Visible to the public Biblio

Filters: Keyword is road safety  [Clear All Filters]
2021-03-29
Halabi, T., Wahab, O. A., Zulkernine, M..  2020.  A Game-Theoretic Approach for Distributed Attack Mitigation in Intelligent Transportation Systems. NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium. :1–6.
Intelligent Transportation Systems (ITS) play a vital role in the development of smart cities. They enable various road safety and efficiency applications such as optimized traffic management, collision avoidance, and pollution control through the collection and evaluation of traffic data from Road Side Units (RSUs) and connected vehicles in real time. However, these systems are highly vulnerable to data corruption attacks which can seriously influence their decision-making abilities. Traditional attack detection schemes do not account for attackers' sophisticated and evolving strategies and ignore the ITS's constraints on security resources. In this paper, we devise a security game model that allows the defense mechanism deployed in the ITS to optimize the distribution of available resources for attack detection while considering mixed attack strategies, according to which the attacker targets multiple RSUs in a distributed fashion. In our security game, the utility of the ITS is quantified in terms of detection rate, attack damage, and the relevance of the information transmitted by the RSUs. The proposed approach will enable the ITS to mitigate the impact of attacks and increase its resiliency. The results show that our approach reduces the attack impact by at least 20% compared to the one that fairly allocates security resources to RSUs indifferently to attackers' strategies.
2021-02-23
Olowononi, F. O., Rawat, D. B., Liu, C..  2020.  Dependable Adaptive Mobility in Vehicular Networks for Resilient Mobile Cyber Physical Systems. 2020 IEEE International Conference on Communications Workshops (ICC Workshops). :1—6.

Improved safety, high mobility and environmental concerns in transportation systems across the world and the corresponding developments in information and communication technologies continue to drive attention towards Intelligent Transportation Systems (ITS). This is evident in advanced driver-assistance systems such as lane departure warning, adaptive cruise control and collision avoidance. However, in connected and autonomous vehicles, the efficient functionality of these applications depends largely on the ability of a vehicle to accurately predict it operating parameters such as location and speed. The ability to predict the immediate future/next location (or speed) of a vehicle or its ability to predict neighbors help in guaranteeing integrity, availability and accountability, thus boosting safety and resiliency of the Vehicular Network for Mobile Cyber Physical Systems (VCPS). In this paper, we proposed a secure movement-prediction for connected vehicles by using Kalman filter. Specifically, Kalman filter predicts the locations and speeds of individual vehicles with reference to already observed and known information such posted legal speed limit, geographic/road location, direction etc. The aim is to achieve resilience through the predicted and exchanged information between connected moving vehicles in an adaptive manner. By being able to predict their future locations, the following vehicle is able to adjust its position more accurately to avoid collision and to ensure optimal information exchange among vehicles.

2021-02-15
Rabieh, K., Mercan, S., Akkaya, K., Baboolal, V., Aygun, R. S..  2020.  Privacy-Preserving and Efficient Sharing of Drone Videos in Public Safety Scenarios using Proxy Re-encryption. 2020 IEEE 21st International Conference on Information Reuse and Integration for Data Science (IRI). :45–52.
Unmanned Aerial Vehicles (UAVs) also known as drones are being used in many applications where they can record or stream videos. One interesting application is the Intelligent Transportation Systems (ITS) and public safety applications where drones record videos and send them to a control center for further analysis. These videos are shared by various clients such as law enforcement or emergency personnel. In such cases, the recording might include faces of civilians or other sensitive information that might pose privacy concerns. While the video can be encrypted and stored in the cloud that way, it can still be accessed once the keys are exposed to third parties which is completely insecure. To prevent such insecurity, in this paper, we propose proxy re-encryption based sharing scheme to enable third parties to access only limited videos without having the original encryption key. The costly pairing operations in proxy re-encryption are not used to allow rapid access and delivery of the surveillance videos to third parties. The key management is handled by a trusted control center, which acts as the proxy to re-encrypt the data. We implemented and tested the approach in a realistic simulation environment using different resolutions under ns-3. The implementation results and comparisons indicate that there is an acceptable overhead while it can still preserve the privacy of drivers and passengers.
2021-02-03
Razin, Y. S., Feigh, K. M..  2020.  Hitting the Road: Exploring Human-Robot Trust for Self-Driving Vehicles. 2020 IEEE International Conference on Human-Machine Systems (ICHMS). :1—6.

