The notorious B.I.T: The effects of a ransomware and a screen failure on distraction in automated driving

Abstract

Connected and automated vehicles are vulnerable to cyber-attacks, which may jeopardise their safe and efficient operation and, as a result, negatively affect drivers’ behaviour. A major concern for such cyber-attacks is visual distraction inside the vehicle, which is one of the main causes of road accidents. In this empirical research using a driving simulator, 38 participants drove in a conditionally automated vehicle and experienced two types of failure: explicit (i.e., ransomware attack appearing on the in-vehicle screen) and silent (i.e., turn signals failed to activate on the in-vehicle screen and instrument cluster), while engaged in a non-driving related task. Drivers’ gaze behaviour, in terms of number and duration of fixation, were collected and analysed. Results showed that the HMI where the ransomware was displayed was the area of interest drivers looked at the most. The majority of drivers failed to notice that the turn signal was faulty. Nearly half of drivers looked at the ransomware for more than 12 s while driving. No effect on the timing of failure on gaze behaviour was observed. This research evidenced that ransomware attacks are distractive and pose significant risks to road safety – with one participant crashing the vehicle after resuming manual control. Data also evidenced that such connected vehicles are unlikely to meet NHTSA’s distraction guidelines for safe use of in-vehicle devices.