Search Results (192)

Critical Internet of Things (IoT) data in Fifth Generation Vehicular Ad Hoc Networks (5G VANETs) demands Ultra-Reliable Low-Latency Communication (URLLC) to support mission-critical vehicular applications such as autonomous driving and collision avoidance. Achieving the stringent Quality of Service (QoS) requirements for these applications remains a significant challenge. This paper proposes a novel framework integrating Software-Defined Networking (SDN) and Network Functions Virtualisation (NFV) as embedded functionalities in connected vehicles. A lightweight SDN Controller model, implemented via vehicle on-board computing resources, optimised QoS for communications between connected vehicles and the Next-Generation Node B (gNB), achieving a consistent packet delivery rate of 100%, compared to 81–96% for existing solutions leveraging SDN. Furthermore, a Software-Defined Wide-Area Network (SD-WAN) model deployed at the gNB enabled the efficient management of data, network, identity, and server access. Performance evaluations indicate that SDN and NFV are reliable and scalable technologies for virtualised and distributed 5G VANET infrastructures. Our SDN-based in-vehicle traffic classification model for dynamic resource allocation achieved 100% accuracy, outperforming existing Artificial Intelligence (AI)-based methods with 88–99% accuracy. In addition, a significant increase of 187% in flow rates over time highlights the framework’s decreasing latency, adaptability, and scalability in supporting URLLC class guarantees for critical vehicular services. Full article

The evolution of the internet towards supporting time-critical applications, such as industrial cyber-physical systems (CPSs) and autonomous systems, has created an urgent demand for networks capable of providing deterministic, low-latency communication. Autonomous vehicles represent a particularly challenging use case within this domain, requiring both reliability and determinism for massive data streams—a requirement that traditional Ethernet technologies cannot satisfy. This paper addresses this critical gap by proposing a comprehensive scheduling framework based on Time-Aware Shaping (TAS) within the Time-Sensitive Networking (TSN) standard. The framework features two key contributions: (1) a novel baseline scheduling algorithm that incorporates a sub-flow division mechanism to enhance schedulability for high-bandwidth streams, computing Gate Control Lists (GCLs) via an iterative SMT-based method; (2) a separate heuristic-based computation acceleration algorithm to enable fast, scalable GCL generation for large-scale networks. Through extensive simulations, the proposed baseline algorithm demonstrates a reduction in end-to-end latency of up to 59% compared to standard methods, with jitter controlled at the nanosecond level. The acceleration algorithm is shown to compute schedules for 200 data streams in approximately one second. The framework’s effectiveness is further validated on a real-world TSN hardware testbed, confirming its capability to achieve deterministic transmission with low latency and jitter in a physical environment. This work provides a practical and scalable solution for deploying deterministic communication in complex autonomous and cyber-physical systems. Full article

The controller area network (CAN) protocol, widely used for in-vehicle communication, lacks built-in security features and is inherently vulnerable to various attacks. Numerous attack techniques against CAN have been reported, leading to intrusion detection systems (IDSs) tailored for in-vehicle networks. In this study, we propose a novel lightweight unsupervised IDS for CAN networks, designed for real-time, on-device implementation. The proposed autoencoder model was trained exclusively on normal data. A portion of the attack data was utilized to determine the optimal detection threshold using a Gaussian kernel density estimation function, while the frame count was selected based on error rate analysis. Subsequently, the model was evaluated using four types of attack data that were not seen during training. Notably, the model employs a single threshold across all attack types, enabling detection using a single model. Furthermore, the designed software model was optimized for hardware implementation and validated on an FPGA under a real-time CAN communication environment. When evaluated, the proposed system achieved an average accuracy of 99.2%, precision of 99.2%, recall of 99.1%, and F1-score of 99.2%. Furthermore, compared to existing FPGA-based IDS models, our model reduced the usage of LUTs, flip-flops, and power by average factors of 1/5, 1/6, and 1/11. Full article

