Home

Results 1 - 10 of 205,164 for message software. Search took 2.38 seconds.  
Sort by date/Sort by relevance
PROPOSAL FOR RECOMMENDATIONS ON UNIFORM PROVISIONS CONCERNING CYBER SECURITY AND SOFTWARE UPDATES
CAM, DENM) 11.3 Malicious diagnostic messages 11.4 Malicious proprietary messages (e.g. those normally sent from OEM or component/system/function supplier) 4.3.3 Threats to vehicles regarding their update procedures 12 Misuse or compromise of update procedures 12.1 Compromise of over the air software update procedures. (...) hacking/ tampering/ blocking of messages such as ODR Tracker data, or number of runs) 20.4 Data manipulation to falsify vehicle’s driving data (e.g. mileage, driving speed, driving directions, etc.) 20.5 Unauthorized changes to system diagnostic data 21 Erasure of data/code 21.1 Unauthorized deletion/manipulation of system event logs ECE/TRANS/WP.29/GRVA/2021/20 13 High level and sub-level descriptions of vulnerability/ threat Example of vulnerability or attack method 22 Introduction of malware 22.2 Introduce malicious software or malicious software activity 23 Introduction of new software or overwrite existing software 23.1 Fabrication of software of the vehicle control system or information system 24 Disruption of systems or operations 24.1 Denial of service, for example this may be triggered on the internal network by flooding a CAN bus, or by provoking faults on an ECU via a high rate of messaging 25 Manipulation of vehicle parameters 25.1 Unauthorized access of falsify the configuration parameters of vehicle’s key functions, such as brake data, airbag deployed threshold, etc. 25.2 Unauthorized access of falsify the charging parameters, such as charging voltage, charging power, battery temperature, etc. 4.3.7 Potential vulnerabilities that could be exploited if not sufficiently protected or hardened 26 Cryptographic technologies can be compromised or are insufficiently applied 26.1 Combination of short encryption keys and long period of validity enables attacker to break encryption 26.2 Insufficient use of cryptographic algorithms to protect sensitive systems 26.3 Using already or soon to be deprecated cryptographic algorithms 27 Parts or supplies could be compromised to permit vehicles to be attacked 27.1 Hardware or software, engineered to enable an attack or fails to meet design criteria to stop an attack 28 Software or hardware development permits vulnerabilities 28.1 Software bugs. (...) Example Security Controls can be found in OWASP. 23.1 Fabrication of software of the vehicle control system or information system 24.1 Denial of service, for example this may be triggered on the internal network by flooding a CAN bus, or by provoking faults on an ECU via a high rate of messaging M13 Measures to detect and recover from a denial of service attack shall be employed 25.1 Unauthorized access to falsify configuration parameters of vehicle’s key functions, such as brake data, airbag deployed threshold, etc.
Language:English
Score: 1161153.9 - https://daccess-ods.un.org/acc...RANS/WP.29/GRVA/2021/20&Lang=E
Data Source: ods
PROPOSAL FOR RECOMMENDATIONS ON UNIFORM PROVISIONS CONCERNING CYBER SECURITY AND SOFTWARE UPDATES
CAM, DENM) 11.3 Malicious diagnostic messages 11.4 Malicious proprietary messages (e.g. those normally sent from OEM or component/system/function supplier) 4.3.3 Threats to vehicles regarding their update procedures 12 Misuse or compromise of update procedures 12.1 Compromise of over the air software update procedures. (...) hacking/ tampering/ blocking of messages such as ODR Tracker data, or number of runs) 20.4 Data manipulation to falsify vehicle’s driving data (e.g. mileage, driving speed, driving directions, etc.) 20.5 Unauthorized changes to system diagnostic data 21 Erasure of data/code 21.1 Unauthorized deletion/manipulation of system event logs ECE/TRANS/WP.29/GRVA/2022/5 13 High level and sub-level descriptions of vulnerability/ threat Example of vulnerability or attack method 22 Introduction of malware 22.2 Introduce malicious software or malicious software activity 23 Introduction of new software or overwrite existing software 23.1 Fabrication of software of the vehicle control system or information system 24 Disruption of systems or operations 24.1 Denial of service, for example this may be triggered on the internal network by flooding a CAN bus, or by provoking faults on an ECU via a high rate of messaging 25 Manipulation of vehicle parameters 25.1 Unauthorized access of falsify the configuration parameters of vehicle’s key functions, such as brake data, airbag deployed threshold, etc. 25.2 Unauthorized access of falsify the charging parameters, such as charging voltage, charging power, battery temperature, etc. 4.3.7 Potential vulnerabilities that could be exploited if not sufficiently protected or hardened 26 Cryptographic technologies can be compromised or are insufficiently applied 26.1 Combination of short encryption keys and long period of validity enables attacker to break encryption 26.2 Insufficient use of cryptographic algorithms to protect sensitive systems 26.3 Using already or soon to be deprecated cryptographic algorithms 27 Parts or supplies could be compromised to permit vehicles to be attacked 27.1 Hardware or software, engineered to enable an attack or fails to meet design criteria to stop an attack 28 Software or hardware development permits vulnerabilities 28.1 Software bugs. (...) Specific example is the use of unprotected gateways, or access points (such as truck-trailer gateways), to circumvent protections and gain access to other network segments to perform malicious acts, such as sending arbitrary CAN bus messages M23 Cybersecurity best practices for software and hardware development shall be followed.
