Abstract
With recent advances in technology to bring about smarter cities, significant efforts are put forth to enhance living standards through efficient infrastructure and services. Smart mobility is a core aspect of the Smart City concept, looking for the design of smart solutions to the challenging urban traffic issues faced by modern cities. It is envisioned that vehicle automation will come to change our lives and society soon. Autonomous vehicles have been around for years now, driving around streets to test their ability to navigate real-world driving environments. In the long term, they are expected to improve road safety and increase citizens mobility, providing a suitable mode of transport for people who cannot drive. Although the technology is not yet mature, it has aroused the interest of both academia and industry to inherent security challenges that must be addressed before large-scale adoption. There has been a host of research efforts on the security of autonomous vehicles in terms of vulnerabilities, attacks and potential defenses. In this paper, we propose a novel taxonomy of attack surfaces in autonomous vehicles. Based on our taxonomy, we review a selection of relevant and recent research on real attack experiments carried out on many components and automated driving systems. We also perform threat modeling and risk assessment to support security aware design of autonomous vehicles.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Wyglinski, A.M., Huang, X., Padir, T., Lai, L., Eisenbarth, T.R., Venkatasubramanian, K.: Security of autonomous systems employing embedded computing and sensors. IEEE Micro 33(1), 80–86 (2013)
Waymo Homepage. https://waymo.com/. Accessed 23 Jun 2020
Tesla Autopilot. https://www.tesla.com/autopilot. Accessed 23 Jun 2020
World Health Organization, Global Status Report on Road Safety (2018)
SAE International Standard: Automated Driving: Levels of Driving Automation as per SAE J3016, (2018)
Kocić, J., Jovičić, N., Drndarević, V.: Sensors and sensor fusion in autonomous vehicles. In: 26th Telecommunications Forum, pp. 420–425. IEEE Belgrade (2018)
Petit, J., Shladover, S.E.: Potential Cyberattacks on Automated Vehicles. IEEE Trans. Intell. Transp. Syst. 16(2), 546–556 (2015)
Thing, V.L.L., Wu, J.: Autonomous vehicle security: a taxonomy of attacks and defences. In: IEEE International Conference on Internet of Things and IEEE Green Computing and Communications and IEEE Cyber, Physical and Social Computing and IEEE Smart Data, pp. 164–170. IEEE (2016)
Jain, M., Saxena, R.: VANET: security attacks, solution and simulation. In: Bhateja, V., Tavares, J.M.R.S., Rani, B.P., Prasad, V.K., Raju, K.S. (eds.) Proceedings of the Second International Conference on Computational Intelligence and Informatics. AISC, vol. 712, pp. 457–466. Springer, Singapore (2018). https://doi.org/10.1007/978-981-10-8228-3_42
Hasrouny, H., Samhat, A.E., Bassil, C., Laouiti, A.: VANET security challenges and solutions: a survey. Veh. Commun. 7, 7–20 (2017)
Bariah, L., Shehada, D., Salahat, E., Yeun, C. Y.: Recent advances in vanet security: a survey. In: 82nd Vehicular Technology Conference, pp. 1–7. IEEE, USA (2015)
Raya, M., Papadimitratos, P., Hubaux, J.P.: Securing vehicular communications. IEEE Wireless Commun. 13(5), 8–15 (2006)
Cho, K. T., Shin, K. G.: Error handling of in-vehicle networks makes them vulnerable. In: Proceedings of the ACM SIGSAC Conference on Computer and Communications Security, pp. 1044–1055. ACM, Austria (2016)
Studnia, I., Nicomette, V., Alata, E., Deswarte, Y., Kaâniche, M., Laarouchi, Y.: Survey on security threats and protection mechanisms in embedded automotive networks. In: 43rd Annual Conference on Dependable Systems and Networks Workshop, pp. 1–12. IEEE, Hungary (2013)
Nilsson, D. K., Larson, U. E., Picasso, F., Jonsson, E.: A first simulation of attacks in the automotive network communications protocol FlexRay. In: Corchado, E., Zunino, R., Gastaldo, P., Herrero, Á., (eds.) Proceedings of the International Workshop on Computational Intelligence in Security for Information Systems CISIS 2008, Advances in Soft Computing, vol. 53, pp. 84–91. Springer, Berlin (2009) https://doi.org/10.1007/978-3-540-88181-0_11
Petit, J., Stottelaar, B., Feiri, M., Kargl, F.: Remote attacks on automated vehicles sensors: experiments on camera and LiDAR. In: Black Hat Europe, Amsterdam (2015)
