Cybersecurity Assurance Challenges for Future Connected and Automated Vehicles

Luis Pedro Cobos Yelavives, Alastair R. Ruddle, Giedre Sabaliauskaite

    Research output: Chapter in Book/Report/Conference proceedingConference proceedingpeer-review

    3 Citations (Scopus)


    Increases in the connectivity of vehicles and automation of driving functions, with the goal of fully automated driving, are expected to bring many benefits to individuals and wider society. However, these technologies may also create new cybersecurity threats to vehicle user privacy, the finances of vehicle users and mobility service operators, and even the physical safety of vehicle occupants and other road users. Assuring the cybersecurity of future vehicles will therefore be key to achieving the acceptability of these new automotive technologies to society. However, traditional prescriptive assurance methods will not work for vehicle cybersecurity, due to the evolving threats, through-life software updates, and the deployment of artificial intelligence techniques. Cybersecurity regulations that are goal-oriented and risk-based, like those increasingly used in safety engineering for complex systems, are now mandated in recent vehicle type approval regulations. This results in many new assurance challenges, which will not be limited purely to cybersecurity. In particular, emerging standards have proposed that an assurance case approach should be adopted in relation to cybersecurity. This paper therefore proposes a novel cybersecurity case framework that adapts existing approaches from safety engineering, emphasizes the limitations of the analysis through eliminative argumentation, and merges in the attack-defence tree techniques used in cybersecurity engineering, with the aim of providing a better reflection of the some of the uncertainties in the cybersecurity risk analysis.
    Original languageEnglish
    Title of host publicationProceedings of the 31st European Safety and Reliability Conference (ESREL 2021)
    Editors Bruno Castanier, Marko Cepin, David Bigaud, Christophe Berenguer
    PublisherResearch Publishing (S) Pte Ltd
    Number of pages8
    ISBN (Print)978-981-18-2016-8
    Publication statusPublished - 2021
    Event31st European Safety and Reliability Conference - Angers, France
    Duration: 19 Sept 202123 Sept 2021
    Conference number: 31

    Publication series

    NameProceedings of the 31st European Safety and Reliability Conference, ESREL 2021


    Conference31st European Safety and Reliability Conference
    Abbreviated titleESREL 2021
    Internet address


    • Assurance
    • automated driving
    • connected vehicles
    • cybersecurity
    • risk
    • safety
    • software updates


    Dive into the research topics of 'Cybersecurity Assurance Challenges for Future Connected and Automated Vehicles'. Together they form a unique fingerprint.

    Cite this