A Risk Assessment Framework Based on Fuzzy Logic for Automotive Systems

Author:

Merola Francesco12,Bernardeschi Cinzia1ORCID,Lami Giuseppe2

Affiliation:

1. Department of Information Engineering, University of Pisa, 56122 Pisa, Italy

2. Institute of Information Science and Technologies (ISTI-CNR), 56124 Pisa, Italy

Abstract

Recent advancements in the automotive field have significantly increased the level of complexity and connectivity of modern vehicles. In this context, the topic of cybersecurity becomes extremely relevant, as a successful attack can have an impact in terms of safety on the car navigation, potentially leading to harmful behavior. Risk assessment is typically performed using discrete input and output scales, which can often lead to an identical output in terms of risk evaluation despite the inputs presenting non-negligible differences. This work presents a novel fuzzy-logic-based methodology to assess cybersecurity risks which takes attack feasibility and safety impact as input factors. This technique allows us explicitly model the uncertainty and ambiguousness of input data, which is typical of the risk assessment process, providing an output on a more detailed scale. The fuzzy inference engine is based on a set of control rules expressed in natural language, which is crucial to maintaining the interpretability and traceability of the risk calculation. The proposed framework was applied to a case study extracted from ISO/SAE 21434. The obtained results are in line with the traditional methodology, with the added benefit of also providing the scatter around the calculated value, indicating the risk trend. The proposed method is general and can be applied in the industry independently from the specific case study.

Publisher

MDPI AG

Reference42 articles.

1. Milestones in autonomous driving and intelligent vehicles: Survey of surveys;Chen;IEEE Trans. Intell. Veh.,2022

2. A survey on cyber-security of connected and autonomous vehicles (CAVs);Sun;IEEE Trans. Intell. Transp. Syst.,2021

3. Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S., Koscher, K., Czeskis, A., Roesner, F., and Kohno, T. (2011, January 8–12). Comprehensive Experimental Analyses of Automotive Attack Surfaces. Proceedings of the 20th USENIX Security Symposium (USENIX Security 11), San Francisco, CA, USA. Available online: https://www.usenix.org/conference/usenix-security-11/comprehensive-experimental-analyses-automotive-attack-surfaces.

4. Wang, Z., Wei, H., Wang, J., Zeng, X., and Chang, Y. (2022). Security Issues and Solutions for Connected and Autonomous Vehicles in a Sustainable City: A Survey. Sustainability, 14.

5. (2024, January 06). Tesla in Autopilot Mode Crashes into Fire Truck. Available online: https://money.cnn.com/2018/01/23/technology/tesla-fire-truck-crash/index.html.

同舟云学术

1.学者识别学者识别

2.学术分析学术分析

3.人才评估人才评估

"同舟云学术"是以全球学者为主线,采集、加工和组织学术论文而形成的新型学术文献查询和分析系统,可以对全球学者进行文献检索和人才价值评估。用户可以通过关注某些学科领域的顶尖人物而持续追踪该领域的学科进展和研究前沿。经过近期的数据扩容,当前同舟云学术共收录了国内外主流学术期刊6万余种,收集的期刊论文及会议论文总量共计约1.5亿篇,并以每天添加12000余篇中外论文的速度递增。我们也可以为用户提供个性化、定制化的学者数据。欢迎来电咨询!咨询电话:010-8811{复制后删除}0370

www.globalauthorid.com

TOP

Copyright © 2019-2024 北京同舟云网络信息技术有限公司
京公网安备11010802033243号  京ICP备18003416号-3