Language:English
Score: 1159970.1 - https://daccess-ods.un.org/acc...TRANS/WP.29/GRVA/2022/5&Lang=E
Data Source: ods
PROPOSAL FOR RECOMMENDATIONS ON UNIFORM PROVISIONS CONCERNING CYBER SECURITY AND SOFTWARE UPDATES
CAM, DENM) 11.3 Malicious diagnostic messages 11.4 Malicious proprietary messages (e.g. those normally sent from OEM or component/system/function supplier) 4.3.3 Threats to vehicles regarding their update procedures 12 Misuse or compromise of update procedures 12.1 Compromise of over the air software update procedures. (...) hacking/ tampering/ blocking of messages such as ODR Tracker data, or number of runs) 20.4 Data manipulation to falsify vehicle’s driving data (e.g. mileage, driving speed, driving directions, etc.) 20.5 Unauthorized changes to system diagnostic data 21 Erasure of data/code 21.1 Unauthorized deletion/manipulation of system event logs ECE/TRANS/WP.29/2022/60 13 High level and sub-level descriptions of vulnerability/ threat Example of vulnerability or attack method 22 Introduction of malware 22.2 Introduce malicious software or malicious software activity 23 Introduction of new software or overwrite existing software 23.1 Fabrication of software of the vehicle control system or information system 24 Disruption of systems or operations 24.1 Denial of service, for example this may be triggered on the internal network by flooding a CAN bus, or by provoking faults on an ECU via a high rate of messaging 25 Manipulation of vehicle parameters 25.1 Unauthorized access of falsify the configuration parameters of vehicle’s key functions, such as brake data, airbag deployed threshold, etc. 25.2 Unauthorized access of falsify the charging parameters, such as charging voltage, charging power, battery temperature, etc. 4.3.7 Potential vulnerabilities that could be exploited if not sufficiently protected or hardened 26 Cryptographic technologies can be compromised or are insufficiently applied 26.1 Combination of short encryption keys and long period of validity enables attacker to break encryption 26.2 Insufficient use of cryptographic algorithms to protect sensitive systems 26.3 Using already or soon to be deprecated cryptographic algorithms 27 Parts or supplies could be compromised to permit vehicles to be attacked 27.1 Hardware or software, engineered to enable an attack or fails to meet design criteria to stop an attack 28 Software or hardware development permits vulnerabilities 28.1 Software bugs. (...) Specific example is the use of unprotected gateways, or access points (such as truck-trailer gateways), to circumvent protections and gain access to other network segments to perform malicious acts, such as sending arbitrary CAN bus messages M23 Cybersecurity best practices for software and hardware development shall be followed.
Language:English
Score: 1159723.8 - https://daccess-ods.un.org/acc...ECE/TRANS/WP.29/2022/60&Lang=E
Data Source: ods
ACTION BY THE METP-WG/MOG 4.1 The METP-WG/MOG is invited to note the information contained in this paper. http://www.metoffice.gov.uk/aviation/sadis/software-notes http://www.metoffice.gov.uk/aviation/sadis/software (13 pages) METP WG MOG3 SN02 WorkStationEvals Final.en.docx APPENDIX A: PROPOSED UPDATE TO SADIS FTP WORKSTATION SOFTWARE EVALUATION CRITERIA UPDATE TO FOURTH ROUND SADIS FTP WORKSTATION SOFTWARE EVALUATION CRITERIA (as endorsed by WG-MOG/3 Decision 3/xx) Workstation provider: … Software application: … Software Version No. (...) The bulletins are of the form UA**(60-79) CCCC. 21 UA//60-69 CCCC;; and UA//(70-79) CCCC Objective 1: Demonstrate that the user is alerted to the above messages. [COMPLIANT/NON- COMPLIANT] 12. i) The ability to receive WAFS SIGWX charts in the PNG (portable network graphics) chart format and display them using standard visualisation software, e.g. web browser. (...) The software evaluations are the results of software reviews that the Met Office has carried out on behalf of the ICAO SADISOPSG.
