server is able to retrieve the Diagnostics Trouble Code (DTC) from the ECU.
  • Based on the DTC data, the admin of the cloud backend is able to identify the issue and suggest corrective actions

Quite incredible, right? However, there is one major concern associated with any DoIP solution!

As the communication takes place over the internet, there are fair chances that an ECU system can get hacked.

In this blog, we will analyze the DoIP software stack, from a security stand-point.We will also talk about the possible solutions and ongoing research in this area.

But before delving further into the topic, let’s spend some time in understanding remote vehicle diagnostics.

A Brief Background of Remote Automotive Diagnostics

Vehicle Diagnostics in Automotive Industry refers to examination of the car to resolve the fault (if any) and ensure seamless operations of all the software, hardware and mechanical systems.

Similar to how a pathologist tests the human body, by examining some parameters, to know about its health, automotive engineers and mechanics also examine certain vehicle parameters.

Usually, a manual vehicle diagnosis is performed by plugging in a tester device into an OBD port of the vehicle. This port provides access to the vehicle network, over which the diagnostics messages are sent and received.

However such on-site vehicle diagnostics is not always a feasible option.

To counter this, OEMs started to equip some high-end vehicles with capabilities to be diagnosed over-the-air. What started with brands-specific feature soon became standardization that we now know as DoIP!

This Standardization of technology has brought about cost reduction and ease of operations for all the stakeholders.

PWA Studio

DoIP architecture

Analysis of DoIP Software Services from security view-point

In this section, we will analyze some software services and technologies which are critical from the point-of-view of system security. These services facilitate in setting up the communication between entities in DoIP.

1. Dynamic Host Configuration Protocol (DHCP):

What does this software service facilitate? – It provides the IP address and other configuration details to the IP host that wishes to connect to the network.

Why is it sensitive from security point-of-view? – It is possible for hackers to exhaust all the available IP addresses by spoofing messages to the network. Due to this when a genuine host seeks connection, there are no IP addresses available and the service is denied to it. This is very common attack called the starvation attack.

In a different kind of attack, the hacker can present itself as the default gateway and answer to the DHCP requests from legitimate users. This can enable the hacker to send wrong diagnostics information about your vehicle.

2. Internet Protocol (IP):

What does this software service facilitate? – This service is responsible for relaying the data packets to the receiver. The sender and receiver are identified by the IP address. It is essentially the method or the protocol using which the datagrams are sent over the network.

Why is it sensitive from security point-of-view? – Automobile Hackers can take control of the network and fill the IP data fields with undesirable and wrong data. This can lead to serious issues in the functioning of the vehicle diagnostics system.

3. Transmission Control Protocol (TCP):

What does this software service facilitate? – The Internet Protocol delivers the data packets to the host but TCP is responsible for putting the packets in correct order. TCP is a correction-oriented protocol and therefore, it keeps track of the sequence of the packets.

Why is it sensitive from security point-of-view? – Hackers can execute a session hijacking attack with the objective of service denial and stealing of information. It is done by taking over a TCP stream or by inserting a RESET segment. Doing so forces a shutdown and hence, denial of service.

In a different kind of attack, the hacker can present itself as the default gateway and answer to the DHCP requests from legitimate users. This can enable the hacker to send wrong diagnostics information about your vehicle.

Having discussed about the possible vulnerabilities regarding the DoIP stack, we will now focus on the necessary preventive measures.

There are certain very critical best-practices, that as an embedded automotive engineer, one should aim to integrate seamlessly with the software design & development processes.

The security related best-practices ensure that one is able to deliver a robust DoIP Software Solution for an Automotive Project.
Best Practices to ensure security of a DoIP network

In order to secure the DoIP network, there are two important aspects to be taken care of: Communication security and Environment security.

  • The communication network over which the DoIP messages transmit can be secured by deploying tunneling technologies. In addition, clarity on how the system should be designed to manage the identity of the host and the nodes is required.
  • Securing the environment is achieved when the network endpoints are safeguarded against unauthorized entry. The research work in this area is quite over whelming however, the findings need to be aligned to DoIP requirements.

List of critical best-practices:

  • Physical security of servers, routers and switches should be ensured to prevent any unauthorized access.
  • User access profiles should be maintained with properly defined rights to restrict any illicit wireless access.
  • Audit logging needs to be enabled for the DHCP servers. In case of unusually high number of requests to DHCP, the logs can be monitored to prevent unauthorized access.
  • Set of TCP/IP protocols like SSL (Secure Socket Layer), TLS (Transport Layer Security), and IP Security can be put in place to prevent attack through TCP/IP.