With the rapid development of smart connected vehicles, vehicle network communications demand high-speed data transmission to support advanced automotive services. Millimeter Wave (mmWave) communication offers fast data rates, strong anti-interference capabilities, high precision localization and low-latency, making it suitable for high-speed in-vehicle communications. However, mmWave communication performance in vehicular networks is hindered by high path loss and frequent beam alignment updates, significantly degrading the coverage and connectivity of vehicle nodes (VNs). In addition, atmospheric propagation attenuation further deteriorates signal quality and limits system performance due to raindrop absorption and scattering. Therefore, the pure mmWave networks cannot meet the high requirements of highway vehicular communications. To address these challenges, this paper proposes a hybrid mmWave and microwave network architecture to improve VNs’ coverage and connectivity performances through the strategic deployment of Roadside Units (RSUs). Using Radio Access Technology (RAT), mmWave and microwave RSUs are symmetrically deployed on both sides of the road to communicate with VNs located at the road center. This symmetric RSUs deployment significantly improves the network reliability. Analytical expressions for coverage and connectivity in the proposed hybrid networks are derived and compared with the pure mmWave networks, accounting for rainfall attenuation. The study results show that the proposed hybrid network shows better performance than the pure mmWave network in both coverage and connectivity. Full article

The Controller Area Network (CAN) protocol is one of the important communication standards in autonomous vehicles, enabling real-time information sharing across in-vehicle (IV) components to realize smooth coordination and dependability in vital activities. Without encryption and authentication, CAN reveals several vulnerabilities related to message attacks within the IV Network (IVN). Traditional centralized Intrusion Detection Systems (IDS) where all the historical data is grouped on one node result in privacy risks and scalability issues, making them unsuitable for real-time intrusion detection. To address these challenges, we propose a Deep Federated Learning (FL) architecture for intrusion detection in IVN. We propose a Bidirectional Long Short Term Memory (BiLSTM) architecture to capture temporal dependencies in the CAN bus and ensure enhanced feature extraction and multi-class classification. By evaluating our framework on three real-world datasets, we show how our proposal outperforms a baseline LSTM model from the state of the art. Full article

The Controller Area Network (CAN) bus has been implemented in most modern Vehicles. Various attacks can be launched against the CAN bus protocol because it is designed without security mechanisms. It is essential to develop a highly accurate intrusion detection system (IDS) for CAN bus attacks. We design an effective ensemble learning-based IDS scheme for detecting and classifying DoS, fuzzing, replay, and spoofing attacks. These are common CAN bus attacks that can threaten the safety of a vehicle’s driver, passengers, and pedestrians. For this purpose, we utilize supervised machine learning in combination with ensemble methods. We first perform data balancing and feature selection. We build and fine-tune random forest, Xtreme gradient boosting, and decision tree supervised learning models. We then combine these models with voting, stacking, and bagging ensemble methods. The results obtained demonstrate the effectiveness of the proposed scheme when trained on real-life CAN traffic datasets to detect and classify these four attacks. The stacking method achieved the highest performance in terms of accuracy, precision, recall, F1-score, and area-under-the-curve receiver operator characteristic (ROC-AUC). The stacking method outperformed other recently proposed methods with an F1-score, precision, recall, and accuracy of 0.993, 0.993, 0.993, and 0.986, respectively. Full article

The rapid devolopment of Internet of Vehicles (IoV) and Autonomous Connected Vehicles (ACVs) has increased the complexity of in-vehicle networks, exposing security vulnerabilities in traditional Controller Area Network (CAN) systems. CAN security faces dual challenges: stringent computational constraints imposed by automotive functional safety requirements and the impracticality of protocol modifications in multi-device networks. To address this, we propose a lightweight intrusion detection algorithm leveraging information entropy to analyze side-channel CAN message ID distributions. Evaluated in terms of detection accuracy, false positive rate, and sensitivity to bus load variations, the algorithm was implemented on an NXP MPC-5748G embedded platform through the AutoSar Framework. Experimental results demonstrate robust performance under low computational resources, achieving high detection accuracy with high recall (>80%) even at 10% bus load fluctuation thresholds. This work provides a resource-efficient security framework compatible with existing CAN infrastructures, effectively balancing attack detection efficacy with the operational constraints of automotive embedded systems. Full article

The Internet of Vehicles plays a crucial role in advancing intelligent transportation systems, with In-Vehicle Ethernet serving as the fundamental backbone network of the new generation of in-vehicle communication. However, In-Vehicle Ethernet faces various network security threats, including data theft, data tampering, and malicious attacks. This study focuses on network intrusion and security issues in In-Vehicle Ethernet, by analyzing the data characteristics of Audio Video Transport Protocol and potential network attack means. We innovatively propose a network intrusion detection method based on a weighted histogram algorithm. This method aims to enhance the security of In-Vehicle Ethernet. Experimental results show that the anomaly detection rate of the proposed weighted histogram algorithm in this study is 99.7%, which shows an improvement of 15.8% compared with the traditional Bayesian algorithm, and 6.9% higher than the decision tree algorithm. Thus, our approach enhances the stability and anti-attack ability of In-Vehicle Ethernet, providing a solid network security for In-Vehicle Networks. Full article