With self-driving cars making their way on to our roads, we ask not what it would take for them to gain acceptance among consumers, but what impact they may have on other drivers. How they will be perceived and whether they will be trusted will likely have a major effect on traffic flow and vehicular safety. This work first undertakes an exploratory factor analysis to validate a trust scale for human-robot interaction and shows how previously validated metrics and general trust theory support a more complete model of trust that has increased applicability in the driving domain. We experimentally test this expanded model in the context of human-automation interaction during simulated driving, revealing how using these dimensions uncovers significant biases within human-robot trust that may have particularly deleterious effects when it comes to sharing our future roads with automated vehicles.

2021-02-01
Ajenaghughrure, I. B., Sousa, S. C. da Costa, Lamas, D..  2020.  Risk and Trust in artificial intelligence technologies: A case study of Autonomous Vehicles. 2020 13th International Conference on Human System Interaction (HSI). :118–123.
This study investigates how risk influences users' trust before and after interactions with technologies such as autonomous vehicles (AVs'). Also, the psychophysiological correlates of users' trust from users” eletrodermal activity responses. Eighteen (18) carefully selected participants embark on a hypothetical trip playing an autonomous vehicle driving game. In order to stay safe, throughout the drive experience under four risk conditions (very high risk, high risk, low risk and no risk) that are based on automotive safety and integrity levels (ASIL D, C, B, A), participants exhibit either high or low trust by evaluating the AVs' to be highly or less trustworthy and consequently relying on the Artificial intelligence or the joystick to control the vehicle. The result of the experiment shows that there is significant increase in users' trust and user's delegation of controls to AVs' as risk decreases and vice-versa. In addition, there was a significant difference between user's initial trust before and after interacting with AVs' under varying risk conditions. Finally, there was a significant correlation in users' psychophysiological responses (electrodermal activity) when exhibiting higher and lower trust levels towards AVs'. The implications of these results and future research opportunities are discussed.
Lee, J., Abe, G., Sato, K., Itoh, M..  2020.  Impacts of System Transparency and System Failure on Driver Trust During Partially Automated Driving. 2020 IEEE International Conference on Human-Machine Systems (ICHMS). :1–3.
The objective of this study is to explore changes of trust by a situation where drivers need to intervene. Trust in automation is a key determinant for appropriate interaction between drivers and the system. System transparency and types of system failure influence shaping trust in a supervisory control. Subjective ratings of trust were collected to examine the impact of two factors: system transparency (Detailed vs. Less) and system failure (by Limits vs. Malfunction) in a driving simulator study in which drivers experienced a partially automated vehicle. We examined trust ratings at three points: before and after driver intervention in the automated vehicle, and after subsequent experience of flawless automated driving. Our result found that system transparency did not have significant impacts on trust change from before to after the intervention. System-malfunction led trust reduction compared to those of before the intervention, whilst system-limits did not influence trust. The subsequent experience recovered decreased trust, in addition, when the system-limit occurred to drivers who have detailed information about the system, trust prompted in spite of the intervention. The present finding has implications for automation design to achieve the appropriate level of trust.
2021-01-25
Marasco, E. O., Quaglia, F..  2020.  AuthentiCAN: a Protocol for Improved Security over CAN. 2020 Fourth World Conference on Smart Trends in Systems, Security and Sustainability (WorldS4). :533–538.
The continuous progress of electronic equipments has influenced car manufacturers, leading to the integration of the latest infotainment technologies and providing connection to external devices, such as mobile phones. Modern cars work with ECUs (Electronic Control Units) that handle user interactions and sensor data, by also sending information to actuators using simple, reliable and efficient networks with fast protocols, like CAN (Controller Area Network). This is the most used vehicular protocol, which allows interconnecting different ECUs, making them interact in a synergic manner. On the down side, there is a security risk related to the exposition of malicious ECU's frames-possibly generated by compromised devices-which can lead to the possibility to remote control all the car equipments (like brakes and others) by an attacker. We propose a solution to this problem, designing an authentication and encryption system above CAN, called AuthentiCAN. Our proposal is tailored for the evolution of CAN called CAN-FD, and avoids the possibility for an attacker to inject malicious frames that are not discarded by the destination ECUs. Also, we avoid the possibility for an attacker to learn the interactions that occur across ECUs, with the objective of maliciously replaying messages-which would lead the actuator's logic to be no longer compliant with the actual data sources. We also present a simulation study of our solution, where we provide an assessment of its overhead, e.g. in terms of reduction of the throughput of data-unit transfer over CAN-FD, caused by the added security features.
2020-12-14
Lim, K., Islam, T., Kim, H., Joung, J..  2020.  A Sybil Attack Detection Scheme based on ADAS Sensors for Vehicular Networks. 2020 IEEE 17th Annual Consumer Communications Networking Conference (CCNC). :1–5.
