Skip to main content

Cyber resilience of autonomous mobility systems: cyber-attacks and resilience-enhancing strategies

Abstract

The increasing cyber connectivity of vehicles and between vehicles and infrastructure will drastically reshape mobility in the coming decades. While the advent of connected mobility is expected to benefit travelers and the society by smoothing traffic, improving rider convenience, and reducing accidents, the augmented cyber components in connected and autonomous vehicles and related infrastructure also give rise to cyber-attacks to the transportation system. And yet, little attention has been paid to transportation cyber resilience. This paper thus proposes an investigation on this topic with a comprehensive literature review. The cyber components and plausible autonomous mobility systems (AMS) operation scenarios are discussed, before identifying possible cyber-attacks to AMS at both vehicle and system levels. The discussion then moves to existing practices to enhance cybersecurity, and a number of strategies are investigated toward enhancing AMS cyber resilience. At the vehicle level, creating layers and separation to reduce cyber component connectivity and deploying an independent procedure for data collection and processing are important in vehicle design and manufacturing. At the system level, recommended strategies include keeping redundancy in transportation capacity, maintaining a separate road network, and deploying different sub-autonomous mobility systems.

This is a preview of subscription content, access via your institution.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

References

  1. Axelrod CW (2017). Cybersecurity in the age of autonomous vehicles, intelligent traffic controls and pervasive transportation networks. In systems, applications and technology conference (LISAT), 2017 IEEE Long Island (pp. 1-6). IEEE

  2. Center for Sustainable Systems (2018). Autonomous Vehicles Factsheet. Center for Sustainable Systems, University of Michigan. Pub. No. CSS16–18

  3. Cisco (2019). What Are the Most Common Cyberattacks? Available at: https://www.cisco.com/c/en/us/products/security/common-cyberattacks.html. (accessed on 22.05.2019)

  4. Collier ZA, DiMase D, Walters S, Tehranipoor MM, Lambert JH, Linkov I (2014) Cybersecurity standards: managing risk and creating resilience. Computer 47(9):70–76

    Article  Google Scholar 

  5. Consumer Watchdog (2019). Kill switch: Why connected cars can be killing machines and how to turn them off. Available at: https://www.consumerwatchdog.org/report/kill-switch-why-connected-cars-can-be-killing-machines-and-how-turn-them (accessed 10.29.2019)

  6. Cokyasar T, Larson J (2020) Optimal assignment for the single-household shared autonomous vehicle problem. Transp Res B Methodol 141:98–115

    Article  Google Scholar 

  7. Deloitte (2016). The future of mobility: what’s next? Available at: https://www2.deloitte.com/content/dam/insights/us/articles/3367_Future-of-mobility-whats-next/DUP_Future-of-mobility-whats-next.pdf (accessed 02.02.2019)

  8. Department of Motor vehicles (2018). Modified Express Terms Title 13, Division 1, Chapter 1 Article 3.8—Deployment of Autonomous Vehicles—Deployment of Autonomous Vehicles; State of California Department of Motor Vehicles: Sacramento, CA, USA, 2018

  9. Dobran J (2019) 17 types of cyber-attacks to secure your company from in 2019. Phoenixnap. Available online at: https://phoenixnap.com/blog/cyber-security-attack-types (accessed on 05.23.2019)

  10. Eisenberg DA, Linkov I, Park J, Bates ME, Fox-Lent C, Seager TP (2014) Resilience metrics: lessons from military doctrines. Solutions 5(5):76–87

    Google Scholar 

  11. Enache NM, Netto M, Mammar S, Lusetti B (2009) Driver steering assistance for lane departure avoidance. Control Eng Pract 17(6):642–651

    Article  Google Scholar 

  12. Faturechi R, Miller-Hooks E (2014) Measuring the performance of transportation infrastructure systems in disasters: a comprehensive review. J Infrastruct Syst 21(1):04014025

    Article  Google Scholar 

  13. Fraedrich, E., & Lenz, B. (2016). Societal and individual acceptance of autonomous driving. In autonomous driving (pp. 621–640). Springer, Berlin, Heidelberg

  14. Government Accountability Office (GAO) (2016). Vehicle cybersecurity: DOT and industry have efforts under way, but DOT needs to define its role in responding to a real-world attack. Available at: https://www.gao.gov/assets/680/676064.pdf (accessed 01.29.2019)