In response to the escalating threat of cyberattacks on smart connected vehicles, numerous Intrusion Detection Systems (IDSs) have emerged. However, existing IDSs often prioritize enhancing detection accuracy while overlooking the time needed for training and detection. Moreover, they may not fully leverage the combined utilization of CAN bus IDs and the data field with external network data. Consequently, these systems frequently struggle to meet the real-time demands and broader attack scenarios inherent in in-vehicle systems. To overcome these challenges, we propose a stacked-model IDS architecture deployed across the CAN bus and central gateway, capable of detecting both internal and external vehicular network attacks. The system extracts key features from in-vehicle and external network data, builds base learners (CART, LightGBM, XGBoost), and integrates them through stacking with a meta-learner. Feature selection and training efficiency are enhanced using information gain and maximal information coefficient algorithms. Experiments show that the proposed IDS achieves an average detection accuracy of 99.99% for internal CAN bus attacks and 99.81% for external network attacks, with fast detection times of 0.018 ms and 0.088 ms, respectively. These results highlight the system’s real-time capability, high accuracy, and adaptability to complex attack scenarios. Full article

This study aims to investigate and propose a machine learning approach that can accurately detect alcohol consumption by analyzing the thermal patterns of facial features. Thermal images from the Tufts Face Database and self-collected images were utilized to train the models in identifying temperature variations in specific facial regions. Convolutional Neural Networks (CNNs) and YOLO (You Only Look Once) algorithms were employed to extract facial features, while classifiers such as Support Vector Machines (SVMs), Multi-Layer Perceptron (MLP), and K-Nearest Neighbors (KNN), as well as Random Forest and linear regression, classify individuals as sober or intoxicated based on their thermal images. The models’ effectiveness in analyzing thermal images to determine alcohol intoxication is expected to provide a foundation for the development of a realistic drunk driver detection system based on thermal images. In this study, MLP obtained 90% accuracy and outperformed the other models in classifying the thermal images, either as sober or showing signs of alcohol consumption. The trained models may be embedded in advanced drunk detection systems as part of an in-vehicle safety application. Full article

The MIPI (Mobile Industry Processor Interface) Alliance provides a security framework for in-vehicle network connections between sensors and processing electronic control units (ECUs). One approach within this framework is data integrity verification for sensors with limited hardware resources. In this paper, the security risks associated with image sensor data are described. Adversarial examples (AEs) targeting the MIPI interface can induce misclassification, making image data integrity verification essential. A CMOS image sensor with a message authentication code (CIS-MAC) is then proposed as a defense mechanism starting from the image sensor to protect image data from malicious manipulations, such as AE attacks. Evaluation results of the physically unclonable function (PUF) response and random number, which are utilized for generating the cryptographic key and MAC tag, are presented using a 2 Mpixel CMOS image sensor. The area of the CIS-MAC circuit is estimated based on a Verilog HDL design and synthesis using a 0.18 μm CMOS process. Various hash topologies are evaluated to select a hash function suitable for key generation and MAC tag generation within the CMOS image sensor. The estimated area of the CIS-MAC circuit is 67 kGE and $0.86{\mathrm{mm}}^2$, demonstrating feasibility for implementation in a CMOS image sensor typically fabricated using analog process technology. Full article

The Controller Area Network (CAN) facilitates efficient communication among vehicle components. While it ensures fast and reliable data transmission, its lightweight design makes it susceptible to data manipulation in the absence of security layers. To address these vulnerabilities, machine learning (ML)-based intrusion detection systems (IDS) have been developed and shown to be effective in identifying anomalous CAN traffic. However, these models often function as black boxes, offering limited transparency into their decision-making processes, which hinders trust in safety-critical environments. To overcome these limitations, this paper proposes a novel method that combines Local Interpretable Model-agnostic Explanations (LIME) with a vision-language model (VLM) to generate detailed textual interpretations of an ML-based CAN IDS. This integration mitigates the challenges of visual-only explanations in traditional XAI and enhances the intuitiveness of IDS outputs. By leveraging the multimodal reasoning capabilities of VLMs, the proposed method bridges the gap between visual and textual interpretability. The method supports both global and local explanations by analyzing feature importance with LIME and translating results into human-readable narratives via VLM. Experiments using a publicly available CAN intrusion detection dataset demonstrate that the proposed method provides coherent, text-based explanations, thereby improving interpretability and end-user trust. Full article

