Qiang Zhi,Lu Tao,Peng Ping,Zhengshu Zhou,Qian Long

DOI: https://doi.org/10.1109/TVT.2023.3345156

IF: 6.8

2024-05-01

IEEE Transactions on Vehicular Technology

Abstract:Autonomous driving, as an emerging technology, is developing rapidly. However, a number of obstacles appear to be holding back the widespread adoption of autonomous driving. Cybersecurity issues, which have a significant impact both technically and psychologically on people's willingness to use autonomous driving, are one of the most significant barriers. Attackers have adopted increasingly diverse threat methods, increasing cyber-attacks. Despite these threats, global standards have been developed for road vehicle safety and cybersecurity. These standards are intended to guide manufacturers of automotive systems. For instance, the ISO and SAE have jointly released the international standard ISO/SAE 21434 (Road Vehicles—Cybersecurity Engineering) for road vehicle cybersecurity. However, focusing on the development of onboard systems alone when examining the application of these standards is not sufficient. Currently, we lack a methodology to directly apply the ISO/SAE 21434 standard to automotive system engineering projects. In particular, the overall framework of cybersecurity design for intelligent connected vehicle systems needs to be developed. This paper proposes an overall cybersecurity assurance framework (ODFa${}^{2}$) based on the ISO/SAE 21434 standard to assist system engineers in understanding security risks, evaluating the feasibility of attack implementation, and determining the trade-off methods for security countermeasures. We illustrate through a case study how this model-based framework may be applied to cybersecurity engineering in intelligent connected vehicles and mobility service platforms. Furthermore, the results of comparative experiments indicate that the proposed strategy optimization algorithm outperforms existing algorithms in terms of time efficiency under certain conditions.

Engineering,Computer Science

Zeinab El-Rewini,Karthikeyan Sadatsharan,Daisy Flora Selvaraj,Siby Jose Plathottam,Prakash Ranganathan

DOI: https://doi.org/10.1016/j.vehcom.2019.100214

IF: 6.7

2020-06-01

Vehicular Communications

Abstract:As modern vehicles are capable to connect to an external infrastructure and Vehicle-to-Everything (V2X) communication technologies mature, the necessity to secure communications becomes apparent. There is a very real risk that today's vehicles are subjected to cyber-attacks that target vehicular communications. This paper proposes a three-layer framework (sensing, communication and control) through which automotive security threats can be better understood. The sensing layer is made up of vehicle dynamics and environmental sensors, which are vulnerable to eavesdropping, jamming, and spoofing attacks. The communication layer is comprised of both in-vehicle and V2X communications and is susceptible to eavesdropping, spoofing, man-in-the-middle, and sybil attacks. At the top of the hierarchy is the control layer, which enables autonomous vehicular functionality, including the automation of a vehicle's speed, braking, and steering. Attacks targeting the sensing and communication layers can propagate upward and affect the functionality and can compromise the security of the control layer. This paper provides the state-of-the-art review on attacks and threats relevant to the communication layer and presents countermeasures.

telecommunications,transportation science & technology

Mohamed Abouelnaga,Christine Jakobs

2023-07-05

Abstract:Nowadays, systematic security risk analysis plays a vital role in the automotive domain. The demand for advanced driver assistance systems and connectivity of vehicles to the internet makes cyber-security a crucial requirement for vehicle manufacturers. This paper summarizes the risk analysis method stated in the recently released automotive security standard ISO/SAE 21434, which lays the high-level principles for threat analysis and risk assessment (TARA) methods. Following, we introduce a specific use case to compare different security analysis approaches which OEMs can benefit from to achieve compliance with the standard.