Vehicular Ad Hoc Network (VANET) is a promising technology for autonomous driving as it provides many benefits and user conveniences to improve road safety and driving comfort. Sybil attack is one of the most serious threats in vehicular communications because attackers can generate multiple forged identities to disseminate false messages to disrupt safety-related services or misuse the systems. To address this issue, we propose a Sybil attack detection scheme using ADAS (Advanced Driving Assistant System) sensors installed on modern passenger vehicles, without the assistance of trusted third party authorities or infrastructure. Also, a deep learning based object detection technique is used to accurately identify nearby objects for Sybil attack detection and the multi-step verification process minimizes the false positive of the detection.
2020-12-07
Allig, C., Leinmüller, T., Mittal, P., Wanielik, G..  2019.  Trustworthiness Estimation of Entities within Collective Perception. 2019 IEEE Vehicular Networking Conference (VNC). :1–8.
The idea behind collective perception is to improve vehicles' awareness about their surroundings. Every vehicle shares information describing its perceived environment by means of V2X communication. Similar to other information shared using V2X communication, collective perception information is potentially safety relevant, which means there is a need to assess the reliability and quality of received information before further processing. Transmitted information may have been forged by attackers or contain inconsistencies e.g. caused by malfunctions. This paper introduces a novel approach for estimating a belief that a pair of entities, e.g. two remote vehicles or the host vehicle and a remote vehicle, within a Vehicular ad hoc Network (VANET) are both trustworthy. The method updates the belief based on the consistency of the data that both entities provide. The evaluation shows that the proposed method is able to identify forged information.
More, P. H., Dongre, M. M..  2019.  Partially Predictable Vehicular Ad-hoc Network: Trustworthiness and Security. 2019 IEEE 5th International Conference for Convergence in Technology (I2CT). :1–5.
VANET is an emerging technology incorporating ad hoc network to accomplish intelligent communications between vehicles, improvement in road traffic efficiency and safety. In some situations movement of vehicles is in a certain range, over particular distance or just in a specific tendency. Such a network can be called as incompletely or partially predictable network. An efficient use of such network, position and motion of nodes as well as relative history in big data is an open issue in vehicular ad hoc network. A hybrid protocol which provides secure and trustworthiness evaluation based routing can be used in VANET. Here Secure Trustworthiness Evaluation Based Routing Protocol is implemented using NS2 software. Its performance is very good in terms of the Average End to End Delay, Packet Delivery Ratio and Normalized Routing Overhead.
2020-10-19
Engoulou, Richard Gilles, Bellaiche, Martine, Halabi, Talal, Pierre, Samuel.  2019.  A Decentralized Reputation Management System for Securing the Internet of Vehicles. 2019 International Conference on Computing, Networking and Communications (ICNC). :900–904.
The evolution of the Internet of Vehicles (IoV) paradigm has recently attracted a lot of researchers and industries. Vehicular Ad Hoc Networks (VANET) is the networking model that lies at the heart of this technology. It enables the vehicles to exchange relevant information concerning road conditions and safety. However, ensuring communication security has been and still is one of the main challenges to vehicles' interconnection. To secure the interconnected vehicular system, many cryptography techniques, communication protocols, and certification and reputation-based security approaches were proposed. Nonetheless, some limitations are still present, preventing the practical implementation of such approaches. In this paper, we first define a set of locally-perceived behavioral reputation parameters that enable a distributed evaluation of vehicles' reputation. Then, we integrate these parameters into the design of a reputation management system to exclude malicious or faulty vehicles from the IoV network. Our system can help in the prevention of several attacks on the VANET environment such as Sybil and Denial of Service attacks, and can be implemented in a fully decentralized fashion.
2020-09-11
Garip, Mevlut Turker, Lin, Jonathan, Reiher, Peter, Gerla, Mario.  2019.  SHIELDNET: An Adaptive Detection Mechanism against Vehicular Botnets in VANETs. 2019 IEEE Vehicular Networking Conference (VNC). :1—7.
Vehicular ad hoc networks (VANETs) are designed to provide traffic safety by enabling vehicles to broadcast information-such as speed, location and heading-through inter-vehicular communications to proactively avoid collisions. However, the attacks targeting these networks might overshadow their advantages if not protected against. One powerful threat against VANETs is vehicular botnets. In our earlier work, we demonstrated several vehicular botnet attacks that can have damaging impacts on the security and privacy of VANETs. In this paper, we present SHIELDNET, the first detection mechanism against vehicular botnets. Similar to the detection approaches against Internet botnets, we target the vehicular botnet communication and use several machine learning techniques to identify vehicular bots. We show via simulation that SHIELDNET can identify 77 percent of the vehicular bots. We propose several improvements on the VANET standards and show that their existing vulnerabilities make an effective defense against vehicular botnets infeasible.
2020-08-03
Arthi, A., Aravindhan, K..  2019.  Enhancing the Performance Analysis of LWA Protocol Key Agreement in Vehicular Ad hoc Network. 2019 5th International Conference on Advanced Computing Communication Systems (ICACCS). :1070–1074.

