Biblio

Connected smart cars enable new attacks that may have serious consequences. Thus, the development of new cars must follow a cybersecurity engineering process as defined for example in ISO/SAE 21434. A central part of such a process is the threat and risk assessment including an attack feasibility rating. In this paper, we present an attack surface assessment with focus on the attack feasibility rating compliant to ISO/SAE 21434. We introduce a reference architecture with assets constituting the attack surface, the attack feasibility rating for these assets, and the application of this rating on typical use cases. The attack feasibility rating assigns attacks and assets to an evaluation of the attacker dimensions such as the required knowledge and the feasibility of attacks derived from it. Our application of sample use cases shows how this rating can be used to assess the feasibility of an entire attack path. The attack feasibility rating can be used as a building block in a threat and risk assessment according to ISO/SAE 21434.

With self-driving cars making their way on to our roads, we ask not what it would take for them to gain acceptance among consumers, but what impact they may have on other drivers. How they will be perceived and whether they will be trusted will likely have a major effect on traffic flow and vehicular safety. This work first undertakes an exploratory factor analysis to validate a trust scale for human-robot interaction and shows how previously validated metrics and general trust theory support a more complete model of trust that has increased applicability in the driving domain. We experimentally test this expanded model in the context of human-automation interaction during simulated driving, revealing how using these dimensions uncovers significant biases within human-robot trust that may have particularly deleterious effects when it comes to sharing our future roads with automated vehicles.

The objective of this study is to explore changes of trust by a situation where drivers need to intervene. Trust in automation is a key determinant for appropriate interaction between drivers and the system. System transparency and types of system failure influence shaping trust in a supervisory control. Subjective ratings of trust were collected to examine the impact of two factors: system transparency (Detailed vs. Less) and system failure (by Limits vs. Malfunction) in a driving simulator study in which drivers experienced a partially automated vehicle. We examined trust ratings at three points: before and after driver intervention in the automated vehicle, and after subsequent experience of flawless automated driving. Our result found that system transparency did not have significant impacts on trust change from before to after the intervention. System-malfunction led trust reduction compared to those of before the intervention, whilst system-limits did not influence trust. The subsequent experience recovered decreased trust, in addition, when the system-limit occurred to drivers who have detailed information about the system, trust prompted in spite of the intervention. The present finding has implications for automation design to achieve the appropriate level of trust.

The incidence of abnormal road traffic events, especially abnormal traffic congestion, is becoming more and more prominent in daily traffic management in China. It has become the main research work of urban traffic management to detect and identify traffic congestion incidents in time. Efficient and accurate detection of traffic congestion incidents can provide a good strategy for traffic management. At present, the detection and recognition of traffic congestion events mainly rely on the integration of road traffic flow data and the passing data collected by electronic police or devices of checkpoint, and then estimating and forecasting road conditions through the method of big data analysis; Such methods often have some disadvantages such as low time-effect, low precision and small prediction range. Therefore, with the help of the current large and medium cities in the public security, traffic police have built video surveillance equipment, through computer vision technology to analyze the traffic flow from video monitoring, in this paper, the motion state and the changing trend of vehicle flow are obtained by using the technology of vehicle detection from video and multi-target tracking based on deep learning, so as to realize the perception and recognition of traffic congestion. The method achieves the recognition accuracy of less than 60 seconds in real-time, more than 80% in detection rate of congestion event and more than 82.5% in accuracy of detection. At the same time, it breaks through the restriction of traditional big data prediction, such as traffic flow data, truck pass data and GPS floating car data, and enlarges the scene and scope of detection.

Artificial intelligence (AI) software has high algorithm complexity, and the scale and dimension of the input and output parameters are high, and the test oracle isn't explicit. These features make a lot of difficulties for the design of test cases. This paper proposes an AI software testing method based on scene deductive approach. It models the input, output parameters and the environment, uses the random algorithm to generate the inputs of the test cases, then use the algorithm of deductive approach to make the software testing automatically, and use the test assertions to verify the results of the test. After description of the theory, this paper uses intelligent tracking car as an example to illustrate the application of this method and the problems needing attention. In the end, the paper describes the shortcoming of this method and the future research directions.

