The notorious B.I.T: The effects of a ransomware and a screen failure on distraction in automated driving

William Payre; Jaume Perelló-March; Ashwini Kanakapura Sriranga; Stewart Birrell

doi:10.1016/j.trf.2023.02.002

The notorious B.I.T: The effects of a ransomware and a screen failure on distraction in automated driving

William Payre, Jaume Perelló-March, Ashwini Kanakapura Sriranga, Stewart Birrell

Centre for Future Transport and Cities

Research output: Contribution to journal › Article › peer-review

9 Citations (Scopus)

273 Downloads (Pure)

Abstract

Connected and automated vehicles are vulnerable to cyber-attacks, which may jeopardise their safe and efficient operation and, as a result, negatively affect drivers’ behaviour. A major concern for such cyber-attacks is visual distraction inside the vehicle, which is one of the main causes of road accidents. In this empirical research using a driving simulator, 38 participants drove in a conditionally automated vehicle and experienced two types of failure: explicit (i.e., ransomware attack appearing on the in-vehicle screen) and silent (i.e., turn signals failed to activate on the in-vehicle screen and instrument cluster), while engaged in a non-driving related task. Drivers’ gaze behaviour, in terms of number and duration of fixation, were collected and analysed. Results showed that the HMI where the ransomware was displayed was the area of interest drivers looked at the most. The majority of drivers failed to notice that the turn signal was faulty. Nearly half of drivers looked at the ransomware for more than 12 s while driving. No effect on the timing of failure on gaze behaviour was observed. This research evidenced that ransomware attacks are distractive and pose significant risks to road safety – with one participant crashing the vehicle after resuming manual control. Data also evidenced that such connected vehicles are unlikely to meet NHTSA's distraction guidelines for safe use of in-vehicle devices.

Original language	English
Pages (from-to)	42-52
Number of pages	11
Journal	Transportation Research Part F: Traffic Psychology and Behaviour
Volume	94
Early online date	11 Feb 2023
DOIs	https://doi.org/10.1016/j.trf.2023.02.002
Publication status	Published - Apr 2023

Bibliographical note

Funder

This works was supported by the UKRI Trustworthy Autonomous Systems Hub (grant number: EP/V00784X/1). The authors would like to thank Hesamaldin Jadidbonab whose technical expertise help develop the real-time link between the simulator and the HMI, and also the cyber-security co-investigators on the project: Giedre Sabaliauskaite and Siraj Shaikh

Keywords

Eye-tracking
Cybersecurity
Automated driving
Failure
Distraction
Ransomware

Access to Document

10.1016/j.trf.2023.02.002Licence: CC BY

PublishedFinal published version, 4.69 MBLicence: CC BY
1-s2.0-S1369847823000293-mainFinal published version, 4.33 MBLicence: CC BY

Cite this

@article{fb44b9c56fae467986d5c597e1fff806,

title = "The notorious B.I.T: The effects of a ransomware and a screen failure on distraction in automated driving",

abstract = "Connected and automated vehicles are vulnerable to cyber-attacks, which may jeopardise their safe and efficient operation and, as a result, negatively affect drivers{\textquoteright} behaviour. A major concern for such cyber-attacks is visual distraction inside the vehicle, which is one of the main causes of road accidents. In this empirical research using a driving simulator, 38 participants drove in a conditionally automated vehicle and experienced two types of failure: explicit (i.e., ransomware attack appearing on the in-vehicle screen) and silent (i.e., turn signals failed to activate on the in-vehicle screen and instrument cluster), while engaged in a non-driving related task. Drivers{\textquoteright} gaze behaviour, in terms of number and duration of fixation, were collected and analysed. Results showed that the HMI where the ransomware was displayed was the area of interest drivers looked at the most. The majority of drivers failed to notice that the turn signal was faulty. Nearly half of drivers looked at the ransomware for more than 12 s while driving. No effect on the timing of failure on gaze behaviour was observed. This research evidenced that ransomware attacks are distractive and pose significant risks to road safety – with one participant crashing the vehicle after resuming manual control. Data also evidenced that such connected vehicles are unlikely to meet NHTSA's distraction guidelines for safe use of in-vehicle devices.",