DoIP is undoubtedly a protocol poised to change how automotive diagnostics work. Since DoIP runs over the Internet Protocol, one needs to be extra cautious about the safety of the system.

However, with necessary security measures discussed above, these vulnerabilities can be taken care of. The DoIP protocol specification in itself has several security measures in place to keep the vehicle and the underlying network safe.

  • December 24, 2018
  • 0

[Video] The Curious case of ‘Off-the-Shelf’ v/s ‘Custom Built’ IoT Gateway

Tags :

Category : Embedded Blog

The decision to choose between an ‘off the shelf’ and a ‘custom developed IoT gateway’ can get quite tricky.

After listening to the rather contrary view-points of the advocates of these two approaches, you may find it difficult to figure out what is best for your IoT Project.

Some experts would suggest an off the shelf IoT gateway due to faster time to market and ease of certification process. While others may suggest a custom developed solution owing to more freedom in design, Flexible form factor, Ownership of IP rights etc.

It is imperative for you to understand which is best suited for your specific business use-case, Build or Buy?

How will this Video help?

In this informative video, our IoT Consultants will share a framework to resolve this dilemma.

You will learn about the list of critical Technology and Business Parameters and how to evaluate these to overcome the Build v/s Buy Dilemma:

1. List of Technology parameters:

  • Hardware Components
  • Compatible Communication Protocols
  • Regulatory Compliance & Certifications
  • Form Factor

2. List of Business parameters:

  • Per unit Cost
  • After-Market Support
  • Prototype Development
  • Degree of ownership /IP Rights

Watch this video to learn about the evaluation process.

Who will Find this Video a Value-Add?

This video aims to share a simple framework with businesses looking for some answers to resolve the Build v/s Buy dilemma.

Right from IoT solution architects to hardware engineers to decision makers – anyone associated with IoT solution development process will find this a useful watch!

  • December 20, 2018
  • 0

Dummy blog Ecommerce

Category : Digital Commerce & Experience Blog

What is Lorem Ipsum?

Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry’s standard dummy text ever since the 1500s, when an unknown printer took a galley of type and scrambled it to make a type specimen book. It has survived not only five centuries, but also the leap into electronic typesetting, remaining essentially unchanged. It was popularised in the 1960s with the release of Letraset sheets containing Lorem Ipsum passages, and more recently with desktop publishing software like Aldus PageMaker including versions of Lorem Ipsum.

  • December 20, 2018
  • 0

What’s in-store for Ecommerce Merchants and Magento Developers: An Analysis of Magento 2.3.0 Release

Category : Digital Commerce & Experience Blog

After making headlines in the e-commerce world for becoming an integral part of the Adobe family, Magento is yet again the talk of the town before the end of 2018.

This time the reason is the official release of Magento 2.3.0 beta version.

Magento has announced the release of Magento 2.3.0 beta version with the aim of offering more “engaging and innovative shopping experiences”.

The latest release of Magento is a treasure of new functionalities & tools along with bug fixes and feature enhancements – that are expected to help the merchants accelerate their business growth and allow Magento developers to build solutions rapidly and efficiently.

In this blog, we will look at what the latest release of Magento Commerce has in store for the merchants, end-users , and the community of ecommerce developers.

Highlights of the New Features Included in the Magento 2.3.0:

Magento 2.3.0 Release

New features included in the Magento 2.3.0 Release.

What  Merchants and End-Users should look forward to in Magento 2.3.0:

  1. MULTI-SOURCE INVENTORY (MSI): MSI is one of the most exciting features supported by the Magento 2.3.0. release. MSI enables the merchants to manage the inventory across multiple physical locations through a single Magento admin panel, thereby enhancing the overall efficiency of their stores.

    The MSI feature lets the e-commerce merchants to:

    • Assign products with specific quantities to each fulfillment sources including the warehouses, distribution centers or even third-party drop shippers.
    • Track any change in the inventory at each source.
    • Streamline operations by assigning priority to the inventory sources.
    • Seamlessly integration of the third-party inventory systems

    The feature brings with it a novel approach for inventory management that helps the merchants to serve customers regardless of their location, the channel or the device they use for shopping.

    MSI

    MSI lets the magneto admins to easily manage their inventory spread across locations through a single panel. Image Credit: Magento

  2. Magento Shipping: Magento 2.3.0 supports an easy Click & Collect shipping option. Through this, the end-users can choose a convenient collection location.
  3. Magento 2 Payments: There has been a substantial improvement in the Payment option during the checkout in the latest version of Magento. The latest version lets the end user to change currency for an order before they complete the transaction.

