Abstract
Human-initiated disruptions such as cyberattacks on connected vehicles have the potential to cause cascading failures in transport systems, leading to systemic risks. ‘ISO/SAE 21434:2021 Road vehicles - Cybersecurity engineering’ is the current standard for risk management of road vehicles. However, the threat analysis and risk assessment framework given in the standard focuses on asset-level analysis and assessment. Hence, this study develops a novel simulation-based framework to perform threat analysis and risk assessment on connected vehicles from a transport network perspective. The proposed framework is developed based on the ISO/SAE 21434 threat analysis and risk assessment methodology. We demonstrate the applicability and usefulness of the framework through a remote attack via the cellular network on the in-vehicle communication bus system of a connected vehicle to show the potential impacts on the transport network. Based on the findings of our case studies, we exemplify how cyberattacks on individual system components of a connected vehicle have the potential to cause systemic failures.
Original language | English |
---|---|
Article number | 103005 |
Number of pages | 16 |
Journal | Simulation Modelling Practice and Theory |
Volume | 136 |
Early online date | 31 Jul 2024 |
DOIs | |
Publication status | E-pub ahead of print - 31 Jul 2024 |
Bibliographical note
/© 2024 The Author(s).This is an Open Access article distributed under the terms of the Creative
Commons Attribution License (http://creativecommons.org/licenses/by/4.0/),
which permits unrestricted use, distribution, and reproduction in any medium,
provided the original work is properly cited..
Funder
This work was supported by Coventry University and the A*STAR Research Attachment Programme (ARAP) .Keywords
- Connected vehicles
- Automotive cybersecurity
- Risk assessment
- Simulation