Yan, C., Xu, W., Liu, J.: Can you trust autonomous vehicles: contactless attacks against sensors of self-driving vehicle. In: 24th DEFCON Hacking Conference (2016)
Shoukry, Y., Martin, P., Tabuada, P., Srivastava, M.: Non-invasive spoofing attacks for anti-lock braking systems. In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 55–72. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40349-1_4
Hoppe, T., Kiltz, S., Dittmann, J.: Security threats to automotive CAN networks - practical examples and selected short-term countermeasures. Reliab. Eng. Syst. Saf. 96(1), 11–25 (2011)
Hoppe T., Dittman, J.: Sniffing/Replay attacks on CAN buses: a simulated attack on the electric window lift classified using an adapted CERT taxonomy. In: 2nd Workshop on Embedded Systems Security, pp. 1–6. Austria (2007)
Rouf, I., et al.: Security and privacy vulnerabilities of in-car wireless networks: a tire pressure monitoring system case study. In: 19th USENIX Security Symposium, pp. 323–338. Washington (2010)
Kamkar, S.: Drive it like you hacked it: new attacks and tools to wirelessly steal cars. In: 23th DEFCON Hacking Conference (2015)
News From Elsewhere, Man Fined for Painting Road Signs to Aid his Commute (2017). https://www.bbc.com/news/blogs-news-from-elsewhere-42181263. Accessed 23 Jun 2020
South China Morning Post, The Thin White Line: Van Driver Eludes Chinese Traffic Cops by Chalking his own Parking Places (2017). https://www.scmp.com/news/china/society/article/2091872/thin-white-line-van-driver-eludes-chinese-traffic-cops-chalking. Accessed 23 Jun 2020
Sitawarin, C., Bhagoji, A.N., Mosenia, A., Chiang, M., Mittal, P.: DARTS: Deceiving Autonomous Cars with Toxic Signs. ArXiv preprint :1802.06430v3 (2018)
Nassi, B., Nassi, D., Ben-Netanel, R., Mirsky, Y., Drokin, O., Elovici, T.: Phantom of the ADAS: Phantom Attacks on Driver-Assistance Systems, IACR Cryptology ePrint Archive, Report p. 085 (2020)
Ghena, B., Beyer, W., Hillaker, A., Pevarnek, J., Halderman, J.A.: Green lights forever: analyzing the security of traffic infrastructure. In: 8th USENIX Workshop on Offensive Technologies, San Diego (2014)
Miller, C., Valasek, C.: Remote exploitation of an unaltered passenger vehicle. In: 18th Black Hat USA, pp. 1–91. Las Vegas (2015)
Greenberg, A.: Hackers Remotely Kill a Jeep on the Highway - With Me in It (2015). https://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/. Accessed 23 Jun 2020
Lodge, D.: Hacking the Mitsubishi Outlander PHEV Hybrid (2016). https://www.pentestpartners.com/security-blog/hacking-the-mitsubishi-outlander-phev-hybrid-suv/. Accessed 23 Jun 2020
Hull, R.: Nissan Disables Leaf Electric Car App after Revelation that Hackers can Switch on the Heater to Drain the Battery (2016). https://www.thisismoney.co.uk/money/cars/article-3465459/Nissan-disables-Leaf-electric-car-app-hacker-revelation.html. Accessed 23 Jun 2020
Puñal, O., Aguiar, A.: Gross, J.: VANETs we trust? characterizing RF jamming in vehicular networks. In: 9th International Workshop on Vehicular Inter-networking, Systems, and Applications, pp. 83–92. ACM, UK (2012)
Jahan, F., Sun, W., Niyaz, Q., Alam, M.: Security modeling of autonomous systems: a survey. ACM Comput. Surv. 52(5), 1–34 (2019)
Karahasanovic, A., Kleberger, P., Almgren, M.: Adapting threat modeling methods for the automotive industry. In: 15th ESCAR Conference, pp. 1–10. Germany (2017)
Hernan, S., Lambert, S., Ostwald, T., Shostack, A.: Uncover Security Design Flaws Using The STRIDE Approach. MSDN magazine (2006). Accessed 05 Jul 2020
Mell, P., Scarfone, K., Romanosky, S.: A complete guide to the common vulnerability scoring system. In: FIRST - Forum of Incident Response and Security Teams (2007)
Potter, B.: Microsoft SDL threat modelling tool. Netw. Secur. 2009(1), 15–18 (2009)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Bouchelaghem, S., Bouabdallah, A., Omar, M. (2021). Autonomous Vehicle Security: Literature Review of Real Attack Experiments. In: Garcia-Alfaro, J., Leneutre, J., Cuppens, N., Yaich, R. (eds) Risks and Security of Internet and Systems. CRiSIS 2020. Lecture Notes in Computer Science(), vol 12528. Springer, Cham. https://doi.org/10.1007/978-3-030-68887-5_15
Download citation
DOI: https://doi.org/10.1007/978-3-030-68887-5_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-68886-8
Online ISBN: 978-3-030-68887-5
eBook Packages: Computer ScienceComputer Science (R0)