Periodic Reporting for period 1 - DIAS (Smart Adaptive Remote Diagnostic Antitampering Systems)
Reporting period: 2019-09-01 to 2021-02-28
- Even though air quality in Europe has improved over recent decades, the current levels of air pollutants can seriously affect human health and the environment. As an example, NOx contributes to the formation of ground-level ozone, to acid deposition and eutrophication of soil and water and, in particular, NO2 is associated with adverse effects on human health. Pollutant emissions of road vehicles have been reduced significantly thanks to the development and application of effective emissions control systems. Nevertheless, tampering with these systems leads to significantly elevated tailpipe emissions. Already in many European countries, tampered vehicles seem to cover a significant percentage of the vehicle’s fleet. For example, in early 2017, it was discovered that the SCR systems of up to 20% of eastern European heavy-duty vehicles on German roads are suspect of being manipulated. Tampering also exists for other important devices, such as tachographs or alcolocks. At the same time, automotive-type de-pollution technologies are applied in other sectors, such as rail, inland navigation, generators, earth-moving machinery, etc. In turn, any anti-tampering solution would also be relevant for these applications.
- The overall objective of DIAS is to support the transition to more effective protection and detection systems based on on-board diagnostics and monitoring (OBD/OBM) that will ensure a strong reduction of the tampering activities. The project aims at defining methods and providing a solid basis for future standards in the security and diagnostic systems to ensure that hardware, software and communication manipulation will be detected and that the detection will be successful regardless of the manipulation attempt has been foreseen or not during the initial design of the system.
The overall target is broken down into four main objectives as follows:
I. “Market” analysis and assessment of the operation of representative tampering systems and their effect on the performance of emission control systems
II. Identification and implementation of detection methods and countermeasures
III. Testing and demonstration of the success of measures
IV. Setup of guidelines and recommendations for future legislation for the introduction of future safe monitoring systems
• Pillar a. includes market and system analysis to identify the way existing tampering systems operate and set anti-tampering requirements. An inventory of device providers was compiled through market research. Cheating devices were categorized in terms of the principle of operation and weaknesses of existing systems that tampering devices exploit. The tampering devices were tested in the laboratory and selected tampering equipment was installed on vehicles to demonstrate the effect of manipulation under real-world conditions and generate sufficient data signals for the analysis of the device operation. Finally, the vulnerabilities based on the most critical tampering cases that were tested were identified and anti-tampering requirements for various end-users (vehicle manufacturers, workshops, legislator, etc.) were proposed.
• Pillar b. includes security analysis at the three levels of data flow, i.e. hardware, software and communications, the challenges in these fields and the available technologies to cope with these challenges. A generic vehicle architecture was defined for reference which includes most of the important sensors, control units and communication protocols typically found in a modern vehicle. This was evaluated from the security point of view to understand the tampering possibilities and develop security requirements for protection against them and security threat analysis and risk assessment were performed. Through this process, the identified threats were rated and assigned a security level to prioritize them. The output of the task was high-level security requirements.
• Pillar c. includes on-board diagnostics. Tampering attempts (mainly through hardware modification) are prevented or detected in case that an intrusion cannot be effectively prevented by system security solutions only. As a first countermeasure, enhanced and new software algorithms were investigated. Weaknesses of respective tampering mechanism were considered for plausibilisation of certain signals to detect tampering. The investigations comprised the usage of existing On Board Diagnosis functions with advanced calibration as well as dedicated tampering detection functions, both integrated into the Engine Control Unit, thus called level 1 countermeasure (on-going activity).
The knowledge gained in the testing of tampering devices and the development of anti-tampering measures will be leveraged to recommend regulatory provisions that prevent misinterpretation and regulation beating. The proposals will be reviewed by several stakeholders including the advisory board, the associated industry as well as drivers’ and consumers’ associations.