    4. What’s in store for Magento Developers?

  4. PWA STUDIO: Progressive Web Apps as a technology has been growing in popularity through its innate ability to create webstores that offer app-like experiences. This includes push notification, access in offline mode, ability to add a shortcut on home screen, faster loading speed, view on full screen etc.

    With the inclusion of a PWA studio, Magento has stepped up its game in mobile app development. The PWA Studio offers set of tools required to build Magento-powered PWA experiences.

    Benefits offered by PWA studio:

    • Tools to personalize content and add local preferences
    • Innovative commerce and CMS theming to deliver an intuitive user experience
    • Modular component architecture to drive opportunities specially for the extension resellers
    • One code base, one deployment and app – to build as well as manage all channels and experiences

     

    PWA Studio

    The PWA Studio is helpful in delivering an app-like browsing experience to the end users Image Credit: Magento

  5. PAGE BUILDER:  Page Builder is the content management functionality supported by Magento that comes with an intuitive, drag-and-drop interface enabling website admins to efficiently manage the website content.

    Benefits:

    • With a Page Builder, anyone can create new pages on their website, enrich products and categories, or easily launch content updates, without the support of a front-end expert.
    • The appearance and content of the website can be customized, and page-elements can be easily aligned with the help of a flexible grid system
    • Page Builder can be used to create dynamic content blocks or to launch content based on pre-fixed schedule.
  6. Introduction of the GraphQL API: GraphQL is a popular data query language for API , used widely for building faster frontends while ensuring smooth transfer of data.

    Magento has introduced support for GraphQL API language in its latest release. This open up new opportunities for developers  to fetch specific data elements from APIs in a single request and  get faster and more predictable results , on slow networks.

  7. Declarative schema: The declarative schema simplifies the installation and upgrade process associated with Magento and extensions.

    Using this Schema, the developers can define the database structure or update it with necessary changes in a seamless  manner, and also convert the XML schema files into SQL statements- without performing any redundant operations.

    8. Other Functional additions:

    In addition to the above exciting feature additions, Magento 2.3.0 also came with following functional enhancements and bug fixes such as the following:

  8. Inclusion of New and Bulk Web APIs: These APIs enable better control over the timing as well as the execution visibility of API calls, support scalable implementations and allow for faster performance– thus easing the development process for the Magento developers.
  9. Improvements to release packaging + increase in test automation, leads to a faster and an efficient process of release.
  10. New tools for Enhanced security–In order to ensure a secure operations and prevent fake logins through the webstore, Magento 2.3.0 has come up with security features like Google ReCAPTCHA and Two Factor Authentication.

    Further to prevent the occurrence of any accidental changes that could potentially affect the system performance, the new Magento version includes cache flush Access Control List ( ACL) . The cache flush ACL offers the user, as decided by the Magento admin, with a granular access to the cache management settings.

  11. Enhancements in the site indexing performance – With the aim of bringing down the  indexation time (by over 60%) and to support faster product updates, Magento 2.3.0 supports sharding and parallel processing of indexers.
  12. Magento’s tech stack has been released with some major updates that includes upgrades to Redis, Elasticsearch, MySQL,and compatibility with PHP. In addition, the Elasticsearch support which was earlier just available for the Magento Commerce  will now be available for Magento Open Source also.

    Elasticsearch is an open-source distributed search and analytics engine used for advanced log analytics, security intelligence, full-text search,  business analytics – and more.

Hope you liked this review of the Magento 2.3.0 beta features. If you want to know how upgrading to Magento 2.3.0 can boost your business, please get in touch with our Ecommerce Experts.

  • December 20, 2018
  • 0

[Infographic] How to Determine ASIL for Automotive Applications, as per ISO 26262 Standard

Category : automotive-insights

Share button

infographic-ASIL-min

 

This infographic has been created based on the video blog post “[Video] How ASIL is Determined for Automotive Applications as per ISO 26262 Standard”. Read the blog and watch the ASIL determination video to get a detailed insight regarding ASIL determination process

  • December 19, 2018
  • 0

[Video] How ASIL is Determined for Automotive Applications as per ISO 26262 Standard

Category : Embedded Blog

Automotive Functional Safety has become a talking point across all the global automotive product development teams.

All the stakeholders including the OEMs, suppliers and the engineers are determined to comply with the ISO26262 Standard in order to ensure safety of the end-users.

The first step towards achieving functional safety for an automotive application or a hardware is finding its Safety Criticality.

ISO26262 specifies Automotive Safety and Integrity Level (ASIL) that helps engineers understand the safety criticality of an automotive application or a component.

It is important to determine ASIL because the safety criticality for different components is different.

Failure of a component like power window will not impact the safety of passengers or driver but an airbag failure most likely will.

