Zeinab El-Rewini,Karthikeyan Sadatsharan,Daisy Flora Selvaraj,Siby Jose Plathottam,Prakash Ranganathan

DOI: https://doi.org/10.1016/j.vehcom.2019.100214

IF: 6.7

2020-06-01

Vehicular Communications

Abstract:As modern vehicles are capable to connect to an external infrastructure and Vehicle-to-Everything (V2X) communication technologies mature, the necessity to secure communications becomes apparent. There is a very real risk that today's vehicles are subjected to cyber-attacks that target vehicular communications. This paper proposes a three-layer framework (sensing, communication and control) through which automotive security threats can be better understood. The sensing layer is made up of vehicle dynamics and environmental sensors, which are vulnerable to eavesdropping, jamming, and spoofing attacks. The communication layer is comprised of both in-vehicle and V2X communications and is susceptible to eavesdropping, spoofing, man-in-the-middle, and sybil attacks. At the top of the hierarchy is the control layer, which enables autonomous vehicular functionality, including the automation of a vehicle's speed, braking, and steering. Attacks targeting the sensing and communication layers can propagate upward and affect the functionality and can compromise the security of the control layer. This paper provides the state-of-the-art review on attacks and threats relevant to the communication layer and presents countermeasures.

telecommunications,transportation science & technology

Shah Khalid Khan,Nirajan Shiwakoti,Peter Stasinopoulos,Yilun Chen

DOI: https://doi.org/10.1016/j.aap.2020.105837

Abstract:Modern-day Connected and Autonomous Vehicles (CAVs) with more than 100 million code lines, running up-to a hundred Electronic Control Units (ECUs) will create and exchange digital information with other vehicles and intelligent transport networks. Consequently, ubiquitous internal and external communication (controls, commands, and data) within all CAV-related nodes is inevitably the gatekeeper for the smooth operation. Therefore, it is a primary vulnerable area for cyber-attacks that entails stringent and efficient measures in the form of "cybersecurity". There is a lack of systematic and comprehensive review of the literature on cyber-attacks on the CAVs, respective mitigation strategies, anticipated readiness, and research directions for the future. This study aims to analyse, synthesise, and interpret critical areas for the roll-out and progression of CAVs in combating cyber-attacks. Specifically, we described in a structured way a holistic view of potentially critical avenues, which lies at the heart of CAV cybersecurity research. We synthesise their scope with a particular focus on ensuring effective CAVs deployment and reducing the probability of cyber-attack failures. We present the CAVs communication framework in an integrated form, i.e., from In-Vehicle (IV) communication to Vehicle-to-Vehicle (V2X) communication with a visual flowchart to provide a transparent picture of all the interfaces for potential cyber-attacks. The vulnerability of CAVs by proximity (or physical) access to cyber-attacks is outlined with future recommendations. There is a detailed description of why the orthodox cybersecurity approaches in Cyber-Physical System (CPS) are not adequate to counter cyber-attacks on the CAVs. Further, we synthesised a table with consolidated details of the cyber-attacks on the CAVs, the respective CAV communication system, its impact, and the corresponding mitigation strategies. It is believed that the literature discussed, and the findings reached in this paper are of great value to CAV researchers, technology developers, and decision-makers in shaping and developing a robust CAV-cybersecurity framework.

Jinpeng Han,Zhiyang Ju,Xiaoguang Chen,Manzhi Yang,Hui Zhang,Rouxing Huai

DOI: https://doi.org/10.1109/tiv.2023.3304762

IF: 8.2

2023-01-01

IEEE Transactions on Intelligent Vehicles

Abstract:With features of collaborative interaction and autonomous decision-making, connected and autonomous vehicles (CAVs) offer a viable solution for a sustainable and efficient future of transportation. However, with the development of CAVs, questions have been raised about weaknesses in cybersecurity and autonomous driving capabilities. In particular, CAVs provide new opportunities for cyberattackers, posing a significant threat to future road and vehicle data security. Therefore, this paper provides a comprehensive analysis of the cybersecurity environment of CAVs. First, we propose a systematic classification of six security threats from cybersecurity principles: false data, information theft, privilege escalation, block communication, and time delay. We review the cybersecurity environment of CAVs from a lifecycle perspective, covering aspects from development to accident, and present the existing cybersecurity countermeasures. These involve security standards designation, verification and validation of vehicle networks, resilient strategies for self-defined driving, and attack detection and digital forensics. Finally, based on our systematic review, we propose a conceptual vehicle security operations center (VSOC) framework that provides valuable inspiration and references for future research and industrial applications for CAVs cybersecurity.

