What should be done to ensure that CAV systems are secure?

9th November 2017

The road environment is changing drastically. Technologies for Connected and Autonomous Vehicles (CAVs) are growing and entering the market exponentially, leading to cars being increasingly connected to external servers, whether for access to infotainment services or fleet optimisation, and to other vehicles in the future. Those technologies are bringing risks of cyber threats to individuals and organisations by increasing the number of entry points to the vehicles and other connected road equipment (e.g. connected traffic lights).

Those new cyber risks generate the need for a real-time threat intelligent tool capable of monitoring the threat landscape for road environments. Whilst products have been developed in the IT sector or for specific organisations, nothing currently exists for the road sector. This has been identified as a gap as the road sector is becoming ‘computerised’. As part of FLOURISH, we are undertaking research to understand the requirements of such a threat intelligent tool, its associated capabilities, and how could this be implemented in practice.

Any threat intelligent tool for road environments should undertake the following activities, categorised into three steps:

  • Step 1 - detecting anomalies on the road network, i.e. spotting a deviation from the norm

  • Step 2 - analysing those anomalies, e.g. identify the threat or hazards underlying the anomalies; and

  • Step 3 - responding to the incident by providing a mitigation strategy

This raises a wide range of research questions, from ‘what detectors can be used to detect anomalies?’ to ‘what vulnerabilities exist within CAV systems’ and ‘what countermeasures can be applied?’.

The activities of the threat intelligent tool will involve a wide range of expertise, from data analytics for anomaly detection to deep knowledge of Intelligent Transport Systems and CAVs to understand relevant data log, normal behaviours, threats and vulnerabilities, and appropriate strategies. The tool will also need to be aligned with existing and future working practice of network operators who are likely to be assigned the further task of ensuring cyber security of the network in the future. This leads to two key take-aways:

  • a multi-disciplinary and multi-sector approach needs to be undertaken in the development of such tool, based on this multi stakeholder environment which includes OEMs, ITS service providers, network operators, but also IT security specialists.

  • a close collaboration will be required from all stakeholders as such a threat tool relies on information sharing, e.g. ITS service providers required to open their data log to security specialists or, different security systems focusing on different elements (e.g. network, software, hardware etc.) required to report to a central security systems. Corporate barriers will have to be addressed to create this sharing environment and regulation should help to that extent.

One should keep in mind that CAV systems are still far off and such a tool is relatively theoretical, with the associated regulatory environment (standards/guidance) not fully defined as yet. This implies outstanding questions are yet to be answered – an area which the FLOURISH team is currently addressing. For example, ‘what system messages are best for different incident scenarios’, and ‘what are the different strategies required for managing vehicles, depending on location but also connectivity and autonomy levels. Those outstanding questions and others represent a gap and should be the object of further standardisation if CAV systems are to successfully hit the roads in the future.

Authored by: Melina Christina, Atkins

Back to List