Cryptography and Security

Yufeng Li,Wenqi Liu,Qi Liu,Xiangyu Zheng,Ke Sun,Chengjian Huang

DOI: https://doi.org/10.3390/s24061848

IF: 3.9

2024-03-14

Sensors

Abstract:A cyber-physical system (CPS) integrates communication and automation technologies into the operational processes of physical systems. Nowadays, as a complex CPS, an intelligent connected vehicle (ICV) may be exposed to accidental functional failures and malicious attacks. Therefore, ensuring the ICV's safety and security is crucial. Traditional safety/security analysis methods, such as failure mode and effect analysis and attack tree analysis, cannot provide a comprehensive analysis for the interactions between the system components of the ICV. In this work, we merge system-theoretic process analysis (STPA) with the concept phase of ISO 26262 and ISO/SAE 21434. We focus on the interactions between components while analyzing the safety and security of ICVs to reduce redundant efforts and inconsistencies in determining safety and security requirements. To conquer STPA's abstraction in describing causal scenarios, we improved the physical component diagram of STPA-SafeSec by adding interface elements. In addition, we proposed the loss scenario tree to describe specific scenarios that lead to unsafe/unsecure control actions. After hazard/threat analysis, a unified risk assessment process is proposed to ensure consistency in assessment criteria and to streamline the process. A case study is implemented on the autonomous emergency braking system to demonstrate the validation of the proposed method.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Feng Luo,Xuan Zhang,Zhenyu Yang,Yifan Jiang,Jiajia Wang,Mingzhi Wu,Wanqiang Feng

DOI: https://doi.org/10.3390/s22239211

2022-11-26

Abstract:Modern vehicles are more complex and interconnected than ever before, which also means that attack surfaces for vehicles have increased significantly. Malicious cyberattacks will not only exploit personal privacy and property, but also affect the functional safety of electrical/electronic (E/E) safety-critical systems by controlling the driving functionality, which is life-threatening. Therefore, it is necessary to conduct cybersecurity testing on vehicles to reveal and address relevant security threats and vulnerabilities. Cybersecurity standards and regulations issued in recent years, such as ISO/SAE 21434 and UNECE WP.29 regulations (R155 and R156), also emphasize the indispensability of cybersecurity verification and validation in the development lifecycle but lack specific technical details. Thus, this paper conducts a systematic and comprehensive review of the research and practice in the field of automotive cybersecurity testing, which can provide reference and advice for automotive security researchers and testers. We classify and discuss the security testing methods and testbeds in automotive engineering. Furthermore, we identify gaps and limitations in existing research and point out future challenges.

Xiaoqiang Sun,F. Richard Yu,Peng Zhang

DOI: https://doi.org/10.1109/tits.2021.3085297

IF: 8.5

2021-01-01

IEEE Transactions on Intelligent Transportation Systems

Abstract:As the general development trend of the automotive industry, connected and autonomous vehicles (CAVs) can be used to increase transportation safety, promote mobility choices, reduce user costs, and create new job opportunities. However, with the increasing level of connectivity and automation, malicious users are able to easily implement different kinds of attacks, which threaten the security of CAVs. Hence, this paper provides a comprehensive survey on the cyber-security in the environment of CAVs with the aim of highlighting security problems and challenges. Firstly, based on the types of communication networks and attack objects, it classifies various cyber-security risks and vulnerabilities in the environment of CAVs into in-vehicle network attacks, vehicle to everything network attacks, and other attacks. Next, it regards cyber-risk as another type of attacks in the environment of CAVs. Then, it describes and analyzes up-to-date corresponding defense strategies for securing CAVs. In addition, it concludes several available cyber-security and safety standards of CAVs, which is helpful for the practical application of CAVs. Finally, several challenges and open problems are discussed for the future research.

engineering, electrical & electronic,transportation science & technology, civil

Cong Gao,Geng Wang,Weisong Shi,Zhongmin Wang,Yanping Chen

DOI: https://doi.org/10.1109/jiot.2021.3130054

IF: 10.6

2021-01-01

IEEE Internet of Things Journal

Abstract:The autonomous driving industry has mushroomed over the past decade. Although autonomous driving has undoubtedly become one of the most promising technologies of this century, its development faces multiple challenges, of which security is the major concern. In this article, we present a thorough analysis of autonomous driving security. First, the attack surface of autonomous driving is presented. After an analysis of the operation of autonomous driving in terms of key components and technologies, the security of autonomous driving is elaborated in four dimensions: 1) sensors; 2) operating system; 3) control system; and 4) vehicle-to-everything (V2X) communication. Sensor security is examined from five components, which are mainly responsible for self-positioning and environmental perception. The analysis of operating system security, the second dimension, is concentrated on the robot operating system. Concerning the control system security, the controller area network is approached mainly from vulnerabilities and protection measures. The fourth dimension, V2X communication security, is probed from four categories of attacks: 1) authenticity/identification; 2) availability; 3) data integrity; and 4) confidentiality with corresponding solutions. Moreover, the drawbacks of existing methods adopted in the four dimensions are also provided. Finally, a conceptual multilayer defense framework is proposed to secure the information flow from external communication to the physical autonomous vehicle.