S M Mostaq Hossain,Shampa Banik,Trapa Banik,Ashfak Md Shibli

2023-10-14

Abstract:Connected and autonomous vehicles, also known as CAVs, are a general trend in the evolution of the automotive industry that can be utilized to make transportation safer, improve the number of mobility options available, user costs will go down and new jobs will be created. However, as our society grows more automated and networked, criminal actors will have additional opportunities to conduct a variety of attacks, putting CAV security in danger. By providing a brief review of the state of cyber security in the CAVs environment, this study aims to draw attention to the issues and concerns associated with security. The first thing it does is categorize the multiple cybersecurity threats and weaknesses in the context of CAVs into three groups: attacks on the vehicles network, attacks on the Internet at large, and other attacks. This is done in accordance with the various communication networks and targets under attack. Next, it considers the possibility of cyber attacks to be an additional form of threat posed by the environment of CAVs. After that, it details the most uptodate defense tactics for securing CAVs and analyzes how effective they are. In addition, it draws some conclusions about the various cyber security and safety requirements of CAVs that are now available, which is beneficial for the use of CAVs in the real world. At the end, we discussed some implications on Adversary Attacks on Autonomous Vehicles. In conclusion, a number of difficulties and unsolved issues for future research are analyzed and explored.

Cryptography and Security,Networking and Internet Architecture

Xiaoqiang Sun,F. Richard Yu,Peng Zhang

DOI: https://doi.org/10.1109/tits.2021.3085297

IF: 8.5

2021-01-01

IEEE Transactions on Intelligent Transportation Systems

Abstract:As the general development trend of the automotive industry, connected and autonomous vehicles (CAVs) can be used to increase transportation safety, promote mobility choices, reduce user costs, and create new job opportunities. However, with the increasing level of connectivity and automation, malicious users are able to easily implement different kinds of attacks, which threaten the security of CAVs. Hence, this paper provides a comprehensive survey on the cyber-security in the environment of CAVs with the aim of highlighting security problems and challenges. Firstly, based on the types of communication networks and attack objects, it classifies various cyber-security risks and vulnerabilities in the environment of CAVs into in-vehicle network attacks, vehicle to everything network attacks, and other attacks. Next, it regards cyber-risk as another type of attacks in the environment of CAVs. Then, it describes and analyzes up-to-date corresponding defense strategies for securing CAVs. In addition, it concludes several available cyber-security and safety standards of CAVs, which is helpful for the practical application of CAVs. Finally, several challenges and open problems are discussed for the future research.

engineering, electrical & electronic,transportation science & technology, civil

Mashrur Chowdhury,Mhafuzul Islam,Zadid Khan

DOI: https://doi.org/10.48550/arXiv.2012.13464

2020-12-25

Abstract:The transportation system is rapidly evolving with new connected and automated vehicle (CAV) technologies that integrate CAVs with other vehicles and roadside infrastructure in a cyberphysical system (CPS). Through connectivity, CAVs affect their environments and vice versa, increasing the size of the cyberattack surface and the risk of exploitation of security vulnerabilities by malicious actors. Thus, greater understanding of potential CAV-CPS cyberattacks and of ways to prevent them is a high priority. In this article we describe CAV-CPS cyberattack surfaces and security vulnerabilities, and outline potential cyberattack detection and mitigation strategies. We examine emerging technologies - artificial intelligence, software-defined networks, network function virtualization, edge computing, information-centric and virtual dispersive networking, fifth generation (5G) cellular networks, blockchain technology, and quantum and postquantum cryptography - as potential solutions aiding in securing CAVs and transportation infrastructure against existing and future cyberattacks.

