Litcius/Paper detail

A Systematic Risk Assessment Framework of Automotive Cybersecurity

Yunpeng Wang, Yinghui Wang, Hongmao Qin, Haojie Ji, Yanan Zhang, Jian Wang

2021Automotive Innovation56 citationsDOIOpen Access PDF

Abstract

Abstract The increasingly intelligent and connected vehicles have brought many unprecedented automotive cybersecurity threats, which may cause privacy breaches, personal injuries, and even national security issues. Before providing effective security solutions, a comprehensive risk assessment of the automotive cybersecurity must be carried out. A systematic cybersecurity risk assessment framework for automobiles is proposed in this study. It consists of an assessment process and systematic assessment methods considering the changes of threat environment, evaluation target, and available information in vehicle lifecycle. In the process of risk identification and risk analysis, the impact level and attack feasibility level are assessed based on the STRIDE model and attack tree method. An automotive cybersecurity risk matrix using a global rating algorithm is then constructed to create a quantitative risk metric. Finally, the applicability and feasibility of the proposed risk assessment framework are demonstrated through a use case, and the results prove that the proposed framework is effective. The proposed assessment framework helps to systematically derive automotive cybersecurity requirements.

Topics & Concepts

Automotive industryComputer securityProcess (computing)Risk assessmentIdentification (biology)Computer scienceMetric (unit)Risk analysis (engineering)Risk managementEngineeringBusinessOperations managementFinanceBotanyBiologyOperating systemAerospace engineeringVehicular Ad Hoc Networks (VANETs)Safety Systems Engineering in AutonomyInformation and Cyber Security
A Systematic Risk Assessment Framework of Automotive Cybersecurity | Litcius