Language:English
Score: 1149613.9 - https://www.icao.int/airnaviga...orkStationEvals%20Final.en.pdf
Data Source: un
THE PRACTICE OF SAFE COMPUTING : INVITED PAPER / PREPARED AND SUBMITTED BY EDUARDO GELBSTEIN
The ‘From” line in an e-mail message can be faked in several ways: · Spoofing of e-mail messages consists of making a message appear to have come from somewhere or someone else. (...) In general terms, even the most expensive commercial antivirus software represents a fraction of the value of your computer, all of its software and, in particularly, your data. (...) Clever spammers rely on e-mail software to tell them you have read the message. · You should disable your e-mail package’s automatic return receipt requests
Language:English
Score: 1148398.9 - daccess-ods.un.org/acce...t?open&DS=CES/SEM.47/11&Lang=E
Data Source: ods
Write access to the JSVM software server is restricted to the JSVM software coordinators group. (...) This software was delivered on 6 June 2008 as JVT-AA212. (...) Tourapis (Dolby)] JM Reference Software Enhancements
Language:English
Score: 1143965.9 - https://www.itu.int/wftp3/av-a...nover/AgendaWithNotesAB_d0.doc
Data Source: un
TECHNICAL REQUIREMENTS OF THE ETIR INTERNATIONAL SYSTEM
Several front-end web servers then pop messages from the queue to be processed under timeout thresholds. 2021: 12 messages per minute 2022: 78 messages per minute 2023: 270 messages per minute 2024: 570 messages per minute 2025: 1200 messages per minute CP.2 Maximum storage dedicated to the eTIR logs eTIR logs are directly saved on the front- end web servers. (...) Reusability is the use of existing assets in some form within the software product development process. These assets are products and by-products of the software development life cycle and include code, software components, test suites, designs and documentation. 48. (...) In terms of ECE/TRANS/WP.30/GE.1/2021/31 13 software component or product, this can either be a piece of Open Source Software (OSS) or some proprietary software.
Language:English
Score: 1142569.9 - https://daccess-ods.un.org/acc...RANS/WP.30/GE.1/2021/31&Lang=E
Data Source: ods
PROPOSAL FOR A NEW UN REGULATION ON UNIFORM PROVISIONS CONCERNING THE APPROVAL OF VEHICLES WITH REGARD TO CYBER SECURITY AND OF CYBERSECURITY MANAGEMENT SYSTEMS
Sensitive data may be lost due to attacks or accidents when data is stored by third-party cloud service providers 3.3 Unauthorized internet access to the server (enabled for example by backdoors, unpatched system software vulnerabilities, SQL attacks or other means) 3.4 Unauthorized physical access to the server (conducted for example by USB sticks or other media connecting to the server) 3.5 Information breach by unintended sharing of data (e.g. admin errors) 4.3.2 Threats to vehicles regarding their communication channels 4 Spoofing of messages or data received by the vehicle 4.1 Spoofing of messages by impersonation (e.g. 802.11p V2X during platooning, GNSS messages, etc.) 4.2 Sybil attack (in order to spoof other vehicles as if there are many vehicles on the road) 5 Communication channels used to conduct unauthorized manipulation, deletion or other amendments to vehicle held code/data 5.1 Communications channels permit code injection, for example tampered software binary might be injected into the communication stream 5.2 Communications channels permit manipulate of vehicle held data/code 5.3 Communications channels permit overwrite of vehicle held data/code 5.4 Communications channels permit erasure of vehicle held data/code 5.5 Communications channels permit introduction of data/code to the vehicle (write data code) 6 Communication channels permit untrusted/unreliable messages to be accepted or are 6.1 Accepting information from an unreliable or untrusted source 6.2 Man in the middle attack/ session hijacking ECE/TRANS/WP.29/2020/79 18 High level and sub-level descriptions of vulnerability/ threat Example of vulnerability or attack method vulnerable to session hijacking/replay attacks 6.3 Replay attack, for example an attack against a communication gateway allows the attacker to downgrade software of an ECU or firmware of the gateway 7 Information can be readily disclosed. (...) CAN) messages 11.2 Malicious V2X messages, e.g. infrastructure to vehicle or vehicle-vehicle