Abstract
The increasing cyber connectivity of vehicles and between vehicles and infrastructure will drastically reshape mobility in the coming decades. While the advent of connected mobility is expected to benefit travelers and the society by smoothing traffic, improving rider convenience, and reducing accidents, the augmented cyber components in connected and autonomous vehicles and related infrastructure also give rise to cyber-attacks to the transportation system. And yet, little attention has been paid to transportation cyber resilience. This paper thus proposes an investigation on this topic with a comprehensive literature review. The cyber components and plausible autonomous mobility systems (AMS) operation scenarios are discussed, before identifying possible cyber-attacks to AMS at both vehicle and system levels. The discussion then moves to existing practices to enhance cybersecurity, and a number of strategies are investigated toward enhancing AMS cyber resilience. At the vehicle level, creating layers and separation to reduce cyber component connectivity and deploying an independent procedure for data collection and processing are important in vehicle design and manufacturing. At the system level, recommended strategies include keeping redundancy in transportation capacity, maintaining a separate road network, and deploying different sub-autonomous mobility systems.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Axelrod CW (2017). Cybersecurity in the age of autonomous vehicles, intelligent traffic controls and pervasive transportation networks. In systems, applications and technology conference (LISAT), 2017 IEEE Long Island (pp. 1-6). IEEE
Center for Sustainable Systems (2018). Autonomous Vehicles Factsheet. Center for Sustainable Systems, University of Michigan. Pub. No. CSS16–18
Cisco (2019). What Are the Most Common Cyberattacks? Available at: https://www.cisco.com/c/en/us/products/security/common-cyberattacks.html. (accessed on 22.05.2019)
Collier ZA, DiMase D, Walters S, Tehranipoor MM, Lambert JH, Linkov I (2014) Cybersecurity standards: managing risk and creating resilience. Computer 47(9):70–76
Consumer Watchdog (2019). Kill switch: Why connected cars can be killing machines and how to turn them off. Available at: https://www.consumerwatchdog.org/report/kill-switch-why-connected-cars-can-be-killing-machines-and-how-turn-them (accessed 10.29.2019)
Cokyasar T, Larson J (2020) Optimal assignment for the single-household shared autonomous vehicle problem. Transp Res B Methodol 141:98–115
Deloitte (2016). The future of mobility: what’s next? Available at: https://www2.deloitte.com/content/dam/insights/us/articles/3367_Future-of-mobility-whats-next/DUP_Future-of-mobility-whats-next.pdf (accessed 02.02.2019)
Department of Motor vehicles (2018). Modified Express Terms Title 13, Division 1, Chapter 1 Article 3.8—Deployment of Autonomous Vehicles—Deployment of Autonomous Vehicles; State of California Department of Motor Vehicles: Sacramento, CA, USA, 2018
Dobran J (2019) 17 types of cyber-attacks to secure your company from in 2019. Phoenixnap. Available online at: https://phoenixnap.com/blog/cyber-security-attack-types (accessed on 05.23.2019)
Eisenberg DA, Linkov I, Park J, Bates ME, Fox-Lent C, Seager TP (2014) Resilience metrics: lessons from military doctrines. Solutions 5(5):76–87
Enache NM, Netto M, Mammar S, Lusetti B (2009) Driver steering assistance for lane departure avoidance. Control Eng Pract 17(6):642–651
Faturechi R, Miller-Hooks E (2014) Measuring the performance of transportation infrastructure systems in disasters: a comprehensive review. J Infrastruct Syst 21(1):04014025
Fraedrich, E., & Lenz, B. (2016). Societal and individual acceptance of autonomous driving. In autonomous driving (pp. 621–640). Springer, Berlin, Heidelberg