keywords = "Eye-tracking, Cybersecurity, Automated driving, Failure, Distraction, Ransomware",

author = "William Payre and Jaume Perell{\'o}-March and Sriranga, {Ashwini Kanakapura} and Stewart Birrell",

note = "{\textcopyright} 2023 The Author(s). Published by Elsevier Ltd. This is an open access article under the CC BY license",

year = "2023",

month = apr,

doi = "10.1016/j.trf.2023.02.002",

language = "English",

volume = "94",

pages = "42--52",

journal = "Transportation Research Part F: Traffic Psychology and Behaviour",

issn = "1369-8478",

publisher = "Elsevier",

}

TY - JOUR

T1 - The notorious B.I.T

T2 - The effects of a ransomware and a screen failure on distraction in automated driving

AU - Payre, William

AU - Perelló-March, Jaume

AU - Sriranga, Ashwini Kanakapura

AU - Birrell, Stewart

PY - 2023/4

Y1 - 2023/4

N2 - Connected and automated vehicles are vulnerable to cyber-attacks, which may jeopardise their safe and efficient operation and, as a result, negatively affect drivers’ behaviour. A major concern for such cyber-attacks is visual distraction inside the vehicle, which is one of the main causes of road accidents. In this empirical research using a driving simulator, 38 participants drove in a conditionally automated vehicle and experienced two types of failure: explicit (i.e., ransomware attack appearing on the in-vehicle screen) and silent (i.e., turn signals failed to activate on the in-vehicle screen and instrument cluster), while engaged in a non-driving related task. Drivers’ gaze behaviour, in terms of number and duration of fixation, were collected and analysed. Results showed that the HMI where the ransomware was displayed was the area of interest drivers looked at the most. The majority of drivers failed to notice that the turn signal was faulty. Nearly half of drivers looked at the ransomware for more than 12 s while driving. No effect on the timing of failure on gaze behaviour was observed. This research evidenced that ransomware attacks are distractive and pose significant risks to road safety – with one participant crashing the vehicle after resuming manual control. Data also evidenced that such connected vehicles are unlikely to meet NHTSA's distraction guidelines for safe use of in-vehicle devices.

AB - Connected and automated vehicles are vulnerable to cyber-attacks, which may jeopardise their safe and efficient operation and, as a result, negatively affect drivers’ behaviour. A major concern for such cyber-attacks is visual distraction inside the vehicle, which is one of the main causes of road accidents. In this empirical research using a driving simulator, 38 participants drove in a conditionally automated vehicle and experienced two types of failure: explicit (i.e., ransomware attack appearing on the in-vehicle screen) and silent (i.e., turn signals failed to activate on the in-vehicle screen and instrument cluster), while engaged in a non-driving related task. Drivers’ gaze behaviour, in terms of number and duration of fixation, were collected and analysed. Results showed that the HMI where the ransomware was displayed was the area of interest drivers looked at the most. The majority of drivers failed to notice that the turn signal was faulty. Nearly half of drivers looked at the ransomware for more than 12 s while driving. No effect on the timing of failure on gaze behaviour was observed. This research evidenced that ransomware attacks are distractive and pose significant risks to road safety – with one participant crashing the vehicle after resuming manual control. Data also evidenced that such connected vehicles are unlikely to meet NHTSA's distraction guidelines for safe use of in-vehicle devices.

KW - Eye-tracking

KW - Cybersecurity

KW - Automated driving

KW - Failure

KW - Distraction

KW - Ransomware

UR - http://www.scopus.com/inward/record.url?scp=85147849799&partnerID=8YFLogxK

U2 - 10.1016/j.trf.2023.02.002

DO - 10.1016/j.trf.2023.02.002

M3 - Article

SN - 1369-8478

VL - 94

SP - 42

EP - 52

JO - Transportation Research Part F: Traffic Psychology and Behaviour

JF - Transportation Research Part F: Traffic Psychology and Behaviour

ER -

The notorious B.I.T: The effects of a ransomware and a screen failure on distraction in automated driving

Abstract

Bibliographical note

Funder

Keywords

Access to Document

Other files and links

Fingerprint

Cite this