Skip to main content
SpringerLink
Log in

Autonomous Vehicle Security: Literature Review of Real Attack Experiments

  • Conference paper
  • First Online:
Risks and Security of Internet and Systems (CRiSIS 2020)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 12528))

Included in the following conference series:

Abstract

With recent advances in technology to bring about smarter cities, significant efforts are put forth to enhance living standards through efficient infrastructure and services. Smart mobility is a core aspect of the Smart City concept, looking for the design of smart solutions to the challenging urban traffic issues faced by modern cities. It is envisioned that vehicle automation will come to change our lives and society soon. Autonomous vehicles have been around for years now, driving around streets to test their ability to navigate real-world driving environments. In the long term, they are expected to improve road safety and increase citizens mobility, providing a suitable mode of transport for people who cannot drive. Although the technology is not yet mature, it has aroused the interest of both academia and industry to inherent security challenges that must be addressed before large-scale adoption. There has been a host of research efforts on the security of autonomous vehicles in terms of vulnerabilities, attacks and potential defenses. In this paper, we propose a novel taxonomy of attack surfaces in autonomous vehicles. Based on our taxonomy, we review a selection of relevant and recent research on real attack experiments carried out on many components and automated driving systems. We also perform threat modeling and risk assessment to support security aware design of autonomous vehicles.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Wyglinski, A.M., Huang, X., Padir, T., Lai, L., Eisenbarth, T.R., Venkatasubramanian, K.: Security of autonomous systems employing embedded computing and sensors. IEEE Micro 33(1), 80–86 (2013)

    Article  Google Scholar 

  2. Waymo Homepage. https://waymo.com/. Accessed 23 Jun 2020

  3. Tesla Autopilot. https://www.tesla.com/autopilot. Accessed 23 Jun 2020

  4. World Health Organization, Global Status Report on Road Safety (2018)

    Google Scholar 

  5. SAE International Standard: Automated Driving: Levels of Driving Automation as per SAE J3016, (2018)

    Google Scholar 

  6. Kocić, J., Jovičić, N., Drndarević, V.: Sensors and sensor fusion in autonomous vehicles. In: 26th Telecommunications Forum, pp. 420–425. IEEE Belgrade (2018)

    Google Scholar 

  7. Petit, J., Shladover, S.E.: Potential Cyberattacks on Automated Vehicles. IEEE Trans. Intell. Transp. Syst. 16(2), 546–556 (2015)

    Google Scholar 

  8. Thing, V.L.L., Wu, J.: Autonomous vehicle security: a taxonomy of attacks and defences. In: IEEE International Conference on Internet of Things and IEEE Green Computing and Communications and IEEE Cyber, Physical and Social Computing and IEEE Smart Data, pp. 164–170. IEEE (2016)

    Google Scholar 

  9. Jain, M., Saxena, R.: VANET: security attacks, solution and simulation. In: Bhateja, V., Tavares, J.M.R.S., Rani, B.P., Prasad, V.K., Raju, K.S. (eds.) Proceedings of the Second International Conference on Computational Intelligence and Informatics. AISC, vol. 712, pp. 457–466. Springer, Singapore (2018). https://doi.org/10.1007/978-981-10-8228-3_42

    Chapter  Google Scholar 

  10. Hasrouny, H., Samhat, A.E., Bassil, C., Laouiti, A.: VANET security challenges and solutions: a survey. Veh. Commun. 7, 7–20 (2017)

    Google Scholar 

  11. Bariah, L., Shehada, D., Salahat, E., Yeun, C. Y.: Recent advances in vanet security: a survey. In: 82nd Vehicular Technology Conference, pp. 1–7. IEEE, USA (2015)

    Google Scholar 

  12. Raya, M., Papadimitratos, P., Hubaux, J.P.: Securing vehicular communications. IEEE Wireless Commun. 13(5), 8–15 (2006)