Cryptography and Security

Zubair Saeed,Mubashir Masood,Misha Urooj Khan

DOI: https://doi.org/10.12962/jaree.v7i1.322

2023-01-31

JAREE (Journal on Advanced Research in Electrical Engineering)

Abstract:Connected and Autonomous Vehicles (CAVs) are a crucial breakthrough in the automotive industry and a magnificent step toward a safe, secure, and intelligent transportation system (ITS). CAVs offer tremendous benefits to our society and environment, such as mitigation of traffic accidents, reduction in traffic congestion, fewer emissions of harmful gases, etc. However, emerging automotive technology also has some serious safety concerns. One of them is cyber security. Conventional vehicles are less prone to cyber-attacks, but CAVs are more susceptible to such events as they communicate with the surrounding infrastructure and other vehicles. To gather data for a better perception of their surroundings, CAVs are outfitted with state-of-the-art sensors and modules like LiDAR, GPS, RADAR, onboard computers, cameras, etc. Hackers, terrorist organizations, and vandals can manipulate this sensor data or may access the primary control by cyber-attack, which may result in enormous fatalities. The automotive industry must put up a rigid framework against cyber invasions to make CAVs a more reliable and secure means of transportation. This paper provides an overview of cybersecurity challenges in CAVs at the module and software levels. The sources of active and passive threats are analyzed. Finally, a feasible solution is recommended to cope with such threats

Aljawharah Alnasser,Hongjian Sun,Jing Jiang

DOI: https://doi.org/10.48550/arXiv.1901.01053

2019-01-04

Abstract:In recent years, vehicles became able to establish connections with other vehicles and infrastructure units that are located in the roadside. In the near future, the vehicular network will be expanded to include the communication between vehicles and any smart devices in the roadside which is called Vehicle-to-Everything (V2X) communication. The vehicular network causes many challenges due to heterogeneous nodes, various speeds and intermittent connection, where traditional security methods are not always efficacious. As a result, an extensive variety of research works has been done on optimizing security solutions whilst considering network requirements. In this paper, we present a comprehensive survey and taxonomy of the existing security solutions for V2X communication technology. Then, we provide discussions and comparisons with regard to some pertinent criteria. Also, we present a threat analysis for V2X enabling technologies. Finally, we point out the research challenges and some future directions.

Information Theory

Mahdi Dibaei,Xi Zheng,Kun Jiang,Sasa Maric,Robert Abbas,Shigang Liu,Yuexin Zhang,Yao Deng,Sheng Wen,Jun Zhang,Yang Xiang,Shui Yu

DOI: https://doi.org/10.48550/arXiv.1907.07455

2019-07-17

Cryptography and Security

Abstract:Cyber security is one of the most significant challenges in connected vehicular systems and connected vehicles are prone to different cybersecurity attacks that endanger passengers' safety. Cyber security in intelligent connected vehicles is composed of in-vehicle security and security of inter-vehicle communications. Security of Electronic Control Units (ECUs) and the Control Area Network (CAN) bus are the most significant parts of in-vehicle security. Besides, with the development of 4G LTE and 5G remote communication technologies for vehicle-toeverything (V2X) communications, the security of inter-vehicle communications is another potential problem. After giving a short introduction to the architecture of next-generation vehicles including driverless and intelligent vehicles, this review paper identifies a few major security attacks on the intelligent connected vehicles. Based on these attacks, we provide a comprehensive survey of available defences against these attacks and classify them into four categories, i.e. cryptography, network security, software vulnerability detection, and malware detection. We also explore the future directions for preventing attacks on intelligent vehicle systems.

Zulqarnain H Khattak,Brian L Smith,Michael D Fontaine

DOI: https://doi.org/10.1016/j.aap.2020.105861

Abstract:Connected and automated vehicles (CAVs) offer a huge potential to improve the operations and safety of transportation systems. However, the use of smart devices and communications in CAVs introduce new risks. CAVs would leverage vehicle to vehicle (V2V) and vehicle to infrastructure (V2I) communication, thus providing additional system access points compared to traditional systems. Automation makes these systems more vulnerable and increases the consequences of cyberattacks. This study utilizes an infrastructure-based communication platform consisting of cooperative adaptive cruise control and lane control advisories developed by the authors to perform cyber risk assessment of CAVs. The study emulates three types of cyberattacks (message falsification, dedicated denial of service, and spoofing attacks) in a representative traffic environment consisting of multiple CAV platoons and lane change events to analyze the safety and stability impacts of the cyberattacks. Simulation experiments using VISSIM reveals that traffic stream and CAV string is unstable under all three types of cyberattacks. The worst case is represented by the message falsification attack. Increases in volatility are observed over a no attack case, with variations increasing by an average of 43%-51% along with an increase of over 3000 crash conflicts. Similarly, lane change crash conflicts are observed to be more severe compared to rear end crash conflicts, showing a higher probability of severe injuries. Further, the case of slight cyberattack on a single CAV also creates significant disruption in the traffic stream. Analysis of variance (ANOVA) reveals the statistical significance of the results. These results pave the way for future design of secure systems from a monitoring perspective.

