Abstract
Modern vehicles are no longer merely mechanical systems but are monitored and controlled by various electronic systems. Safety-critical systems of connected vehicles become vulnerable to cyberattacks because of increasing interconnection. At present, the security risk analysis of connected vehicles is mainly based on qualitative methods, while these methods are usually subjective and lack consideration for functional safety. In order to solve this problem, we propose in this paper a security risk analysis framework for connected vehicles based on formal methods. Firstly, we introduce the electronic and electrical architecture of the connected vehicle and analyze the attack surfaces of the in-vehicle safety-critical systems from three levels of sensors, in-vehicle networks, and controllers. Secondly, we propose a method to model the target of evaluation (i.e., in-vehicle safety-critical system) as a Markov decision process and use probabilistic computation tree logic to formally describe its security properties. Then, a probabilistic model checker PRISM is used to analyze the security risk of target systems quantitatively according to security properties. Finally, we apply the proposed approach to analyze and compare the security risks of the collision warning system under a distributed and centralized electrical and electronic architecture. In addition, from a practical point of view, we propose a Markov model generation method based on a SysML activity diagram, which can simplify our modeling process. The evaluation results show that we can have a quantitative understanding of the security risks at the system level in the early stage of system design.
Highlights
Modern vehicles have changed from a traditional mechanical system to an electronic control system, which runs a large amount of software and hardware [1]
We propose a security risk analysis approach based on the Markov decision process (MDP)
We have proposed a security risk assessment framework for the safety-critical system of the connected vehicles
Summary
Modern vehicles have changed from a traditional mechanical system to an electronic control system, which runs a large amount of software and hardware [1]. In some high-end vehicles, more than 100 electronic control units (ECUs) are assembled to implement complex safety and comfort functions [2]. Security threats from inside and outside the vehicle cannot only damage to the privacy of the system and the safety of life, such as when the dynamic control system of the vehicle is under the control of an attacker. With the increasing connectivity of vehicles, some non-safety-critical systems have become safety-critical systems inside the connected vehicles. Automotive engineers devoted much attention to the research of safety-critical systems to prevent these systems from failure, but they lacked experience
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