computer science, information systems,telecommunications,engineering, electrical & electronic

Jürgen Dobaj,Damjan Ekert,Jakub Stolfa,Svatopluk Stolfa,Georg Macher,Richard Messnarz

DOI: https://doi.org/10.3897/jucs.72367

2021-08-28

Abstract:Cybersecurity has become a crucial challenge in the automotive sector. At the current stage, the framework described by the ISO/SAE 21434 is insufficient to derive concrete methods for the design of secure automotive networked embedded systems on the supplier level. This article describes a case study with actionable steps for designing secure systems and systematically eliciting traceable cybersecurity requirements to address this gap. The case study is aligned with the ISO/SAE 21434 standard and can provide the basis for integrating cybersecurity engineering into company-specific processes and practice specifications.

Yulei Wang,An Huang,Fan Yang,Jiazhi Zhang,Ning Bian,Lulu Guo

DOI: https://doi.org/10.1051/sands/2023027

2023-09-05

Security and Safety

Abstract:In this article, a systematic assessment of cyber-physical security is proposed for the lane keeping control (LKC) system of autonomous vehicles, which, to our knowledge, has not been attempted before. The generalized methodology of impact analysis of typical cyber-attacks is developed, including novel evaluation metrics from the perspectives of safety and performance of the LKC system and innovative index-based resilience and security criteria. Specifically, we propose a security criterion in terms of tracking performance, comfort and vehicle stability, which are the most critical metrics to evaluate the safety and security of an LKC system. Hardware-in-the-Loop (HiL) experimental results show that the proposed evaluation metrics is effective to analyze the impact of the cyber-attacks on commercial LKC system of Dongfeng Motor comprehensively. The conclusions can serve as guidelines for attack detection, diagnosis, and countermeasures.

Yuefeng Du,Zhiqiang Cai,Le Yu,Wenkai Zhang,Pengfei Jing,Yingjie Cao,Shi Wu,Sen Nie,Xiapu Luo,Chenxiong Qian

DOI: https://doi.org/10.1109/SP54263.2024.00080

2024-05-19

Abstract:As modern vehicles become increasingly complex in terms of both external attack surfaces and internal in-vehicle network (IVN) topology, ensuring their cybersecurity remains a challenge. Existing standards and regulations, such as WP29 R155e and ISO 21434, attempt to establish a baseline for automotive cybersecurity, but their sufficiency in addressing the evolving threats is unclear. To fill in this gap, we first carried out an in-depth interview study with 15 experts in automotive cybersecurity, uncovering the particular challenges encountered during security activities and the limitations of current regulations. We identified 20 key insights from the interview data, ranging from the challenges and gaps in the existing automotive security industry to the limitations and recommendations for current regulations. Notably, we discovered that the quality of threat cases provided by existing regulations is unsatisfactory, and the Threat Analysis and Risk Assessment (TARA) process is often highly inefficient due to the lack of automatic tools. In response to the above limitations, we first built an improved threat database for automotive systems using the collected interview data, which enhanced the existing database both quantitatively and qualitatively. Additionally, we present CarVal, a datalog-based approach designed to infer multi-stage attack paths in IVNs and calculate risk values, thereby making TARA more efficient for automotive systems. By applying CarVal to five real vehicles, we performed extensive security analysis based on the generated attack paths and successfully exploited the corresponding attack chains in the newly gateway-segmented IVN, uncovering new automotive attack surfaces that previous research failed to cover, including the in-vehicle browser, official mobile app, backend server, and in-vehicle malware.