Roshan Sedar,Charalampos Kalalas,Luis Alonso,Jesus Alonso-Zarate,Francisco Vazquez-Gallego

DOI: https://doi.org/10.1109/ojcoms.2023.3239115

2023-01-01

IEEE Open Journal of the Communications Society

Abstract:Recent advancements in vehicle-to-everything (V2X) communication have notably improved existing transport systems by enabling increased connectivity and driving autonomy levels. The remarkable benefits of V2X connectivity come inadvertently with challenges which involve security vulnerabilities and breaches. Addressing security concerns is essential for seamless and safe operation of mission-critical V2X use cases. This paper surveys current literature on V2X security and provides a systematic and comprehensive review of the most relevant security enhancements to date. An in-depth classification of V2X attacks is first performed according to key security and privacy requirements. Our methodology resumes with a taxonomy of security mechanisms based on their proactive/reactive defensive approach, which helps identify strengths and limitations of state-of-the-art countermeasures for V2X attacks. In addition, this paper delves into the potential of emerging security approaches leveraging artificial intelligence tools to meet security objectives. Promising data-driven solutions tailored to tackle security, privacy and trust issues are thoroughly discussed along with new threat vectors introduced inevitably by these enablers. The lessons learned from the detailed review of existing works are also compiled and highlighted. We conclude this survey with a structured synthesis of open challenges and future research directions to foster contributions in this prominent field.

Spandana Sagam

DOI: https://doi.org/10.22214/ijraset.2024.63967

2024-08-31

International Journal for Research in Applied Science and Engineering Technology

Abstract:Abstract: As autonomous vehicles (AVs) become increasingly integrated into transportation systems, ensuring their cybersecurity has emerged as a critical challenge. This comprehensive article examines the complex landscape of AV cybersecurity, focusing on the unique vulnerabilities arising from integrating advanced sensors, artificial intelligence, and vehicle-to-everything (V2X) communication systems. We analyze potential attack vectors, including sensor spoofing, communication system breaches, and software vulnerabilities. We also evaluate state-of-the-art defense mechanisms such as encryption protocols, intrusion detection systems, and AI-based security solutions. The article also addresses the regulatory frameworks and industry standards shaping AV cybersecurity practices. By synthesizing current research, industry reports, and case studies, we provide insights into emerging threats and defense strategies, highlighting the need for a holistic approach to security in AV design and development. This article contributes to the ongoing dialogue on AV safety and reliability, offering valuable perspectives for researchers, policymakers, and industry stakeholders in navigating the evolving cybersecurity challenges in autonomous transportation.