    Article  Google Scholar 

  13. Cho, K. T., Shin, K. G.: Error handling of in-vehicle networks makes them vulnerable. In: Proceedings of the ACM SIGSAC Conference on Computer and Communications Security, pp. 1044–1055. ACM, Austria (2016)

    Google Scholar 

  14. Studnia, I., Nicomette, V., Alata, E., Deswarte, Y., Kaâniche, M., Laarouchi, Y.: Survey on security threats and protection mechanisms in embedded automotive networks. In: 43rd Annual Conference on Dependable Systems and Networks Workshop, pp. 1–12. IEEE, Hungary (2013)

    Google Scholar 

  15. Nilsson, D. K., Larson, U. E., Picasso, F., Jonsson, E.: A first simulation of attacks in the automotive network communications protocol FlexRay. In: Corchado, E., Zunino, R., Gastaldo, P., Herrero, Á., (eds.) Proceedings of the International Workshop on Computational Intelligence in Security for Information Systems CISIS 2008, Advances in Soft Computing, vol. 53, pp. 84–91. Springer, Berlin (2009) https://doi.org/10.1007/978-3-540-88181-0_11

  16. Petit, J., Stottelaar, B., Feiri, M., Kargl, F.: Remote attacks on automated vehicles sensors: experiments on camera and LiDAR. In: Black Hat Europe, Amsterdam (2015)

    Google Scholar 

  17. Yan, C., Xu, W., Liu, J.: Can you trust autonomous vehicles: contactless attacks against sensors of self-driving vehicle. In: 24th DEFCON Hacking Conference (2016)

    Google Scholar 

  18. Shoukry, Y., Martin, P., Tabuada, P., Srivastava, M.: Non-invasive spoofing attacks for anti-lock braking systems. In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 55–72. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40349-1_4

    Chapter  Google Scholar 

  19. Hoppe, T., Kiltz, S., Dittmann, J.: Security threats to automotive CAN networks - practical examples and selected short-term countermeasures. Reliab. Eng. Syst. Saf. 96(1), 11–25 (2011)

    Article  Google Scholar 

  20. Hoppe T., Dittman, J.: Sniffing/Replay attacks on CAN buses: a simulated attack on the electric window lift classified using an adapted CERT taxonomy. In: 2nd Workshop on Embedded Systems Security, pp. 1–6. Austria (2007)

    Google Scholar 

  21. Rouf, I., et al.: Security and privacy vulnerabilities of in-car wireless networks: a tire pressure monitoring system case study. In: 19th USENIX Security Symposium, pp. 323–338. Washington (2010)

    Google Scholar 

  22. Kamkar, S.: Drive it like you hacked it: new attacks and tools to wirelessly steal cars. In: 23th DEFCON Hacking Conference (2015)

    Google Scholar 

  23. News From Elsewhere, Man Fined for Painting Road Signs to Aid his Commute (2017). https://www.bbc.com/news/blogs-news-from-elsewhere-42181263. Accessed 23 Jun 2020

  24. South China Morning Post, The Thin White Line: Van Driver Eludes Chinese Traffic Cops by Chalking his own Parking Places (2017). https://www.scmp.com/news/china/society/article/2091872/thin-white-line-van-driver-eludes-chinese-traffic-cops-chalking. Accessed 23 Jun 2020

  25. Sitawarin, C., Bhagoji, A.N., Mosenia, A., Chiang, M., Mittal, P.: DARTS: Deceiving Autonomous Cars with Toxic Signs. ArXiv preprint :1802.06430v3 (2018)

    Google Scholar 

  26. Nassi, B., Nassi, D., Ben-Netanel, R., Mirsky, Y., Drokin, O., Elovici, T.: Phantom of the ADAS: Phantom Attacks on Driver-Assistance Systems, IACR Cryptology ePrint Archive, Report p. 085 (2020)

    Google Scholar 

  27. Ghena, B., Beyer, W., Hillaker, A., Pevarnek, J., Halderman, J.A.: Green lights forever: analyzing the security of traffic infrastructure. In: 8th USENIX Workshop on Offensive Technologies, San Diego (2014)