Road accidents are challenging threat in the present scenario. In India there are 5, 01,423 road accidents in 2015. A day 400 hundred deaths are forcing to India to take car safety sincerely. The common cause for road accidents is driver's distraction. In current world the people are dominated by the tablet PC and other hand held devices. The VANET technology is a vehicle-to-vehicle communication; here the main challenge will be to deliver qualified communication during mobility. The paper proposes a standard new restricted lightweight authentication protocol utilizing key agreement theme for VANETs. Inside the planned topic, it has three sorts of validations: 1) V2V 2) V2CH; and 3) CH and RSU. Aside from this authentication, the planned topic conjointly keeps up mystery keys between RSUs for the safe communication. Thorough informal security analysis demonstrates the planned subject is skilled to guard different malicious attack. In addition, the NS2 Simulation exhibits the possibility of the proposed plan in VANET background.

Dai, Haipeng, Liu, Alex X., Li, Zeshui, Wang, Wei, Zhang, Fengmin, Dong, Chao.  2019.  Recognizing Driver Talking Direction in Running Vehicles with a Smartphone. 2019 IEEE 16th International Conference on Mobile Ad Hoc and Sensor Systems (MASS). :10–18.
This paper addresses the fundamental problem of identifying driver talking directions using a single smartphone, which can help drivers by warning distraction of having conversations with passengers in a vehicle and enable safety enhancement. The basic idea of our system is to perform talking status and direction identification using two microphones on a smartphone. We first use the sound recorded by the two microphones to identify whether the driver is talking or not. If yes, we then extract the so-called channel fingerprint from the speech signal and classify it into one of three typical driver talking directions, namely, front, right and back, using a trained model obtained in advance. The key novelty of our scheme is the proposition of channel fingerprint which leverages the heavy multipath effects in the harsh in-vehicle environment and cancels the variability of human voice, both of which combine to invalidate traditional TDoA, DoA and fingerprint based sound source localization approaches. We conducted extensive experiments using two kinds of phones and two vehicles for four phone placements in three representative scenarios, and collected 23 hours voice data from 20 participants. The results show that our system can achieve 95.0% classification accuracy on average.
2020-07-27
Liem, Clifford, Murdock, Dan, Williams, Andrew, Soukup, Martin.  2019.  Highly Available, Self-Defending, and Malicious Fault-Tolerant Systems for Automotive Cybersecurity. 2019 IEEE 19th International Conference on Software Quality, Reliability and Security Companion (QRS-C). :24–27.
With the growing number of electronic features in cars and their connections to the cloud, smartphones, road-side equipment, and neighboring cars the need for effective cybersecurity is paramount. Beyond the concern of brand degradation, warranty fraud, and recalls, what keeps manufacturers up at night is the threat of malicious attacks which can affect the safety of vehicles on the road. Would any single protection technique provide the security needed over the long lifetime of a vehicle? We present a new methodology for automotive cybersecurity where the designs are made to withstand attacks in the future based on the concepts of high availability and malicious fault-tolerance through self-defending techniques. When a system has an intrusion, self-defending technologies work to contain the breach using integrity verification, self-healing, and fail-over techniques to keep the system running.