What will you Learn from this Video?

  • What are the different levels of ASIL?
  • Why is ASIL so important in achieving functional safety?
  • Why different ASILs are required?
  • What goes into the determination of ASIL?
  • What are the factors taken into consideration while determining ASIL?

Who will Find this Video a Value-Add?

Everyone who is in any way associated with automotive industry will find the video relevant. ISO26262 functional safety is something every OEM and other stakeholders are taking very seriously now.

The video aims to educate these stakeholders about ASIL in a very lucid manner. Engineers who are going to start their ISO26262 journey will also find the video very useful.

It is also a good heads-up for the OEMs and the tier-1 suppliers who are yet to get onboard ISO26262 functional safety. They will be better informed about what to expect from the solution provider who is helping them in their functional safety endeavors.

  • December 4, 2018
  • 0

Hardware FMEDA to Achieve ASIL-B Compliance for an Electric Motor Control System

Category : IoT casestudies

 

About the Customer:

Our customer is a Tier-1 Automotive Supplier with expertise in diverse automotive product lines. The company caters to the Automotive OEMs across the Globe. The customer decided to partner with us for Functional Safety Consulting and implementation.

This Functional Safety project has been delivered for a prototype of an Electronic Control Unit (ECU) for a BLDC Electric Motor Control system. The project scope was to achieve ASIL-B compliance for this prototype.

 

Business Challenge:

The customer had planned to derive hardware metrics to help them achieve the product’s compliance to ASIL-B. While they were sure about the metrics they required, they wanted an in-depth consulting regarding the best approach (method) and the tool that will help them to accurately derive the metrics.

In the absence of an in-house QMS team, customer faced headwinds in progressing ahead with this project as per the framework of the ISO26262 standard.

Secondly, they wished to collaborate with a vendor with automotive domain experience, in order to effectively derive the hardware metrics for a motor control system ECU. Embitel’s Solution.

From the initial discussions, we understood that the customer needs hardware metrics (Single Point Failure Metrics, Latent Point Failure Metrics etc) for their ECU hardware components.

 

Embitel’s Solution:

Based on our previous experiences, we realized that FMEDA will be best suited to provide a single-view of these necessary metrics and make their journey to ASIL-B compliance a great value-add for their product.

Post a few discussions, the customer and our ISO26262 experts were on the same page and it was decided that we will go with FMEDA.

Our Functional Safety team got into action and initiated the process by gathering the inputs for FMEDA from the customers.

We also performed the gap analysis of the prototype at the customer’s location.

A detailed snapshot of FMEDA process execution:

  1. Our team visited customer’s location to gather the inputs and perform the gap analysis for the existing prototype design.
  2. The inputs provided to us were as follows:
    • Safety Goals from HARA.
    • Hardware Architecture.
    • Hardware Schematics.
    • Bill of Materials (BOM).
    • Datasheet for the components.
    • Safety mechanism in the hardware.
    • FMEA- Safety Relevant and Non-Safety Relevant components.
  3. We imported the BOM details to FMEDA form, to identify Safety Critical and Non-safety critical components.
  4. FIT Value was calculated by the tool based on IEC 62380 catalog.
  5. Safety Mechanisms and Diagnostics were now added to the FMEDA form in the tool for each of the components.
  6. Based on all these inputs, we calculated the Single Point Failure Metrics, Latent Point Failure Metrics, and PMHF.
  7. Joint review of the work products with the customer’s safety manager was done followed by delivery of work products and specific hardware failure metrics.

The final deliverables were:

  • FMEDA reports.
  • Single Point Failure Metrics (SPFM) Report.
  • Latent Point Failure Metrics (LPFM) Report.
  • GAP Analysis Report.
  • Probability Metric of Hardware Failure (PMHF) Calculation Report.

Team Structure for the FMEDA project at Embitel:
Fmeda Team structure

 

Embitel’s Impact:

The customer was able to identify the gaps in the hardware design in the prototype and could resolve them. Hardware Metrics from the FMEDA performed on the hardware components established the credibility of the motor control system ECU as an ASIL B compliant design.

FMEDA reports delivered by our team would serve as an ASIL-B competency evidence to win the trust of the target OEMS of our customers. This project also helped our customer integrate Functional Safety Process as part of their organization’s product design culture.

 

Tool and Technologies:

  • SOX Tool- A multi-faceted workbench that can perform HARA, FMEA, FTA, and FMEDA etc.
  • IEC 62380- The catalog behind the SOX tool. It gives the FIT value of the hardware components.

Archives

Contact Us

© 2018 Embitel. All Rights Reserved