messages (e.g. (...) hacking/ tampering/ blocking of messages such as ODR Tracker data, or number of runs) 20.4 Data manipulation to falsify vehicle’s driving data (e.g. mileage, driving speed, driving directions, etc.) 20.5 Unauthorized changes to system diagnostic data 21 Erasure of data/code 21.1 Unauthorized deletion/manipulation of system event logs 22 Introduction of malware 22.2 Introduce malicious software or malicious software activity 23 Introduction of new software or overwrite existing software 23.1 Fabrication of software of the vehicle control system or information system ECE/TRANS/WP.29/2020/79 20 High level and sub-level descriptions of vulnerability/ threat Example of vulnerability or attack method 24 Disruption of systems or operations 24.1 Denial of service, for example this may be triggered on the internal network by flooding a CAN bus, or by provoking faults on an ECU via a high rate of messaging 25 Manipulation of vehicle parameters 25.1 Unauthorized access of falsify the configuration parameters of vehicle’s key functions, such as brake data, airbag deployed threshold, etc. 25.2 Unauthorized access of falsify the charging parameters, such as charging voltage, charging power, battery temperature, etc. 4.3.7 Potential vulnerabilities that could be exploited if not sufficiently protected or hardened 26 Cryptographic technologies can be compromised or are insufficiently applied 26.1 Combination of short encryption keys and long period of validity enables attacker to break encryption 26.2 Insufficient use of cryptographic algorithms to protect sensitive systems 26.3 Using already or soon to be deprecated cryptographic algorithms 27 Parts or supplies could be compromised to permit vehicles to be attacked 27.1 Hardware or software, engineered to enable an attack or fails to meet design criteria to stop an attack 28 Software or hardware development permits vulnerabilities 28.1 Software bugs.
Language:English
Score: 1142326.7 - https://daccess-ods.un.org/acc...ECE/TRANS/WP.29/2020/79&Lang=E
Data Source: ods
REVISED TECHNICAL REQUIREMENTS OF THE ETIR INTERNATIONAL SYSTEM AND IMPLEMENTATION AND TESTS OF THE ETIR MESSAGES
Several front-end web servers then pop messages from the queue to be processed under timeout thresholds. 2021: 12 messages per minute 2022: 78 messages per minute 2023: 270 messages per minute 2024: 570 messages per minute 2025: 1200 messages per minute CP.2 Maximum storage dedicated to the eTIR logs eTIR logs are directly saved on the front- end web servers. (...) Reusability is the use of existing assets in some form within the software product development process. These assets are products and by-products of the software development life cycle and include code, software components, test suites, designs and documentation. 48. (...) Indeed, if the scope of functionality matches the requirements, it is usually quicker and less costly to select an existing element to be reused. In terms of software component or product, this can either be a piece of Open Source Software (OSS) or some proprietary software.
Language:English
Score: 1142111.3 - https://daccess-ods.un.org/acc...P.30/GE.1/2021/31/REV.1&Lang=E
Data Source: ods
IP template UPDATE TO FOURTH ROUND SADIS FTP WORKSTATION SOFTWARE EVALUATION CRITERIA (as endorsed by WG-MOG/15 (SADIS) 15 April 2021, Final Report, agenda item 3.5) Workstation provider: … Software application: … Software Version No. (...) The software evaluations are the results of software reviews that the Met Office has carried out on behalf of the ICAO METP-WG/MOG. (...) The bulletins are of the form UA**(60-79) CCCC.15 UA//60-69 CCCC;; and UA//(70-79) CCCC Objective 1: Demonstrate that the user is alerted to the above messages. [COMPLIANT/NON- COMPLIANT] 14 ZBBB and UUAG advisories are expected to commence operationally during 2021. 15 Prior to Evaluation, as much evidence of receipt, notification and display (screenshots, or other evidence) should be collected to demonstrate such messages are dealt with appropriately - 8 - 13. i) The ability to receive WAFS SIGWX charts in the PNG (portable network graphics) chart format and display them using standard visualisation software, e.g. web browser.
Language:English
Score: 1139682 - https://www.icao.int/airnaviga...0Criteria%20(April%202021).pdf
Data Source: un