Shah Khalid Khan,Nirajan Shiwakoti,Peter Stasinopoulos,Yilun Chen,Matthew Warren

DOI: https://doi.org/10.1016/j.tranpol.2024.11.019

IF: 6.173

2024-01-01

Transport Policy

Abstract:Connected and Automated Vehicles (CAVs) cybersecurity is an inherently complex, multi-dimensional issue that goes beyond isolated hardware or software vulnerabilities, extending to human threats, network vulnerabilities, and broader system-level risks. Currently, no formal, comprehensive tool exists that integrates these diverse dimensions into a unified framework for CAV cybersecurity assessment. This study addresses this challenge by developing a System Dynamics (SD) model for strategic cybersecurity assessment that considers technological challenges, human threats, and public cybersecurity awareness during the CAV rollout. Specifically, the model incorporates a novel SD-based Stock-and-Flow Model (SFM) that maps six key parameters influencing cyberattacks at the system level. These parameters include CAV communication safety, user adoption rates, log file management, hacker capabilities, understanding of hacker motivations (criminology theory maturity), and public awareness of CAV cybersecurity.The SFM's structure and behaviour were rigorously tested and then used to analyse five plausible scenarios: i) Baseline (Technological Focus Only), ii) Understanding Hacker Motivations, iii) CAV User and OEM Education, iv) CAV Penetration Rate Increase, and v) CAV Penetration Rate Increase with Human Behavior Analysis. Four metrics are used to benchmark CAV cybersecurity: communication safety, probability of hacking attempts, probability of successful defence, and number of CAV adopters. The results indicate that while baseline technological advancements strengthen communication framework robustness, they may also create new vulnerabilities that hackers could exploit. Conversely, a deeper understanding of hacker motivations (Criminology Theory Maturity) effectively reduces hacking attempts. It fosters a more secure environment for early CAV adopters. Additionally, educating CAV users and OEM increases the probability of defending against cyberattacks. While CAV penetration increases the likelihood of hack defence due to a corresponding rise in attempts, there is a noticeable decrease in hacking attempts with CAV penetration when analysing human behaviour. These findings, when translated into policy instruments, can pave the way for a more optimised and resilient cyber-safe ITS.

Rajkumar Singh Rathore,Chaminda Hewage,Omprakash Kaiwartya,Jaime Lloret

DOI: https://doi.org/10.3390/s22176679

IF: 3.9

2022-09-04

Sensors

Abstract:In-vehicle communication has become an integral part of today's driving environment considering the growing add-ons of sensor-centric communication and computing devices inside a vehicle for a range of purposes including vehicle monitoring, physical wiring reduction, and driving efficiency. However, related literature on cyber security for in-vehicle communication systems is still lacking potential dedicated solutions for in-vehicle cyber risks. Existing solutions are mainly relying on protocol-specific security techniques and lacking an overall security framework for in-vehicle communication. In this context, this paper critically explores the literature on cyber security for in-vehicle communication focusing on technical architecture, methodologies, challenges, and possible solutions. In-vehicle communication network architecture is presented considering key components, interfaces, and related technologies. The protocols for in-vehicle communication have been classified based on their characteristics, and usage type. Security solutions for in-vehicle communication have been critically reviewed considering machine learning, cryptography, and port-centric techniques. A multi-layer secure framework is also developed as a protocol and use case-independent in-vehicle communication solution. Finally, open challenges and future dimensions of research for in-vehicle communication cyber security are highlighted as observations and recommendations.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Kevin Herman Muraro Gularte,José Alfredo Ruiz Vargas,João Paulo Javidi da Costa,Antonio Santos da Silva,Giovanni Almeida Santos,Yuming Wang,Christian Alfons Müller,Christoph Lipps,Rafael Timóteo de Sousa Júnior,Walter de Britto Vidal Filho,Philipp Slusallek,Hans Dieter Schotten

DOI: https://doi.org/10.1109/access.2024.3402946

IF: 3.9

2024-05-28

IEEE Access

Abstract:Vehicle-to-Everything (V2X) communication, essential for enhancing road safety, driving efficiency, and traffic management, must be robust against cybersecurity threats for successful deployment and acceptance. This survey comprehensively explores V2X security challenges, focusing on prevalent cybersecurity threats such as jamming, spoofing, Distributed Denial of Service (DDoS), and eavesdropping attacks. These threats were selected due to their prevalence and ability to compromise the integrity and reliability of V2X systems. Jamming can disrupt communications, spoofing can lead to data and identity manipulation, DDoS attacks can saturate system resources, and eavesdropping can compromise user privacy and information confidentiality. Addressing these major threats ensures that V2X systems are robust and secure for successful deployment and widespread acceptance. This work makes significant contributions to the field of V2X cybersecurity, starting with a thorough review and categorization of existing survey papers, providing a clear map of the current research landscape, and identifying areas needing further study. An extensive review uncovered a global landscape of V2X cybersecurity research. We highlight contributions from the leading countries in scientific publications and patent innovations, with notable advancements from leading corporations. This work educates and informs on the current state of V2X cybersecurity and identifies emerging trends and future research directions based on a year-by-year analysis of the literature and patents. The findings underscore the evolving cybersecurity landscape in V2X systems and the importance of continued innovation and research in this critical field. The survey navigates the complexities of securing V2X communications, emphasizing the necessity for advanced security protocols and technologies, and highlights innovative approaches within the global scientific and patent research context. By providing a panoramic view of the field, this survey sets the stage for future advancements in V2X cybersecurity.

