Automotive Cyber Security

This chapter gives a brief description of the main topics of the book in automotive cybersecurity. The automotive industry, which comprises many companies and organizations, is one of the leading industries in the world as it is more aware of its environment and responds to it. The history of intelligent autonomous vehicles has improved more than two decades before. Ever since, the automotive industry has made a big transformation to ensure efficiency and safety by eliminating traffic accidents for both the drivers and passengers. The technological progress made in sensor and navigation systems, the Internet of Things, and different types of machine learning techniques would promote new, innovative, and accessible mobility that gives rise to intelligent and autonomous vehicles. However, security plays a vital role in intelligent and autonomous vehicles. In this book, we discuss in detail about the different levels of autonomous vehicles from Level 0 to Level 4, different types of cybersecurity issues in autonomous vehicles, and future trends and challenges in autonomous vehicles. Security must be thought as an important aspect during designing and implementation of the autonomous vehicles to prevent from numerous security threats and attacks. The purpose of this chapter is to provide a comprehensive overview of automotive connectivity and to provide a framework for discussion of the several challenges and issues related to automotive connectivity, security from a technical perspective.

This chapter provides an overview of the developments in intelligent and autonomous vehicle (IAV) that accompany in-vehicle and inter-vehicle connectivity. This chapter gives detailed information regarding the evolution of intelligent and autonomous vehicles, its classification based on vehicle driving levels, associations between connectivity and autonomy for vehicle performance and the state-of-the-art applications.

In this chapter, we mostly focus on cybersecurity and privacy in intelligent and autonomous vehicles (IAV). This chapter starts with the basics of cryptography and then proceeds to different types of advanced security and encryption schemes that can be used in autonomous vehicles. The cyber security in intelligent and autonomous vehicles can be a combination of physical security, information security, security elements, policies, standards, legislation, and risk mitigation strategies. We introduced the updated cybersecurity framework that provides a specific categorization and structural framework for institutions to describe their current cybersecurity position, state for cybersecurity, identify and prioritize security improvements, assess security progress, and plan concerning cybersecurity risks. Then, we discuss about the five key technological cybersecurities to protect any company, organization, and IAV against a cyber-attacks. A threat modeling method (TMM) is also required to investigate the potential threats so that the IAV system is fully secured from unknown attacks. The TMM is used to defend the cyber-physical system from attackers and detect the threats before they create severe damage. Some of the examples of TMM are STRIDE, PASTA, VAST, etc. The vulnerability is the weak point in the scheme that is misused by the malicious attacker in the form of attacks for their own advantages. We discuss some of the taxonomy that can be found in vehicular system such as autonomous vehicle vulnerability taxonomy, defense taxonomy, and privacy taxonomy.

The evolution of intelligent and autonomous vehicles increases the dependence on information sharing among in-vehicle electronic control units (ECUs) and communication within the vehicle, and increases the connection with other vehicles. As the category of safety equipment is concerned, driver assistance systems for safe driving are experiencing a dramatic growth and development process. Modern revolutionary automatic driving assistance system (ADAS) functions are made up of dynamic integrated and networked cyber-physical structures. While the connectivity to the outside world allows many new services, it also exposes the vehicle and its electronics to a possible remote attack. Hackers with experience of reverse engineering can access the vehicle’s electronic components quickly and in a very short time, resulting in the opening of a new attack surface.

We live in a world that is getting more interconnected by each day, and we are witnessing a global change where all the devices in our surroundings are becoming “smart” and connected to the Internet. The automotive industry is also a part of this change. Today’s vehicles have more than 150 small computers, embedded control units (ECUs), and multiple connection points to the Internet which makes them vulnerable to various online threats.

In this chapter, we focus on the connected vehicle technology and describe in detail about the different types of connected vehicle technology and its security issues. The intelligent and autonomous vehicle (IAV) technologies are expected to revolutionize the intelligent transportation system internationally.

In this chapter, we will discuss the emerging mobility ecosystem and its potential growth that enhance the vehicle movement from source to the destination. This helps to save the passenger’s time and provides comfort during traveling. The main objective of the future of mobility along with the autonomous transportation and shared mobility is to overcome the predictable accidents on the road. The vehicles have evolved from mechanical transportation means to the smart vehicles with varieties of communication and sensing capabilities. With the development of Internet of Things (IoT), the conventional vehicles have developed over time and turned to Internet of Vehicles (IoV) with advanced connectivity with Internet, infrastructures, context awareness, sensing capabilities, service provisioning, etc. The IoV has developed over time from the conventional vehicular networks that connect the smart vehicles to the smart city. The IoV is a multifaceted vehicular network, where the vehicles consist of various sensors installed that gathers data from other vehicles and road infrastructures. IoV is a special case of IoT, which is developed specially for automotive vehicles. Several applications of IoV are indispensable for vehicles, drivers, pedestrian, smart city infrastructure, etc. The IoV has been popular among the automotive industry research, and they are attracted to the academic sector as well. In IoV, a large number of vehicles interconnect with each other and they communicate through heterogeneous wireless communications. We discuss seven-layered architecture of IoV in detail. The seven layers of IoV are interface layer, data acquisition layer, data preprocessing layer, communication layer, management and control layer, processing layer, and the security layer. In IoV, there exists congestion and scalability issue due to the increase in the number of vehicles and are not able to preprocess huge amount of collected data from various sensors and neighbor vehicles. The IoV requires serious attention, and the security in the IoV needs to be studied carefully to prevent from serious cyber-attacks. The existing IoV architecture lacks security requirements such as authentication, authorization, and trust-related issues. We discuss several types of attacks in IoV and challenging issues in IoV. Then, we mentioned three types of IoV applications in intelligent transportation system (ITS), business-related applications, and smart city applications.

The Fourth Industrial Revolution will see autonomous vehicles at the center. The automotive industry has already become a worldwide issue that is not constrained solely by one country’s strategy.