Lambert, Christoph, Völp, Marcus, Decouchant, Jérémie, Esteves-Verissimo, Paulo.  2018.  Towards Real-Time-Aware Intrusion Tolerance. 2018 IEEE 37th Symposium on Reliable Distributed Systems (SRDS). :269–270.
Technologies such as Industry 4.0 or assisted/autonomous driving are relying on highly customized cyber-physical realtime systems. Those systems are designed to match functional safety regulations and requirements such as EN ISO 13849, EN IEC 62061 or ISO 26262. However, as systems - especially vehicles - are becoming more connected and autonomous, they become more likely to suffer from new attack vectors. New features may meet the corresponding safety requirements but they do not consider adversaries intruding through security holes with the purpose of bringing vehicles into unsafe states. As research goal, we want to bridge the gap between security and safety in cyber-physical real-time systems by investigating real-time-aware intrusion-tolerant architectures for automotive use-cases.
2020-06-19
Chowdhury, Abdullahi, Karmakar, Gour, Kamruzzaman, Joarder.  2019.  Trusted Autonomous Vehicle: Measuring Trust using On-Board Unit Data. 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :787—792.

Vehicular Ad-hoc Networks (VANETs) play an essential role in ensuring safe, reliable and faster transportation with the help of an Intelligent Transportation system. The trustworthiness of vehicles in VANETs is extremely important to ensure the authenticity of messages and traffic information transmitted in extremely dynamic topographical conditions where vehicles move at high speed. False or misleading information may cause substantial traffic congestions, road accidents and may even cost lives. Many approaches exist in literature to measure the trustworthiness of GPS data and messages of an Autonomous Vehicle (AV). To the best of our knowledge, they have not considered the trustworthiness of other On-Board Unit (OBU) components of an AV, along with GPS data and transmitted messages, though they have a substantial relevance in overall vehicle trust measurement. In this paper, we introduce a novel model to measure the overall trustworthiness of an AV considering four different OBU components additionally. The performance of the proposed method is evaluated with a traffic simulation model developed by Simulation of Urban Mobility (SUMO) using realistic traffic data and considering different levels of uncertainty.

2020-05-08
Ming, Liang, Zhao, Gang, Huang, Minhuan, Kuang, Xiaohui, Li, Hu, Zhang, Ming.  2018.  Security Analysis of Intelligent Transportation Systems Based on Simulation Data. 2018 1st International Conference on Data Intelligence and Security (ICDIS). :184—187.

Modern vehicles in Intelligent Transportation Systems (ITS) can communicate with each other as well as roadside infrastructure units (RSUs) in order to increase transportation efficiency and road safety. For example, there are techniques to alert drivers in advance about traffic incidents and to help them avoid congestion. Threats to these systems, on the other hand, can limit the benefits of these technologies. Securing ITS itself is an important concern in ITS design and implementation. In this paper, we provide a security model of ITS which extends the classic layered network security model with transportation security and information security, and gives a reference for designing ITS architectures. Based on this security model, we also present a classification of ITS threats for defense. Finally a proof-of-concept example with malicious nodes in an ITS system is also given to demonstrate the impact of attacks. We analyzed the threat of malicious nodes and their effects to commuters, like increasing toll fees, travel distances, and travel times etc. Experimental results from simulations based on Veins shows the threats will bring about 43.40% more total toll fees, 39.45% longer travel distances, and 63.10% more travel times.