The measurement and provision of precise and up-to-date traffic-related key performance indicators is a key element and crucial factor for intelligent traffic control systems in upcoming smart cities. The street network is considered as a highly-dynamic Cyber Physical System (CPS) where measured information forms the foundation for dynamic control methods aiming to optimize the overall system state. Apart from global system parameters like traffic flow and density, specific data, such as velocity of individual vehicles as well as vehicle type information, can be leveraged for highly sophisticated traffic control methods like dynamic type-specific lane assignments. Consequently, solutions for acquiring these kinds of information are required and have to comply with strict requirements ranging from accuracy over cost-efficiency to privacy preservation. In this paper, we present a system for classifying vehicles based on their radio-fingerprint. In contrast to other approaches, the proposed system is able to provide real-time capable and precise vehicle classification as well as cost-efficient installation and maintenance, privacy preservation and weather independence. The system performance in terms of accuracy and resource-efficiency is evaluated in the field using comprehensive measurements. Using a machine learning based approach, the resulting success ratio for classifying cars and trucks is above 99%.

It is estimated that by 2030, 1 in 4 vehicles on the road will be driverless with adoption rates increasing this figure substantially over the next few decades.

Although transport agency has employed desensitization techniques to deal with the privacy information when publicizing vehicle license plate recognition (VLPR) data, the adversaries can still eavesdrop on vehicle trajectories by certain means and further acquire the associated person and vehicle information through background knowledge. In this work, a privacy attacking method by using the desensitized VLPR data is proposed to link the vehicle trajectory. First the road average speed is evaluated by analyzing the changes of traffic flow, which is used to estimate the vehicle's travel time to the next VLPR system. Then the vehicle suspicion list is constructed through the time relevance of neighboring VLPR systems. Finally, since vehicles may have the same features like color, type, etc, the target trajectory will be located by filtering the suspected list by the rule of qualified identifier (QI) attributes and closest time method. Based on the Foshan City's VLPR data, the method is tested and results show that correct vehicle trajectory can be linked, which proves that the current VLPR data publication way has the risk of privacy disclosure. At last, the effects of related parameters on the proposed method are discussed and effective suggestions are made for publicizing VLPR date in the future.

Technologies such as Industry 4.0 or assisted/autonomous driving are relying on highly customized cyber-physical realtime systems. Those systems are designed to match functional safety regulations and requirements such as EN ISO 13849, EN IEC 62061 or ISO 26262. However, as systems - especially vehicles - are becoming more connected and autonomous, they become more likely to suffer from new attack vectors. New features may meet the corresponding safety requirements but they do not consider adversaries intruding through security holes with the purpose of bringing vehicles into unsafe states. As research goal, we want to bridge the gap between security and safety in cyber-physical real-time systems by investigating real-time-aware intrusion-tolerant architectures for automotive use-cases.

Deep learning has undergone tremendous advancements in computer vision studies. The training of deep learning neural networks depends on a considerable amount of ground truth datasets. However, labeling ground truth data is a labor-intensive task, particularly for large-volume video analytics applications such as video surveillance and vehicles detection for autonomous driving. This paper presents a rapid and accurate method for associative searching in big image data obtained from security monitoring systems. We developed a semi-automatic moving object annotation method for improving deep learning models. The proposed method comprises three stages, namely automatic foreground object extraction, object annotation in subsequent video frames, and dataset construction using human-in-the-loop quick selection. Furthermore, the proposed method expedites dataset collection and ground truth annotation processes. In contrast to data augmentation and data generative models, the proposed method produces a large amount of real data, which may facilitate training results and avoid adverse effects engendered by artifactual data. We applied the constructed annotation dataset to train a deep learning you-only-look-once (YOLO) model to perform vehicle detection on street intersection surveillance videos. Experimental results demonstrated that the accurate detection performance was improved from a mean average precision (mAP) of 83.99 to 88.03.

In this paper we consider connected and autonomous vehicles (CAV) in a traffic network as moving waves defined by their frequency and phase. This outlook allows us to develop a multi-layer decentralized control strategy that achieves the following desirable behaviors: (1) safe spacing between vehicles traveling down the same road, (2) coordinated safe crossing at intersections of conflicting flows, (3) smooth velocity profiles when traversing adjacent intersections. The approach consist of using the Kuramoto equation to synchronize the phase and frequency of agents in the network. The output of this layer serves as the reference trajectory for a back-stepping controller that interfaces the first-order dynamics of the phase-domain layer and the second order dynamics of the vehicle. We show the performance of the strategy for a single intersection and a small urban grid network. The literature has focused on solving the intersection coordination problem in both a centralized and decentralized manner. Some authors have even used the Kuramoto equation to achieve synchronization of traffic lights. Our proposed strategy falls in the rubric of a decentralized approach, but unlike previous work, it defines the vehicles as the oscillating agents, and leverages their inter-connectivity to achieve network-wide synchronization. In this way, it combines the benefits of coordinating the crossing of vehicles at individual intersections and synchronizing flow from adjacent junctions.