computer science, information systems,telecommunications,engineering, electrical & electronic

Mhafuzul Islam,Mashrur Chowdhury,Hongda Li,Hongxin Hu

DOI: https://doi.org/10.48550/arXiv.1711.10651

2017-11-29

Networking and Internet Architecture

Abstract:A connected vehicle (CV) environment is composed of a diverse data collection, data communication and dissemination, and computing infrastructure systems that are vulnerable to the same cyberattacks as all traditional computing environments. Cyberattacks can jeopardize the expected safety, mobility, energy, and environmental benefits from connected vehicle applications. As cyberattacks can lead to severe traffic incidents, it has become one of the primary concerns in connected vehicle applications. In this paper, we investigate the impact of cyberattacks on the vehicle-to-infrastructure (V2I) network from a V2I application point of view. Then, we develop a novel V2I cybersecurity architecture, named CVGuard, which can detect and prevent cyberattacks on the V2I environment. In designing CVGuard, key challenges, such as scalability, resiliency and future usability were considered. A case study using a distributed denial of service (DDoS) on a V2I application, i.e., the Stop Sign Gap Assist (SSGA) application, shows that CVGuard was effective in mitigating the adverse effects created by a DDoS attack. In our case study, because of the DDoS attack, conflicts between the minor and major road vehicles occurred in an unsignalized intersection, which could have caused potential crashes. A reduction of conflicts between vehicles occurred because CVGuard was in operation. The reduction of conflicts was compared based on the number of conflicts before and after the implementation and operation of the CVGuard security platform. Analysis revealed that the strategies adopted by the CVGuard were successful in reducing the inter-vehicle conflicts by 60% where a DDoS attack compromised the SSGA application at an unsignalized intersection.

H M Sabbir Ahmad,Ehsan Sabouni,Akua Dickson,Wei Xiao,Christos G. Cassandras,Wenchao Li

2024-03-25

Abstract:We address the security of a network of Connected and Automated Vehicles (CAVs) cooperating to safely navigate through a conflict area (e.g., traffic intersections, merging roadways, roundabouts). Previous studies have shown that such a network can be targeted by adversarial attacks causing traffic jams or safety violations ending in collisions. We focus on attacks targeting the V2X communication network used to share vehicle data and consider as well uncertainties due to noise in sensor measurements and communication channels. To combat these, motivated by recent work on the safe control of CAVs, we propose a trust-aware robust event-triggered decentralized control and coordination framework that can provably guarantee safety. We maintain a trust metric for each vehicle in the network computed based on their behavior and used to balance the tradeoff between conservativeness (when deeming every vehicle as untrustworthy) and guaranteed safety and security. It is important to highlight that our framework is invariant to the specific choice of the trust framework. Based on this framework, we propose an attack detection and mitigation scheme which has twofold benefits: (i) the trust framework is immune to false positives, and (ii) it provably guarantees safety against false positive cases. We use extensive simulations (in SUMO and CARLA) to validate the theoretical guarantees and demonstrate the efficacy of our proposed scheme to detect and mitigate adversarial attacks.