2020-04-13
Ruehrup, Stefan, Krenn, Stephan.  2019.  Towards Privacy in Geographic Message Dissemination for Connected Vehicles. 2019 IEEE International Conference on Connected Vehicles and Expo (ICCVE). :1–6.
With geographic message dissemination, connected vehicles can be served with traffic information in their proximity, thereby positively impacting road safety, traffic management, or routing. Since such messages are typically relevant in a small geographic area, servers only distribute messages to affected vehicles for efficiency reasons. One main challenge is to maintain scalability of the server infrastructure when collecting location updates from vehicles and determining the relevant group of vehicles when messages are distributed to a geographic relevance area, while at the same time respecting the individual user's privacy in accordance with legal regulations. In this paper, we present a framework for geographic message dissemination following the privacy-by-design and privacy-by-default principles, without having to accept efficiency drawbacks compared to conventional server-client based approaches.
2020-03-02
Ayaida, Marwane, Messai, Nadhir, Wilhelm, Geoffrey, Najeh, Sameh.  2019.  A Novel Sybil Attack Detection Mechanism for C-ITS. 2019 15th International Wireless Communications Mobile Computing Conference (IWCMC). :913–918.

Cooperative Intelligent Transport Systems (C-ITS) are expected to play an important role in our lives. They will improve the traffic safety and bring about a revolution on the driving experience. However, these benefits are counterbalanced by possible attacks that threaten not only the vehicle's security, but also passengers' lives. One of the most common attacks is the Sybil attack, which is even more dangerous than others because it could be the starting point of many other attacks in C-ITS. This paper proposes a distributed approach allowing the detection of Sybil attacks by using the traffic flow theory. The key idea here is that each vehicle will monitor its neighbourhood in order to detect an eventual Sybil attack. This is achieved by a comparison between the real accurate speed of the vehicle and the one estimated using the V2V communications with vehicles in the vicinity. The estimated speed is derived by using the traffic flow fundamental diagram of the road's portion where the vehicles are moving. This detection algorithm is validated through some extensive simulations conducted using the well-known NS3 network simulator with SUMO traffic simulator.

2019-05-01
Sowah, R., Ofoli, A., Koumadi, K., Osae, G., Nortey, G., Bempong, A. M., Agyarkwa, B., Apeadu, K. O..  2018.  Design and Implementation of a Fire Detection andControl System with Enhanced Security and Safety for Automobiles Using Neuro-Fuzzy Logic. 2018 IEEE 7th International Conference on Adaptive Science Technology (ICAST). :1-8.

Automobiles provide comfort and mobility to owners. While they make life more meaningful they also pose challenges and risks in their safety and security mechanisms. Some modern automobiles are equipped with anti-theft systems and enhanced safety measures to safeguard its drivers. But at times, these mechanisms for safety and secured operation of automobiles are insufficient due to various mechanisms used by intruders and car thieves to defeat them. Drunk drivers cause accidents on our roads and thus the need to safeguard the driver when he is intoxicated and render the car to be incapable of being driven. These issues merit an integrated approach to safety and security of automobiles. In the light of these challenges, an integrated microcontroller-based hardware and software system for safety and security of automobiles to be fixed into existing vehicle architecture, was designed, developed and deployed. The system submodules are: (1) Two-step ignition for automobiles, namely: (a) biometric ignition and (b) alcohol detection with engine control, (2) Global Positioning System (GPS) based vehicle tracking and (3) Multisensor-based fire detection using neuro-fuzzy logic. All submodules of the system were implemented using one microcontroller, the Arduino Mega 2560, as the central control unit. The microcontroller was programmed using C++11. The developed system performed quite well with the tests performed on it. Given the right conditions, the alcohol detection subsystem operated with a 92% efficiency. The biometric ignition subsystem operated with about 80% efficiency. The fire detection subsystem operated with a 95% efficiency in locations registered with the neuro-fuzzy system. The vehicle tracking subsystem operated with an efficiency of 90%.