The condition of road surface has a significant role in land transportation. Due to poor road conditions, the logistics and supply chain industry face a drastic loss in their business. Unmaintained roads can cause damage to goods and accidents. The existing routing techniques do not consider factors like shock, temperature and tilt of goods etc. but these factors have to be considered for the logistics and supply chain industry. This paper proposes a recommender system which target management of goods in logistics. A 3 axis accelerometer is used to measure the road surface conditions. The pothole location is obtained using Global Positioning System (GPS). Using these details a hybrid recommender system is built. Hybrid recommender system combines multiple recommendation techniques to develop an effective recommender system. Here content-based and collaborative-based techniques is combined to build a hybrid recommender system. One of the popular Multiple Criteria Decision Making (MCDM) method, The Technique for Order Preference by Similarity to Ideal Solution (TOPSIS) is used for content based filtering and normalised Euclidean distance and KNN algorithm is used for collaborative filtering. The best route recommended by the system will be displayed to the user using a map application.

Intelligent connected vehicle system tightly integrates computing, communication, and control strategy. It can increase the traffic throughput, minimize the risk of accidents and reduce the energy consumption. However, because of the openness of the vehicular ad hoc network, the system is vulnerable to cyber-attacks and may result in disastrous consequences. Hence, it is interesting in design of the connected vehicular systems to be resilient to the sensor attacks. The paper focuses on the estimation and control of the intelligent connected vehicle systems when the sensors or the wireless channels of the system are attacked by attackers. We give the upper bound of the corrupted sensors that can be corrected and design the state estimator to reconstruct the initial state by designing a closed-loop controller. Finally, we verify the algorithm for the connected vehicle system by some classical simulations.

Cooperative Intelligent Transport Systems (C-ITS) are expected to play an important role in our lives. They will improve the traffic safety and bring about a revolution on the driving experience. However, these benefits are counterbalanced by possible attacks that threaten not only the vehicle's security, but also passengers' lives. One of the most common attacks is the Sybil attack, which is even more dangerous than others because it could be the starting point of many other attacks in C-ITS. This paper proposes a distributed approach allowing the detection of Sybil attacks by using the traffic flow theory. The key idea here is that each vehicle will monitor its neighbourhood in order to detect an eventual Sybil attack. This is achieved by a comparison between the real accurate speed of the vehicle and the one estimated using the V2V communications with vehicles in the vicinity. The estimated speed is derived by using the traffic flow fundamental diagram of the road's portion where the vehicles are moving. This detection algorithm is validated through some extensive simulations conducted using the well-known NS3 network simulator with SUMO traffic simulator.

The paper considers data security and privacy issues in intelligent transportation systems which involve data streams coming out from individual vehicles to road side units. In this environment, there are issues in regards to the scalability of key management and computation limitations at the edge of the network. To address these issues, we suggest the formation of groups in the vehicular layer, where a group leader is assigned to communicate with group members and the road side unit. We propose a lightweight permutation mechanism for preserving the confidentiality and privacy of sensory data.

As the traffic congestion increases on the transport network, Payable on the road to slower speeds, longer falter times, as a consequence bigger vehicular queuing, it's necessary to introduce smart way to reduce traffic. We are already edging closer to ``smart city-smart travel''. Today, a large number of smart phone applications and connected sat-naves will help get you to your destination in the quickest and easiest manner possible due to real-time data and communication from a host of sources. In present situation, traffic lights are used in each phase. The other way is to use electronic sensors and magnetic coils that detect the congestion frequency and monitor traffic, but found to be more expensive. Hence we propose a traffic control system using image processing techniques like edge detection. The vehicles will be detected using images instead of sensors. The cameras are installed alongside of the road and it will capture image sequence for every 40 seconds. The digital image processing techniques will be applied to analyse and process the image and according to that the traffic signal lights will be controlled.

The technological development of automated vehicles opens novel cybersecurity threats and risks for road safety. Increased connectivity often results in increased risks of a cyber-security attacks, which is one of the biggest challenges for the automotive industry that undergoes a profound transformation. State of the art studies evaluated potential attacks and recommended possible measures, from technical and organizational perspective to face these challenges. In this position paper, we review these techniques and methods and show that some of the different solutions complement each other while others overlap or are even incompatible or contradictory. Based on this gap analysis, we advocate for the need of a comprehensive framework that integrates technical and organizational mitigation measures to enhance the cybersecurity of automotive vehicles.