  15. Guo C, Sentouh C, Popieul JC, Haué JB (2019) Predictive shared steering control for driver override in automated driving: a simulator study. Transport Res F: Traffic Psychol Behav 61:326–336

    Article  Google Scholar 

  16. Hallegatte S, Rentschler J, Rozenberg J (2019) Lifelines: the resilient infrastructure opportunity. World Bank Report

  17. Holling CS (1973) Resilience and stability of ecological systems. Annu Rev Ecol Syst 4(1):1–23

    Article  Google Scholar 

  18. International Transportation Forum (ITF) (2018) Corporate partnership board report. Safer Roads with Automated Vehicles. ITF/OECD

  19. Karapathy A. (2017) Software 2.0. Available online at: https://medium.com/@karpathy/software-2-0-a64152b37c35. Accessed on: 2019-05-13

  20. Katzourakis DI, Lazic N, Olsson C, Lidberg MR (2015) Driver steering override for lane-keeping aid using computer-aided engineering. IEEE/ASME Trans Mechatron 20(4):1543–1552

    Article  Google Scholar 

  21. Kisner RA (2009) Design practices for communications and workstations in highly integrated control rooms. US Nuclear Regulatory Commission, Office of Nuclear Regulatory Research

  22. Kisner RA, Manges WW, MacIntyre LP, Nutaro JJ, Munro JK, Ewing PD, ... Olama MM (2010) Cybersecurity through real-time distributed control systems. Oak Ridge National Laboratory, Technical Report ORNL/TM-2010/30

  23. Lim H, Taeihagh A (2018) Autonomous vehicles for smart and sustainable cities: an in-depth exploration of privacy and cybersecurity implications. Energies 11(5):1062

    Article  Google Scholar 

  24. Linkov I, Eisenberg DA, Plourde K, Seager TP, Allen J, Kott A (2013) Resilience metrics for cyber systems. Environ Syst Decisions 33(4):471–476

    Article  Google Scholar 

  25. Litman T (2018) Autonomous vehicle implementation predictions: implication for transport planning. Victoria Transport Institute, available at: https://www.vtpi.org/avip.pdf (accessed 02.05.2019)

  26. Marvin R (2017) Blockchain: the invisible technology That's changing the world. PCMag, available at: https://au.pcmag.com/enterprise/46389/blockchain-the-invisible-technology-thats-changing-the-world (accessed 20 January 2021)

  27. Masoud N, Jayakrishnan R (2017) Autonomous or driver-less vehicles: implementation strategies and operational concerns. Trans res part E logistics trans rev 108:179–194

    Article  Google Scholar 

  28. McCarthy C, Harnett K, Carter A (2014) A summary of cybersecurity best practices (no. DOT HS 812 075). United States. National Highway Traffic Safety Administration

  29. Mollah MB, Zhao J, Niyato D, Guan YL, Yuen C, Sun S, Lam KY, Koh LH (2020). Blockchain for the internet of vehicles towards intelligent transportation systems: a survey. IEEE Internet Things J, 1–28

  30. National Academy of Sciences (2012). Disaster resilience: a national imperative. Available at: http://www.nap.edu/catalog.php?record_id=13457 (accessed 01.31. 2019)

  31. National Highway Traffic Safety Administration. (2017). Automated driving systems 2.0: A vision for safety. Washington, DC: US Department of Transportation, DOT HS, 812, 442

  32. Noruzoliaee M, Zou B, Liu Y (2018) Roads in transition: integrated modeling of a manufacturer-traveler-infrastructure system in a mixed autonomous/human driving environment. Trans Res Part C Emerg Technol 90:307–333

    Article  Google Scholar 

  33. Noruzoliaee M, Zou B (2021) One-to-many matching and section-based formulation of autonomous ridesharing equilibrium. Transportation research part B: methodological, under review

  34. Noyes C (2016) Bitav: fast anti-malware by distributed blockchain consensus and feedforward scanning. arXiv preprint arXiv:1601.01405

  35. Park J, Seager TP, Rao PSC, Convertino M, Linkov I (2013) Integrating risk and resilience approaches to catastrophe management in engineering systems. Risk Anal 33(3):356–367

    Article  Google Scholar 

  36. Pei K, Cao Y, Yang J, Jana S (2017) Deepxplore: automated whitebox testing of deep learning systems. In proceedings of the 26th symposium on operating systems principles (pp. 1-18). ACM