2019-02-13
Mamun, A. Al, Mamun, M. Abdullah Al, Shikfa, A..  2018.  Challenges and Mitigation of Cyber Threat in Automated Vehicle: An Integrated Approach. 2018 International Conference of Electrical and Electronic Technologies for Automotive. :1–6.
The technological development of automated vehicles opens novel cybersecurity threats and risks for road safety. Increased connectivity often results in increased risks of a cyber-security attacks, which is one of the biggest challenges for the automotive industry that undergoes a profound transformation. State of the art studies evaluated potential attacks and recommended possible measures, from technical and organizational perspective to face these challenges. In this position paper, we review these techniques and methods and show that some of the different solutions complement each other while others overlap or are even incompatible or contradictory. Based on this gap analysis, we advocate for the need of a comprehensive framework that integrates technical and organizational mitigation measures to enhance the cybersecurity of automotive vehicles.
2019-01-31
Lyu, C., Pande, A., Zhang, Y., Gu, D., Mohapatra, P..  2018.  FastTrust: Fast and Anonymous Spatial-Temporal Trust for Connected Cars on Expressways. 2018 15th Annual IEEE International Conference on Sensing, Communication, and Networking (SECON). :1–9.

Connected cars have received massive attention in Intelligent Transportation System. Many potential services, especially safety-related ones, rely on spatial-temporal messages periodically broadcast by cars. Without a secure authentication algorithm, malicious cars may send out invalid spatial-temporal messages and then deny creating them. Meanwhile, a lot of private information may be disclosed from these spatial-temporal messages. Since cars move on expressways at high speed, any authentication must be performed in real-time to prevent crashes. In this paper, we propose a Fast and Anonymous Spatial-Temporal Trust (FastTrust) mechanism to ensure these properties. In contrast to most authentication protocols which rely on fixed infrastructures, FastTrust is distributed and mostly designed on symmetric-key cryptography and an entropy-based commitment, and is able to fast authenticate spatial-temporal messages. FastTrust also ensures the anonymity and unlinkability of spatial-temporal messages by developing a pseudonym-varying scheduling scheme on cars. We provide both analytical and simulation evaluations to show that FastTrust achieves the security and privacy properties. FastTrust is low-cost in terms of communication and computational resources, authenticating 20 times faster than existing Elliptic Curve Digital Signature Algorithm.

2018-05-02
Yao, Y., Xiao, B., Wu, G., Liu, X., Yu, Z., Zhang, K., Zhou, X..  2017.  Voiceprint: A Novel Sybil Attack Detection Method Based on RSSI for VANETs. 2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). :591–602.

Vehicular Ad Hoc Networks (VANETs) enable vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communications that bring many benefits and conveniences to improve the road safety and drive comfort in future transportation systems. Sybil attack is considered one of the most risky threats in VANETs since a Sybil attacker can generate multiple fake identities with false messages to severely impair the normal functions of safety-related applications. In this paper, we propose a novel Sybil attack detection method based on Received Signal Strength Indicator (RSSI), Voiceprint, to conduct a widely applicable, lightweight and full-distributed detection for VANETs. To avoid the inaccurate position estimation according to predefined radio propagation models in previous RSSI-based detection methods, Voiceprint adopts the RSSI time series as the vehicular speech and compares the similarity among all received time series. Voiceprint does not rely on any predefined radio propagation model, and conducts independent detection without the support of the centralized infrastructure. It has more accurate detection rate in different dynamic environments. Extensive simulations and real-world experiments demonstrate that the proposed Voiceprint is an effective method considering the cost, complexity and performance.

2018-02-02
Kokaly, S..  2017.  Managing Assurance Cases in Model Based Software Systems. 2017 IEEE/ACM 39th International Conference on Software Engineering Companion (ICSE-C). :453–456.

Software has emerged as a significant part of many domains, including financial service platforms, social networks and vehicle control. Standards organizations have responded to this by creating regulations to address issues such as safety and privacy. In this context, compliance of software with standards has emerged as a key issue. For software development organizations, compliance is a complex and costly goal to achieve and is often accomplished by producing so-called assurance cases, which demonstrate that the system indeed satisfies the property imposed by a standard (e.g., safety, privacy, security). As systems and standards undergo evolution for a variety of reasons, maintaining assurance cases multiplies the effort. In this work, we propose to exploit the connection between the field of model management and the problem of compliance management and propose methods that use model management techniques to address compliance scenarios such as assurance case evolution and reuse. For validation, we ground our approaches on the automotive domain and the ISO 26262 standard for functional safety of road vehicles.