Engineering,Computer Science

Yinghui Wang,Bin Yu,Haiyang Yu,Lingyun Xiao,Haojie Ji,Yanan Zhao

DOI: https://doi.org/10.1109/jsyst.2022.3230097

IF: 4.802

2022-01-01

IEEE Systems Journal

Abstract:As a promising technology, connected and autonomous vehicle (CAV) can reduce energy consumption and improve transportation safety. Nevertheless, as more enabling technologies are embedded in vehicles, the CAV is becoming more vulnerable to cybersecurity threats. Priority must be given to highly sensitive, life-threatening vulnerabilities. Therefore, an improved vulnerability assessment method for CAVs is proposed in this article, in which the common vulnerability scoring system (CVSS) and Bayes theory are adopted. Compared to the classical CVSS method, our scheme considers the impact of exploited vulnerabilities on the real world. In the meantime, a Bayesian network vulnerability classification model based on the $\text{CVSS}_{\text{CAV}}$ method is designed to resolve the problem that the CAVs' vulnerability dataset is small and incomplete. The case study as well as simulation results with different datasets or algorithms indicate that our proposal is effective for vehicle vulnerability evaluation.

computer science, information systems,telecommunications,engineering, electrical & electronic,operations research & management science

Di Wang

DOI: https://doi.org/10.62051/ijcsit.v4n1.36

2024-09-13

International Journal of Computer Science and Information Technology

Abstract:With the rapid development of information technology and the increasing maturity of intelligent transportation systems, autonomous vehicles, as an important carrier of future travel, are gradually moving from concept to commercial application. However, the highly connected and intelligent nature of autonomous vehicles also makes them face unprecedented cybersecurity and privacy protection challenges. This paper deeply discusses the security threats and privacy disclosure risks of autonomous vehicles in network architecture, data transmission, data processing and other links, and systematically reviews the current technical means and research progress to address these challenges. This paper Outlines the data collection and transmission mechanism of autonomous vehicles, including the collection and processing of sensor data as well as the communication process between vehicles and the cloud, other vehicles and transportation infrastructure, and analyzes in detail the network security threats faced by autonomous vehicles, including remote control attacks, malware attacks, communication hijacking, etc. These threats can lead to serious consequences such as vehicle failure, data breach, or system crash. At the same time, the paper also points out the challenges faced by autonomous vehicles in terms of privacy protection, such as the risk of leakage of sensitive data such as personal location information and driving habits, as well as the risk of data abuse and sharing. In order to address the above challenges, this paper focuses on the technical research progress of cybersecurity and privacy protection of autonomous vehicles. In the aspect of network security, this paper discusses the key technical means such as data encryption, access control, intrusion detection and response system, and emphasizes the importance of security hardware and software in improving the overall security of the system. In terms of privacy protection, this paper proposes strategies such as anonymization and desensitization technology, privacy protection protocols and standards to protect users' privacy from invasion.

Giedre Sabaliauskaite,Jin Cui

Abstract:—Safety and security are two inter-dependent key properties of autonomous vehicles. They are aimed at protecting the vehicles from accidental failures and intentional attacks, which could lead to injuries and loss of lives. The selection of safety and security countermeasures for autonomous vehicles depends on the driving automation levels, defined by the international standard SAE J3016. However, current vehicle safety standards ISO 26262 do not take the driving automation levels into consideration. We propose an approach for integrating autonomous vehicle safety and security processes, which is compliant with the international standards SAE J3016, SAE J3061, and ISO 26262, and which considers driving automation levels. It uses the Six-Step Model as a backbone for achieving integration and alignment among safety and security processes and artefacts. The Six-Step Model incorporates six hierarchies of autonomous vehicles, namely, functions, structure, failures, attack, safety countermeasures, and security countermeasures. It ensures the consistency among these hierarchies throughout the entire autonomous vehicle’s life-cycle.

