WayWise is an innovative C++ and Qt-based rapid prototyping library designed to advance the development and analysis of connected, autonomous vehicles (CAVs) and Unmanned Arial Systems (UASs). It was deployed on model-sized cars and trucks as well as full-sized mobile machinery, tractors and UASs. It is actively being used in several European research projects. Developed by the RISE Dependable Transport Systems unit, the library facilitates exploration into safety and cybersecurity aspects inherent to various emerging vehicular applications within road traffic and offroad applications. This non-production library emphasizes rapid prototyping, leveraging commercial off-the-shelf hardware and the different protocols for vehicle-control communication, mainly focusing on MAVLINK. The utility of WayWise in rapidly evaluating complex vehicular behaviors is demonstrated through various research projects, thus contributing to the field of autonomous vehicular technology.
In recent years, the increasing digitalisation and interconnectedness of railway systems have underscored the critical importance of robust cybersecurity measures. Notable cybersecurity incidents, such as the sabotage of more than 20 trains in Poland via simple "radio-stop" commands using low-cost equipment, highlight the vulnerability of these complex systems to disruptions that can have far-reaching consequences. Moreover, the evolving threat landscape, characterised by increasingly sophisticated ransomware and distributed denial-ofservice (DDoS) attacks, poses ongoing challenges that demand continuous vigilance and adaptation. The regulatory response, including stringent EU directives such as the Cybersecurity Act and the NIS 2 Directive, reflects a concerted effort to elevate the cybersecurity standards that impact the transportation sector. The objective of this work is to provide a cybersecurity risk assessment of the Virtually Coupled Train Set (VCTS) design that is developed within the R2DATO EU Rail project. This work leverages the methodologies developed under the Shift2Rail (S2R) initiative, particularly the X2Rail-5 project. The assessment aims to identify potential vulnerabilities and assess the impact of potential threats. Risk and target security level evaluations for VCTS are presented for identifying applicable security requirements from IEC 62443. By applying a risk assessment tool based on IEC 62443-3-2 and CLC/TS 50701 towards regulatory compliance measures, this work seeks to fortify the cybersecurity of railway systems, ensuring safer and more reliable operations in an increasingly digital landscape.
With their inherent convenience factor, Internet of Things (IoT) devices have exploded in numbers during the last decade, but at the cost of security. Machine learning (ML) based intrusion detection systems (IDS) are increasingly proving necessary tools for attack detection, but requirements such as extensive data collection and model training make these systems computationally heavy for resource-limited IoT hardware. This paper’s main contribution to the cyber security research field is a demonstration of how a dynamic user-level scheduler can improve the performance of IDS suited for lightweight and data-driven ML algorithms towards IoT. The dynamic user-level scheduler allows for more advanced computations, not intended to be executed on resource-limited IoT units, by enabling parallel model retraining locally on the IoT device without halting the IDS. It eliminates the need for any cloud resources as computations are kept locally at the edge. The experiments showed that the dynamic user-level scheduler provides several advantages compared to a previously developed baseline system. Mainly by substantially increasing the system’s throughput, which reduces the time until attacks are detected, as well as dynamically allocating resources based on attack suspicion.
he increased importance of cybersecurity in autonomous machinery is becoming evident in the forestry domain. Forestry worksites are becoming more complex with the involvement of multiple systems and system of systems. Hence, there is a need to investigate how to address cybersecurity challenges for autonomous systems of systems in the forestry domain. Using a literature review and adapting standards from similar domains, as well as collaborative sessions with domain experts, we identify challenges towards CE-certified autonomous forestry machines focusing on cybersecurity and safety. Furthermore, we discuss the relationship between safety and cybersecurity risk assessment and their relation to AI, highlighting the need for a holistic methodology for their assurance.