Systems and Control

Batuhan Gul,Fatih Ertam

DOI: https://doi.org/10.1016/j.vehcom.2024.100846

IF: 6.7

2024-10-03

Vehicular Communications

Abstract:The utilization of autonomous vehicles is experiencing a rapid proliferation in contemporary society. Concurrently, with the relentless evolution of technology, the inexorable integration of autonomous vehicles into urban environments, driven by the overarching paradigm of smart cities, becomes increasingly apparent. This escalating reliance on autonomous vehicles concurrently heightens the susceptibility to malevolent actors orchestrating cyber-attacks against these vehicular systems. While previous years have seen a limited corpus of academic research pertaining to cyber-attack and defense methodologies for autonomous vehicles, the relentless progression of technology mandates a more contemporary and exhaustive inquiry. In addition, to the best of our knowledge, there is no article in the literature that provides detailed information and comparisons about in-vehicle sensors, in-vehicle networks, and in-vehicle network datasets by combining them in one article. Also, to our knowledge, very limited studies have been conducted on separately comparative analysis of in-vehicle networks, in-vehicle sensors or data sets in 2024, and therefore, the necessity of conducting a review study on these topics was recognized. To address this deficiency, we compile articles on attacks and defenses on sensors, in-vehicle networks and present detailed information about the latest datasets and provide comparative analysis. In this paper, we have analyzed 108 papers from the last 10 years on in-vehicle networks and sensors. 38 articles on in-vehicle sensors and 70 articles on in-vehicle networks were reviewed and analyzed. We categorize in-vehicle communication attacks into two main groups: sensor-initiated and network-initiated, with a chronological classification to highlight their evolution. We also compare the progress in securing in-vehicle communication and evaluate the most widely used datasets for attack and protection methods. Additionally, we discuss the advantages and disadvantages of these datasets and suggest future research directions. To the best of our knowledge, this work is the first to offer detailed information and comparative analysis of in-vehicle networks, sensors, and the latest datasets. While the study highlights the significant research conducted to protect in-vehicle networks and sensors from cyber attacks, technological advancements continue to introduce new attack vectors. Cars remain particularly susceptible to threats such as DoS, Fuzzy, Spoofing, and Replay attacks. Moreover, current defense mechanisms, including LSTM and CNN, have notable limitations. Future research is needed to address these challenges and enhance vehicle cybersecurity.

telecommunications,transportation science & technology

Trupil Limbasiya,Ko Zheng Teng,Sudipta Chattopadhyay,Jianying Zhou

DOI: https://doi.org/10.48550/arXiv.2203.14965

2022-08-05

Abstract:The number of Connected and Autonomous Vehicles (CAVs) is increasing rapidly in various smart transportation services and applications, considering many benefits to society, people, and the environment. Several research surveys for CAVs were conducted by primarily focusing on various security threats and vulnerabilities in the domain of CAVs to classify different types of attacks, impacts of attacks, attack features, cyber-risk, defense methodologies against attacks, and safety standards. However, the importance of attack detection and prevention approaches for CAVs has not been discussed extensively in the state-of-the-art surveys, and there is a clear gap in the existing literature on such methodologies to detect new and conventional threats and protect the CAV systems from unexpected hazards on the road. Some surveys have a limited discussion on Attacks Detection and Prevention Systems (ADPS), but such surveys provide only partial coverage of different types of ADPS for CAVs. Furthermore, there is a scope for discussing security, privacy, and efficiency challenges in ADPS that can give an overview of important security and performance attributes. This survey paper, therefore, presents the significance of CAVs in the market, potential challenges in CAVs, key requirements of essential security and privacy properties, various capabilities of adversaries, possible attacks in CAVs, and performance evaluation parameters for ADPS. An extensive analysis is discussed of different ADPS categories for CAVs and state-of-the-art research works based on each ADPS category that gives the latest findings in this research domain. This survey also discusses crucial and open security research problems that are required to be focused on the secure deployment of CAVs in the market.

Cryptography and Security

Changyin Dong,Hao Wang,Daiheng Ni,Yongfei Liu,Quan Chen

DOI: https://doi.org/10.1109/access.2020.2993254

IF: 3.9

2020-01-01

IEEE Access

Abstract:Connected and automated vehicles (CAVs) can improve transportation safety and efficiency based on vehicle-to-vehicle (V2V) or vehicle-to-infrastructure (V2I) communications. However, there are potential cyber threats to the communication systems via on-board unit equipped in CAVs and road-side unit. Based on existing traffic flow models, we design an evaluation framework for cyber-attacks on CAVs, and further investigate the impact of proportion of cyber-attacked vehicles, cyber-attack severity, cyber-attack range and traffic demand. Moreover, performance of the transportation system is analysed based on four indicators, including efficiency, safety, emissions and fuel consumption. The numerical simulation results show that with the increase of cyber-attacked vehicles and higher cyber-attack severity, the negative impact on traffic flow gradually becomes notable with lower capacity, higher risk of rear-end collision, more air pollutants and fuel consumption. In addition, it may lead to accidents and inefficient traffic operations if cyber-attacks occur on position rather than speed, and thus the position-attacked traffic system consumes more energy and emits more pollutants. The findings of this study provide useful information for the prediction of future cyber-attacked traffic, comprehensive evaluation of transportation systems, as well as management of automated highway systems from the perspective of network security.