    Google Scholar 

  28. Miller, C., Valasek, C.: Remote exploitation of an unaltered passenger vehicle. In: 18th Black Hat USA, pp. 1–91. Las Vegas (2015)

    Google Scholar 

  29. Greenberg, A.: Hackers Remotely Kill a Jeep on the Highway - With Me in It (2015). https://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/. Accessed 23 Jun 2020

  30. Lodge, D.: Hacking the Mitsubishi Outlander PHEV Hybrid (2016). https://www.pentestpartners.com/security-blog/hacking-the-mitsubishi-outlander-phev-hybrid-suv/. Accessed 23 Jun 2020

  31. Hull, R.: Nissan Disables Leaf Electric Car App after Revelation that Hackers can Switch on the Heater to Drain the Battery (2016). https://www.thisismoney.co.uk/money/cars/article-3465459/Nissan-disables-Leaf-electric-car-app-hacker-revelation.html. Accessed 23 Jun 2020

  32. Puñal, O., Aguiar, A.: Gross, J.: VANETs we trust? characterizing RF jamming in vehicular networks. In: 9th International Workshop on Vehicular Inter-networking, Systems, and Applications, pp. 83–92. ACM, UK (2012)

    Google Scholar 

  33. Jahan, F., Sun, W., Niyaz, Q., Alam, M.: Security modeling of autonomous systems: a survey. ACM Comput. Surv. 52(5), 1–34 (2019)

    Article  Google Scholar 

  34. Karahasanovic, A., Kleberger, P., Almgren, M.: Adapting threat modeling methods for the automotive industry. In: 15th ESCAR Conference, pp. 1–10. Germany (2017)

    Google Scholar 

  35. Hernan, S., Lambert, S., Ostwald, T., Shostack, A.: Uncover Security Design Flaws Using The STRIDE Approach. MSDN magazine (2006). Accessed 05 Jul 2020

    Google Scholar 

  36. Mell, P., Scarfone, K., Romanosky, S.: A complete guide to the common vulnerability scoring system. In: FIRST - Forum of Incident Response and Security Teams (2007)

    Google Scholar 

  37. Potter, B.: Microsoft SDL threat modelling tool. Netw. Secur. 2009(1), 15–18 (2009)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Laboratoire d’Informatique Médicale, Faculté des Sciences Exactes, Université de Bejaia, Bejaia, Algérie

    Siham Bouchelaghem

  2. Heudiasyc UMR CNRS 7253, Université de Technologie de Compiègne, Compiègne, France

    Abdelmadjid Bouabdallah

  3. LIGM, ESIEE Paris, Université Gustave-Eiffel, Noisy-le-Grand, France

    Mawloud Omar

  4. Institut de Recherche Technologique SystemX, Palaiseau, France

    Mawloud Omar

Authors
  1. Siham Bouchelaghem
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Abdelmadjid Bouabdallah
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mawloud Omar
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Siham Bouchelaghem .

Editor information

Editors and Affiliations

  1. Telecom SudParis, Palaiseau, France

    Joaquin Garcia-Alfaro

  2. Telecom Paris, Palaiseau, France

    Jean Leneutre

  3. Polytechnique Montréal, Montréal, QC, Canada

    Nora Cuppens

  4. IRT SystemX, Palaiseau, France

    Reda Yaich

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Bouchelaghem, S., Bouabdallah, A., Omar, M. (2021). Autonomous Vehicle Security: Literature Review of Real Attack Experiments. In: Garcia-Alfaro, J., Leneutre, J., Cuppens, N., Yaich, R. (eds) Risks and Security of Internet and Systems. CRiSIS 2020. Lecture Notes in Computer Science(), vol 12528. Springer, Cham. https://doi.org/10.1007/978-3-030-68887-5_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-68887-5_15

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-68886-8

  • Online ISBN: 978-3-030-68887-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation