A Systematic Risk Assessment Framework of Automotive Cybersecurity-Reference-Cited by-同舟云学术

A Systematic Risk Assessment Framework of Automotive Cybersecurity

Published:2021-03-23 Issue:3 Volume:4 Page:253-261
ISSN:2096-4250
Container-title:Automotive Innovation
language:en
Short-container-title:Automot. Innov.

Author:

Wang Yunpeng,Wang Yinghui,Qin Hongmao,Ji Haojie,Zhang Yanan,Wang Jian

Abstract

AbstractThe increasingly intelligent and connected vehicles have brought many unprecedented automotive cybersecurity threats, which may cause privacy breaches, personal injuries, and even national security issues. Before providing effective security solutions, a comprehensive risk assessment of the automotive cybersecurity must be carried out. A systematic cybersecurity risk assessment framework for automobiles is proposed in this study. It consists of an assessment process and systematic assessment methods considering the changes of threat environment, evaluation target, and available information in vehicle lifecycle. In the process of risk identification and risk analysis, the impact level and attack feasibility level are assessed based on the STRIDE model and attack tree method. An automotive cybersecurity risk matrix using a global rating algorithm is then constructed to create a quantitative risk metric. Finally, the applicability and feasibility of the proposed risk assessment framework are demonstrated through a use case, and the results prove that the proposed framework is effective. The proposed assessment framework helps to systematically derive automotive cybersecurity requirements.

Funder

National Key Research and Development Program of China

Publisher

Springer Science and Business Media LLC

Subject

Automotive Engineering

Link

https://link.springer.com/content/pdf/10.1007/s42154-021-00140-6.pdf

Reference37 articles.

1. Steger, M., Karner, M., Hillebrand, J., et al.: A security metric for structured security analysis of cyber-physical systems supporting SAE J3061. Modelling, Analysis, and Control of Complex CPS (CPS Data), 2nd International Workshop, IEEE. (2016)

2. Xie, G., Zeng, G., Li, Z., et al.: Adaptive dynamic scheduling on multi-functional mixed-criticality automotive cyber-physical systems. IEEE Trans. Veh. Technol. 66(8), 6676–6692 (2017)

3. Xie, G., Peng, H., Li, Z., et al.: Reliability enhancement towards functional safety goal assurance in energy-aware automotive cyber-physical systems. IEEE Trans. Ind. Informat. 14(12), 5447–5462 (2018)

4. Xie, G., Peng, H., Huang, J., et al.: Energy-efficient functional safety design methodology using ASIL decomposition for automotive cyber-physical systems. IEEE Trans. Reliab. 99, 1–23 (2019)

5. Schmittner, C., Ma, Z., Schoitsch, E., et al.: A case study of FMVEA and chassis as safety and security co-analysis method for automotive cyber-physical systems. Proc. 1st ACM Workshop Cyber-Phys. Syst. Secur. 69–80 (2015)

Cited by 27 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. REACT: Autonomous intrusion response system for intelligent vehicles;Computers & Security;2024-10

2. Employing a Model of Computation for Testing and Verifying the Security of Connected and Autonomous Vehicles;SAE International Journal of Connected and Automated Vehicles;2024-03-05

3. CHAINS: CHAIN-Based Fusion Safety System Framework for Intelligent Connected Vehicle;CHAIN;2024-03

4. Up-to-Date Threat Modelling for Soft Privacy on Smart Cars;Lecture Notes in Computer Science;2024

5. A Testing and Verification Approach to Tune Control Parameters of Cooperative Driving Automation Under False Data Injection Attacks;IEEE Access;2024