Engineering,Environmental Science,Computer Science

Tian Zhang,Wenshan Guan,Hao Miao,Xiujie Huang,Zhiquan Liu,Chaonan Wang,Quanlong Guan,Liangda Fang,Zhifei Duan

2023-05-03

Abstract:The field of intelligent connected in modern vehicles continues to expand, and the functions of vehicles become more and more complex with the development of the times. This has also led to an increasing number of vehicle vulnerabilities and many safety issues. Therefore, it is particularly important to identify high-risk vehicle intelligent connected systems, because it can inform security personnel which systems are most vulnerable to attacks, allowing them to conduct more thorough inspections and tests. In this paper, we develop a new model for vehicle risk assessment by combining I-FAHP with FCA clustering: VSRQ model. We extract important indicators related to vehicle safety, use fuzzy cluster analys (FCA) combined with fuzzy analytic hierarchy process (FAHP) to mine the vulnerable components of the vehicle intelligent connected system, and conduct priority testing on vulnerable components to reduce risks and ensure vehicle safety. We evaluate the model on OpenPilot and experimentally demonstrate the effectiveness of the VSRQ model in identifying the safety of vehicle intelligent connected systems. The experiment fully complies with ISO 26262 and ISO/SAE 21434 standards, and our model has a higher accuracy rate than other models. These results provide a promising new research direction for predicting the security risks of vehicle intelligent connected systems and provide typical application tasks for VSRQ. The experimental results show that the accuracy rate is 94.36%, and the recall rate is 73.43%, which is at least 14.63% higher than all other known indicators.

Artificial Intelligence,Robotics,Software Engineering

Kaigui Bian,Gaoxiang Zhang,Lingyang Song

DOI: https://doi.org/10.1109/vtcfall.2017.8288208

2017-01-01

Abstract:Vehicle-to-everything (V2X) communications enable the information exchange between the vehicle and the infrastructure, pedestrian, device, or any other entity that may affect the vehicle. V2X is known as a critical component for the vision of connected and autonomous vehicles in the future, with the goal of improving safety, saving energy, optimizing the traffic, etc. Many stake holders (e.g., 3GPP, IEEE) have announced the draft standards or technical reports that detail new opportunities of V2X-enabled vehicles for the cellular and automotive industries. However, the security issues in V2X communications receive little attention from industry and academia communities. In this paper, we describe how adversaries can exploit the security vulnerabilities to degrade the performance of V2X communications and evaluate the likelihood of V2X specific attacks in undermining the road safety. Our investigation reveals that the existing security mechanisms fall short of addressing the key security threats, and we also discuss countermeasures by adding a security sub-layer for V2X communication protocols to provide V2X users with privacy, authentication, and confidentiality.

Stefan Marksteiner,Zhendong Ma

DOI: https://doi.org/10.48550/arXiv.1911.06589

2019-11-15

Cryptography and Security

Abstract:The advancing digitalization of vehicles and automotive systems bears many advantages for creating and enhancing comfort and safety-related systems ranging from drive-by-wire, inclusion of advanced displays, entertainment systems up to sophisticated driving assistance and autonomous driving. It, however, also contains the inherent risk of being used for purposes that are not intended for, raging from small non-authorized customizations to the possibility of full-scale cyberattacks that affect several vehicles to whole fleets and vital systems such as steering and engine control. To prevent such conditions and mitigate cybersecurity risks from affecting the safety of road traffic, testing cybersecurity must be adopted into automotive testing at a large scale. Currently, the manual penetration testing processes cannot uphold the increasing demand due to time and cost to test complex systems. We propose an approach for an architecture that (semi-)automates automotive cybersecurity test, allowing for more economic testing and therefore keeping up to the rising demand induced by new vehicle functions as well as the development towards connected and autonomous vehicles.

Maria Drolence Mwanje,Omprakash Kaiwartya,Mohammad Aljaidi,Yue Cao,Sushil Kumar,Devki Nandan Jha,Abdallah Naser,Jaime Lloret

DOI: https://doi.org/10.1049/itr2.12504

IF: 2.7

2024-04-13

IET Intelligent Transport Systems

Abstract:The paper critically evaluates the CAV structure and component vulnerabilities, validates the identified attacks, and analyzes the trust‐based security solutions categorized according to the suggested trust taxonomy. The sensor‐enabled in‐vehicle communication and infrastructure‐centric vehicle‐to‐everything (V2X) communications have significantly contributed to the spark in the amount of data exchange in the connected and autonomous vehicles (CAV) environment. The growing vehicular communications pose a potential cyber security risk considering online vehicle hijacking. Therefore, there is a critical need to prioritize the cyber security issues in the CAV research theme. In this context, this paper presents a cyber security analysis of connected vehicle traffic environments (CyACV). Specifically, potential cyber security attacks in CAV are critically investigated and validated via experimental data sets. Trust in V2X communication for connected vehicles is explored in detail focusing on trust computation and trust management approaches and related challenges. A wide range of trust‐based cyber security solutions for CAV have been critically investigated considering their strengths and weaknesses. Open research directions have been highlighted as potential new research themes in CAV cyber security area.