For LTI control systems, we provide mathematical tools - in terms of Linear Matrix Inequalities - for computing outer ellipsoidal bounds on the reachable sets that attacks can induce in the system when they are subject to the physical limits of the actuators. Next, for a given set of dangerous states, states that (if reached) compromise the integrity or safe operation of the system, we provide tools for designing new artificial limits on the actuators (smaller than their physical bounds) such that the new ellipsoidal bounds (and thus the new reachable sets) are as large as possible (in terms of volume) while guaranteeing that the dangerous states are not reachable. This guarantees that the new bounds cut as little as possible from the original reachable set to minimize the loss of system performance. Computer simulations using a platoon of vehicles are presented to illustrate the performance of our tools.

In vehicular networks, each message is signed by the generating node to ensure accountability for the contents of that message. For privacy reasons, each vehicle uses a collection of certificates, which for accountability reasons are linked at a central authority. One such design is the Security Credential Management System (SCMS) [1], which is the leading credential management system in the US. The SCMS is composed of multiple components, each of which has a different task for key management, which are logically separated. The SCMS is designed to ensure privacy against a single insider compromise, or against outside adversaries. In this paper, we demonstrate that the current SCMS design fails to achieve its design goal, showing that a compromised authority can gain substantial information about certificate linkages. We propose a solution that accommodates threshold-based detection, but uses relabeling and noise to limit the information that can be learned from a single insider adversary. We also analyze our solution using techniques from differential privacy and validate it using traffic-simulator based experiments. Our results show that our proposed solution prevents privacy information leakage against the compromised authority in collusion with outsider attackers.

In Vehicular networks, privacy, especially the vehicles' location privacy is highly concerned. Several pseudonymous based privacy protection mechanisms have been established and standardized in the past few years by IEEE and ETSI. However, vehicular networks are still vulnerable to Sybil attack. In this paper, a Sybil attack detection method based on k-Nearest Neighbours (kNN) classification algorithm is proposed. In this method, vehicles are classified based on the similarity in their driving patterns. Furthermore, the kNN methods' high runtime complexity issue is also optimized. The simulation results show that our detection method can reach a high detection rate while keeping error rate low.

Software has emerged as a significant part of many domains, including financial service platforms, social networks and vehicle control. Standards organizations have responded to this by creating regulations to address issues such as safety and privacy. In this context, compliance of software with standards has emerged as a key issue. For software development organizations, compliance is a complex and costly goal to achieve and is often accomplished by producing so-called assurance cases, which demonstrate that the system indeed satisfies the property imposed by a standard (e.g., safety, privacy, security). As systems and standards undergo evolution for a variety of reasons, maintaining assurance cases multiplies the effort. In this work, we propose to exploit the connection between the field of model management and the problem of compliance management and propose methods that use model management techniques to address compliance scenarios such as assurance case evolution and reuse. For validation, we ground our approaches on the automotive domain and the ISO 26262 standard for functional safety of road vehicles.

This paper proposes a prototype of a level 3 autonomous vehicle using Raspberry Pi, capable of detecting the nearby vehicles using an IR sensor. We make the first attempt to analyze autonomous vehicles from a microscopic level, focusing on each vehicle and their communications with the nearby vehicles and road-side units. Two sets of passive and active experiments on a pair of prototypes were run, demonstrating the interconnectivity of the developed prototype. Several sensors were incorporated into an emulation based on System-on-Chip to further demonstrate the feasibility of the proposed model.

Safety and non-safety applications in the external communication systems of self-driving vehicles require authentication of control data, cooperative awareness messages and notification messages. Traditional security systems can prevent attackers from hacking or breaking important system functionality in autonomous vehicles. This paper presents a novel security system designed to protect vehicular ad hoc networks in self-driving and semi-autonomous vehicles that is based on Integrated Circuit Metric technology (ICMetrics). ICMetrics has the ability to secure communication systems in autonomous vehicles using features of the autonomous vehicle system itself. This security system is based on unique extracted features from vehicles behaviour and its sensors. Specifically, features have been extracted from bias values of infrared sensors which are used alongside semantically extracted information from a trace file of a simulated vehicular ad hoc network. The practical experimental implementation and evaluation of this system demonstrates the efficiency in identifying of abnormal/malicious behaviour typical for an attack.

This paper presents the application of fusion meth- ods to a visual surveillance scenario. The range of relevant features for re-identifying vehicles is discussed, along with the methods for fusing probabilistic estimates derived from these estimates. In particular, two statistical parametric fusion methods are considered: Bayesian Networks and the Dempster Shafer approach. The main contribution of this paper is the development of a metric to allow direct comparison of the benefits of the two methods. This is achieved by generalising the Kelly betting strategy to accommodate a variable total stake for each sample, subject to a fixed expected (mean) stake. This metric provides a method to quantify the extra information provided by the Dempster-Shafer method, in comparison to a Bayesian Fusion approach.