With the development of intelligent connected vehicles, higher demands are being placed on the capabilities of in-vehicle bus networks. Compared to traditional in-vehicle bus networks like Local Interconnect Network (LIN) and Controller Area Network (CAN), the FlexRay bus offers advantages such as high real-time performance and high transmission rates, making it the core technology of the new generation of in-vehicle bus networks. This study focuses on the phenomenon of bandwidth resource waste in the FlexRay bus and innovatively proposes the FlexRay Static Segment Heterogeneous Scheduling Algorithm (SHSA). The SHSA algorithm optimizes the message transmission performance of the FlexRay bus through heterogeneous allocation of communication channels and message scheduling methods. This study established a simulation experimental platform using the CANoe.FlexRay bus network simulation tool and conducted simulation experiments on the proposed algorithm. Experimental results show that the average bandwidth utilization of the SHSA algorithm is 72.5%, which is 20.91%, 51.14%, and 54% higher than that of the existing Heterogeneous Makespan-minimizing DAG Scheduler (HMDS), Message Packing Scheme, and Jitter-aware Message Scheduling-Simulated Annealing and Greedy Randomized Adaptive Search Procedure (JAMS-SG), respectively. This study provides technical support for message transmission in intelligent connected vehicles and enhances the communication efficiency of the in-vehicle FlexRay bus network. Full article

With the rapid evolution toward autonomous vehicles, securing in-vehicle communications is more critical than ever. The widely used Controller Area Network (CAN) protocol lacks built-in security, leaving vehicles vulnerable to cyberattacks. Although machine learning-based Intrusion Detection Systems (IDSs) can achieve high detection accuracy, their heavy computational and power demands often limit real-world deployment. In this paper, we present an optimised IDS based on a Binarised Neural Network (BNN) that employs network pruning to eliminate redundant parameters, achieving up to a 91.07% reduction with only a 0.1% accuracy loss. The proposed approach incorporates a two-stage Coarse-to-Fine (C2F) framework, efficiently filtering normal traffic in the initial stage to minimise unnecessary processing. To assess its practical feasibility, we implement and compare the pruned IDS across CPU, GPU, and FPGA platforms. The experimental results indicate that, with the same model structure, the FPGA-based solution outperforms GPU and CPU implementations by up to 3.7× and 2.4× in speed, while achieving up to 7.4× and 3.8× greater energy efficiency, respectively. Among cutting-edge BNN-based IDSs, our ultra-lightweight FPGA-based C2F approach achieves the fastest average inference speed, showing a 3.3× to 12× improvement, while also outperforming them in accuracy and average F1 score, highlighting its potential for low-power, high-performance vehicle security. Full article

With the rapid development of intelligent driving technology, in-vehicle bus networks face increasingly stringent requirements for real-time performance and data transmission. Traditional bus network technologies such as LIN, CAN, and FlexRay are showing significant limitations in terms of bandwidth and response speed. In-Vehicle Ethernet, with its advantages of high bandwidth, low latency, and high reliability, has become the core technology for next-generation in-vehicle communication networks. This study focuses on bandwidth waste caused by guard bands and the limitations of Frame Pre-Emption in fully utilizing available bandwidth in In-Vehicle Ethernet. It aims to optimize TSN scheduling mechanisms by enhancing scheduling flexibility and bandwidth utilization, rather than modeling system-level vehicle functions. Based on the Time-Sensitive Networking (TSN) protocol, this paper proposes an innovative Adaptive Frame Segmentation (AFS) algorithm. The AFS algorithm enhances the performance of In-Vehicle Ethernet message transmission through flexible frame segmentation and efficient message scheduling. Experimental results indicate that the AFS algorithm achieves an average local bandwidth utilization of 94.16%, improving by 4.35%, 5.65%, and 30.48% over Frame Pre-Emption, Packet-Size Aware Scheduling (PAS), and Improved Qbv algorithms, respectively. The AFS algorithm demonstrates stability and efficiency in complex network traffic scenarios, reducing bandwidth waste and improving In-Vehicle Ethernet’s real-time performance and responsiveness. This study provides critical technical support for efficient communication in intelligent connected vehicles, further advancing the development and application of In-Vehicle Ethernet technology. Full article