Government Accountability Office (GAO) (2016). Vehicle cybersecurity: DOT and industry have efforts under way, but DOT needs to define its role in responding to a real-world attack. Available at: https://www.gao.gov/assets/680/676064.pdf (accessed 01.29.2019)
Guo C, Sentouh C, Popieul JC, Haué JB (2019) Predictive shared steering control for driver override in automated driving: a simulator study. Transport Res F: Traffic Psychol Behav 61:326–336
Hallegatte S, Rentschler J, Rozenberg J (2019) Lifelines: the resilient infrastructure opportunity. World Bank Report
Holling CS (1973) Resilience and stability of ecological systems. Annu Rev Ecol Syst 4(1):1–23
International Transportation Forum (ITF) (2018) Corporate partnership board report. Safer Roads with Automated Vehicles. ITF/OECD
Karapathy A. (2017) Software 2.0. Available online at: https://medium.com/@karpathy/software-2-0-a64152b37c35. Accessed on: 2019-05-13
Katzourakis DI, Lazic N, Olsson C, Lidberg MR (2015) Driver steering override for lane-keeping aid using computer-aided engineering. IEEE/ASME Trans Mechatron 20(4):1543–1552
Kisner RA (2009) Design practices for communications and workstations in highly integrated control rooms. US Nuclear Regulatory Commission, Office of Nuclear Regulatory Research
Kisner RA, Manges WW, MacIntyre LP, Nutaro JJ, Munro JK, Ewing PD, ... Olama MM (2010) Cybersecurity through real-time distributed control systems. Oak Ridge National Laboratory, Technical Report ORNL/TM-2010/30
Lim H, Taeihagh A (2018) Autonomous vehicles for smart and sustainable cities: an in-depth exploration of privacy and cybersecurity implications. Energies 11(5):1062
Linkov I, Eisenberg DA, Plourde K, Seager TP, Allen J, Kott A (2013) Resilience metrics for cyber systems. Environ Syst Decisions 33(4):471–476
Litman T (2018) Autonomous vehicle implementation predictions: implication for transport planning. Victoria Transport Institute, available at: https://www.vtpi.org/avip.pdf (accessed 02.05.2019)
Marvin R (2017) Blockchain: the invisible technology That's changing the world. PCMag, available at: https://au.pcmag.com/enterprise/46389/blockchain-the-invisible-technology-thats-changing-the-world (accessed 20 January 2021)
Masoud N, Jayakrishnan R (2017) Autonomous or driver-less vehicles: implementation strategies and operational concerns. Trans res part E logistics trans rev 108:179–194
McCarthy C, Harnett K, Carter A (2014) A summary of cybersecurity best practices (no. DOT HS 812 075). United States. National Highway Traffic Safety Administration
Mollah MB, Zhao J, Niyato D, Guan YL, Yuen C, Sun S, Lam KY, Koh LH (2020). Blockchain for the internet of vehicles towards intelligent transportation systems: a survey. IEEE Internet Things J, 1–28
National Academy of Sciences (2012). Disaster resilience: a national imperative. Available at: http://www.nap.edu/catalog.php?record_id=13457 (accessed 01.31. 2019)
National Highway Traffic Safety Administration. (2017). Automated driving systems 2.0: A vision for safety. Washington, DC: US Department of Transportation, DOT HS, 812, 442
Noruzoliaee M, Zou B, Liu Y (2018) Roads in transition: integrated modeling of a manufacturer-traveler-infrastructure system in a mixed autonomous/human driving environment. Trans Res Part C Emerg Technol 90:307–333
Noruzoliaee M, Zou B (2021) One-to-many matching and section-based formulation of autonomous ridesharing equilibrium. Transportation research part B: methodological, under review
Noyes C (2016) Bitav: fast anti-malware by distributed blockchain consensus and feedforward scanning. arXiv preprint arXiv:1601.01405
