BWM Integrated VIKOR method using Neutrosophic fuzzy sets for cybersecurity risk assessment of connected and autonomous vehicles

Abstract

Connected and autonomous vehicles (CAVs) have gained significant importance in intelligent transportation systems. However, CAVs are associated with significant cyber-risks caused by different threat-agents, which require robust mitigation strategies for secure operation. Different categories of threat-agents come with varying resources, motivation, and skills that must be addressed effectively for the secure operation of CAVs. This study offers a comprehensive analysis of cybersecurity risks from different categories of threat-agents targeting CAVs. A novel hybrid multi-criteria decision making (MCDM) technique has been developed to prioritize the threat-agent categories as part of the cyber defense mechanism. In this study, the major threat-agent categories are identified from the existing literature and cybersecurity reports. Then expert opinion is collected on the likelihood and severity of cyber-attacks undertaken by different threat-agent categories. Single-valued neutrosophic fuzzy sets (SVNFS) are implemented to consolidate the subjectivity of the linguistic opinions given by the experts. Then Best-Worst Method (BWM) is used to determine the relative criteria weightage on the cyber-attack consequences. These weights are then supplied to the ViseKriterijum-ska Optimizacija I Kompromisno Resenj (VIKOR) method for ranking the categories of threat-agents based on the risk perceived by the experts. A case study is presented with five categories of threat-agents and five loss criteria targeting CAVs to validate the viability of the proposed model. The result shows that insider attackers pose maximum risk for cybersecurity of CAVs. The proposed technique will provide helpful insights to the decision-makers for formulating effective defense strategies against cyber-attackers.