engineering, electrical & electronic,transportation science & technology

Seunghyun Park,Hyunhee Park

DOI: https://doi.org/10.1007/s11276-022-03084-9

IF: 2.701

2022-08-11

Wireless Networks

Abstract:As more vehicles are being connected to the Internet and equipped with autonomous driving features, more robust safety and security measures are required for connected and autonomous vehicles (CAVs). Therefore, threat analysis and risk assessment are essential to prepare against cybersecurity risks for CAVs. Although prior studies have measured the possibility of attack and damage from attack as risk assessment indices, they have not analyzed the expanding attack surface or risk assessment indices that rely upon real-time resilience. This study proposes the PIER method to evaluate the cybersecurity risks of CAVs. We implemented cyber resilience for CAVs by presenting new criteria, such as exposure and recovery, in addition to probability and impact, as indices for the threat analysis and risk assessment of vehicles. To verify its effectiveness, the PIER method was evaluated with respect to software update over-the-air and collision avoidance features. Furthermore, we found that implementing security requirements that mitigate serious risks successfully diminishes the risk indices. Using the risk assessment matrix, the PIER method can shorten the risk determination time through high-risk coverage and a simple process.

computer science, information systems,telecommunications,engineering, electrical & electronic

Yuri Gil Dantas,Vivek Nigam,Harald Ruess

DOI: https://doi.org/10.48550/arXiv.2012.15080

2021-01-17

Abstract:The ISO 21434 is a new standard that has been proposed to address the future challenges of automotive cybersecurity. This white paper takes a closer look at the ISO 21434 helping engineers to understand the ISO 21434 parts, the key activities to be carried out and the main artefacts that shall be produced. As any certification, obtaining the ISO 21434 certification can be daunting at first sight. Engineers have to deploy processes that include several security risk assessment methods to produce security arguments and evidence supporting item security claims. In this white paper, we propose a security engineering approach that can ease this process by relying on Rigorous Security Assessments and Incremental Assessment Maintenance methods supported by automation. We demonstrate by example that the proposed approach can greatly increase the quality of the produced artefacts, the efficiency to produce them, as well as enable continuous security assessment. Finally, we point out some key research directions that we are investigating to fully realize the proposed approach.

Cryptography and Security,Logic in Computer Science

Jin Cui,Biao Zhang

DOI: https://doi.org/10.1109/tvt.2020.3009165

IF: 6.8

2020-10-01

IEEE Transactions on Vehicular Technology

Abstract:Risk analysis/assessment is an indispensable process during the design and development of Autonomous Vehicles (AVs), which is in charge of evaluating whether the risk of an attack is critical or minor. However, current risk analysis methods either are time-consuming or not suitable for Connected and Autonomous Vehicles (CAVs). In this paper, an efficient security risk analysis method, Vehicles Risk Analysis (VeRA), is proposed, fitting for evaluating the risks of attacks in the context of AV and CAVs. VeRA firstly considers the human capabilities and vehicle automation level to conduct a security risk analysis. Meanwhile, compared to the benchmark (i.e., SAE J3061), VeRA uses a simplified analysis process and fewer factors, significantly reducing the required analysis time without affecting analysis accuracy. Moreover, based on VeRA, a simple but efficient mathematical model is established to assess the risk value by considering the attack probability, severity and human control, avoiding the tedious process of looking up tables in previous methods. A case study on a general AV model shows that VeRA not only captures the critical attacks as accurate as other methods, but also analyzes the changes of human controllability with the vehicle's automation level. The performance compared to other available methods shows that VeRA can obtain the same analysis results by using around $43%$ less time than the benchmark.

telecommunications,engineering, electrical & electronic,transportation science & technology