Park J, Seager TP, Rao PSC, Convertino M, Linkov I (2013) Integrating risk and resilience approaches to catastrophe management in engineering systems. Risk Anal 33(3):356–367
Pei K, Cao Y, Yang J, Jana S (2017) Deepxplore: automated whitebox testing of deep learning systems. In proceedings of the 26th symposium on operating systems principles (pp. 1-18). ACM
Pennsylvania Department of Transportation. (2016) Pennsylvania autonomous vehicle testing policy: Final draft report of the autonomous vehicle policy task force. Available at: https://www.penndot.gov/ProjectAndPrograms/ResearchandTesting/Documents/AV%20Testing%20Policy%20DRAFT%20FINAL%20REPORT.pdf (accessed 12 June 2019)
Sculley D, Holt G, Golovin D, Davydov E, Phillips T, Ebner D, ... & Young M (2014) Machine learning: The high interest credit card of technical debt
Senate Bill 315. 2018. General Georgia Assembly. Available online: http://www.legis.ga.gov/ legislation/en-US/Display/20172018/SB/315 (accessed on 12 June 12, 2019)
Senate Bill 427. Regular Session. Pennsylvania, U.S., 2017. Available online: https://www.legis.state.pa.us/CFDOCS/Legis/PN/Public/btCheck.cfm?txtType=PDF&sessYr=2017&sessInd=0&billBody=S&billTyp=B&billNbr=0427&pn=0396 (accessed on 12 June 2019)
SPY Car Act (2017). 115th Congress. United States of America, 2017. Available online: https://www.congress.gov/bill/115th-congress/senate-bill/680/text (accessed on 12 April 2019)
Taeihagh A, Lim HSM (2019) Governing autonomous vehicles: emerging responses for safety, liability, privacy, cybersecurity, and industry risks. Transp Rev 39(1):103–128
Texas Cybersecurity Act. 2017. Available online: https://capitol.texas.gov/tlodocs/85R/billtext/pdf /HB00008F.pdf#navpanes=0 (accessed 12 June 2019)
Tian Y, Pei K, Jana S, Ray B (2018) Deeptest: automated testing of deep-neural-network-driven autonomous cars. In proceedings of the 40th international conference on software engineering (pp. 303-314). ACM
Tuncali CE, Fainekos G, Ito H, Kapinski J (2018) Simulation-based adversarial test generation for autonomous vehicles with machine learning components. In 2018 IEEE intelligent vehicles symposium (IV) (pp. 1555-1562). IEEE
Yagdereli E, Gemci C, Aktaş AZ (2015) A study on cyber-security of autonomous and unmanned vehicles. Journal Defense Mod Simul 12(4):369–381
Zhang M, Zhang Y, Zhang L, Liu C, Khurshid S (2018) Deeproad: Gan-based metamorphic autonomous driving system testing. arXiv preprint arXiv:1802.02295
Zhou Y, Wang J, Yang H (2019) Resilience of transportation systems: concepts and comprehensive review. IEEE Trans Intell Transp Syst 20:4262–4276
Zou B, Rockne KJ, Vitousek S, Noruzoliaee M (2018) Ecosystem and transportation infrastructure resilience in the Great Lakes. Environ Sci Policy Sustain Dev 60(5):18–31
Bruneau M, Chang SE, Eguchi RT, Lee GC, O’Rourke TD, Reinhorn AM, Shinozuka M, Tierney K, Wallace WA, Von Winterfeldt D (2003) A framework to quantitatively assess and enhance the seismic resilience of communities. Earthquake spectra 19(4):733–752
Linkov I, Kott A (2019) Fundamental concepts of cyber resilience: Introduction and overview. Cyber resilience of systems and networks. Springer, Cham, pp 1–25
Acknowledgments
The research presented in this work was funded by the World Bank Group.
Availability of data and material
Not applicable.
Code availability
Not applicable.
Funding
This paper is funded by the World Bank group.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflicts of interest/competing interests
None.
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Zou, B., Choobchian, P. & Rozenberg, J. Cyber resilience of autonomous mobility systems: cyber-attacks and resilience-enhancing strategies. J Transp Secur 14, 137–155 (2021). https://doi.org/10.1007/s12198-021-00230-w
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12198-021-00230-w