Improving ITS-G5 Cybersecurity Features Starting from Hacking IEEE 802.11p V2X Communications Through Low-Cost SDR Devices

Abstract

This paper analyzes V2X and IoT autonomous vehicles cybersecurity risks. Security assessments are a demanding activity because the auditor must gain domain specific knowledge during the assessment itself. One important aspect of investigation is the potential for the system users to inadvertently compromise security measures or privacy restrictions on data access. The autonomous driving (AD) domain is one of the first examples of application in which safety critical decisions are taken collaboratively by system users and Artificial Intelligence algorithms. Thus while the AD system must help the user driving and the driver/passenger to be able to control the autonomous car overall behavior, the on board security system must avoid rogue users from compromising the travel safety and availability first while also guaranteeing the user privacy. In this context security and safety can mandate seemingly contradicting requirements and also usability can be impaired by security measures. AD projects are trying to evolve risk assessment methodologies in order to deal with such scenarios. Moreover the introduction of IoT technologies into the AD context (e.g. the Autopilot project) is an important vulnerability that has to be taken into account. This paper describes an example in which a standard framework, designed for Industrial Automation Control Systems to V2X and IoT autonomous driving, is employed while keeping into account the AD and IoT requirements.