  37. Pennsylvania Department of Transportation. (2016) Pennsylvania autonomous vehicle testing policy: Final draft report of the autonomous vehicle policy task force. Available at: https://www.penndot.gov/ProjectAndPrograms/ResearchandTesting/Documents/AV%20Testing%20Policy%20DRAFT%20FINAL%20REPORT.pdf (accessed 12 June 2019)

  38. Sculley D, Holt G, Golovin D, Davydov E, Phillips T, Ebner D, ... & Young M (2014) Machine learning: The high interest credit card of technical debt

  39. Senate Bill 315. 2018. General Georgia Assembly. Available online: http://www.legis.ga.gov/ legislation/en-US/Display/20172018/SB/315 (accessed on 12 June 12, 2019)

  40. Senate Bill 427. Regular Session. Pennsylvania, U.S., 2017. Available online: https://www.legis.state.pa.us/CFDOCS/Legis/PN/Public/btCheck.cfm?txtType=PDF&sessYr=2017&sessInd=0&billBody=S&billTyp=B&billNbr=0427&pn=0396 (accessed on 12 June 2019)

  41. SPY Car Act (2017). 115th Congress. United States of America, 2017. Available online: https://www.congress.gov/bill/115th-congress/senate-bill/680/text (accessed on 12 April 2019)

  42. Taeihagh A, Lim HSM (2019) Governing autonomous vehicles: emerging responses for safety, liability, privacy, cybersecurity, and industry risks. Transp Rev 39(1):103–128

    Article  Google Scholar 

  43. Texas Cybersecurity Act. 2017. Available online: https://capitol.texas.gov/tlodocs/85R/billtext/pdf /HB00008F.pdf#navpanes=0 (accessed 12 June 2019)

  44. Tian Y, Pei K, Jana S, Ray B (2018) Deeptest: automated testing of deep-neural-network-driven autonomous cars. In proceedings of the 40th international conference on software engineering (pp. 303-314). ACM

  45. Tuncali CE, Fainekos G, Ito H, Kapinski J (2018) Simulation-based adversarial test generation for autonomous vehicles with machine learning components. In 2018 IEEE intelligent vehicles symposium (IV) (pp. 1555-1562). IEEE

  46. Yagdereli E, Gemci C, Aktaş AZ (2015) A study on cyber-security of autonomous and unmanned vehicles. Journal Defense Mod Simul 12(4):369–381

    Article  Google Scholar 

  47. Zhang M, Zhang Y, Zhang L, Liu C, Khurshid S (2018) Deeproad: Gan-based metamorphic autonomous driving system testing. arXiv preprint arXiv:1802.02295

  48. Zhou Y, Wang J, Yang H (2019) Resilience of transportation systems: concepts and comprehensive review. IEEE Trans Intell Transp Syst 20:4262–4276

    Article  Google Scholar 

  49. Zou B, Rockne KJ, Vitousek S, Noruzoliaee M (2018) Ecosystem and transportation infrastructure resilience in the Great Lakes. Environ Sci Policy Sustain Dev 60(5):18–31

    Article  Google Scholar 

  50. Bruneau M, Chang SE, Eguchi RT, Lee GC, O’Rourke TD, Reinhorn AM, Shinozuka M, Tierney K, Wallace WA, Von Winterfeldt D (2003) A framework to quantitatively assess and enhance the seismic resilience of communities. Earthquake spectra 19(4):733–752

  51. Linkov I, Kott A (2019) Fundamental concepts of cyber resilience: Introduction and overview. Cyber resilience of systems and networks. Springer, Cham, pp 1–25

    Google Scholar 

Download references

Acknowledgments

The research presented in this work was funded by the World Bank Group.

Availability of data and material

Not applicable.

Code availability

Not applicable.

Funding

This paper is funded by the World Bank group.

Author information

Affiliations

Authors

Corresponding author

Correspondence to Bo Zou.

Ethics declarations

Conflicts of interest/competing interests

None.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Zou, B., Choobchian, P. & Rozenberg, J. Cyber resilience of autonomous mobility systems: cyber-attacks and resilience-enhancing strategies. J Transp Secur (2021). https://doi.org/10.1007/s12198-021-00230-w

Download citation

Keywords

  • Autonomous mobility systems
  • Cyber resilience
  • Cyber-attacks
  • Vehicle- and system-level strategies

JEL classification

  • R42 R48