Skip to main content
SpringerLink
Log in

Secure by Design Autonomous Emergency Braking Systems in Accordance with ISO 21434

  • Chapter
  • First Online:
Machine Learning and Optimization Techniques for Automotive Cyber-Physical Systems

  • 444 Accesses

Abstract

With the ever-increasing degree of inter-connectivity inside vehicles and the emergence of self-driving capabilities, security has become a critical demand since, without proper consideration, adversaries may become capable to remotely control vehicles endangering the life of occupants and bystanders. While several cybersecurity standards have recently emerged, such as the ISO 21434, the secure design of various automotive components is still challenging. In this chapter we make an in-depth analysis of the Autonomous Emergency Braking (AEB) system, i.e., a system designed to avoid collisions between the car and objects in front of it, having security objectives in mind. We make a careful evaluation of adversarial actions, that is, the manipulation of various sensor data and commands that are sent over CAN buses and we follow the ISO 21434 to reach concrete cyber-security goals regarding the system. We account for various types of attacks, ranging from the more conspicuous fuzzy or DoS attacks, to less visible stealthy attacks that induce small biases in the system to evade detection.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
eBook
USD 16.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 119.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://www.euroncap.com/en/vehicle-safety/safety-campaigns/2013-aeb-tests/.

  2. 2.

    https://nl.mathworks.com/help/driving/ug/autonomous-emergency-braking-with-sensor-fusion.html

References

  1. Addendum 154 – UN regulation no. 155: uniform provisions concerning the approval of vehicles with regards to cyber security and cyber security management system (2021)

    Google Scholar 

  2. AUTOSAR: Specification of intrusion detection system protocol, r20–11 edition (2020)

    Google Scholar 

  3. AUTOSAR. Specification of secure onboard communication, r20–11 edition (2020). No. 654

    Google Scholar 

  4. Ben Othmane, L., Ranchal, R., Fernando, R., Bhargava, B., Bodden, E.: Incorporating attacker capabilities in risk estimation and mitigation. Comput. Secur. 51, 41–61 (2015)

    Article  Google Scholar 

  5. Brandt, T., Tamisier, T.: The future connected car–safely developed thanks to Unece Wp. 29? In: 21 Internationales Stuttgarter Symposium, pp. 461–473. Springer, Berlin (2021)

    Google Scholar 

  6. Brown, M.: Addressing the challenges of a sector in transformation and preparing to meet new cyber compliance requirements (ISO/SAE 21434). BSI Group (2022)

    Google Scholar 

  7. Cárdenas, A.A., Amin, S., Lin, Z.-S., Huang, Y.-L., Huang, C.-Y., Sastry, S.: Attacks against process control systems: risk assessment, detection, and response. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, pp. 355–366 (2011)

    Google Scholar 

  8. Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S., Koscher, K., Czeskis, A., Roesner, F., Kohno, T.: Comprehensive experimental analyses of automotive attack surfaces. In: 20th USENIX Security Symposium (USENIX Security 11) (2011)

    Google Scholar 

  9. Gautham, S., Jayakumar, A.V., Elks, C.: Multilevel runtime security and safety monitoring for cyber physical systems using model-based engineering. In: International Conference on Computer Safety, Reliability, and Security, pp. 193–204. Springer, Berlin (2020)

    Google Scholar 

  10. Groza, B., Murvay, P.-S.: Efficient intrusion detection with bloom filtering in controller area networks. IEEE Trans. Inf. Forens. Secur. 14(4), 1037–1051 (2018)

    Article  Google Scholar 

  11. Groza, B., Gurban, H.-E., Murvay, P.-S.: Designing security for in-vehicle networks: a body control module (BCM) centered viewpoint. In: 2016 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshop (DSN-W), pp. 176–183. IEEE, Piscataway (2016)

    Google Scholar 

  12. Gurban, E.H., Groza, B., Murvay, P.-S.: Risk assessment and security countermeasures for vehicular instrument clusters. In: 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W), pp. 223–230. IEEE, Piscataway (2018)

    Google Scholar 

  13. Henniger, O., Apvrille, L., Fuchs, A., Roudier, Y., Ruddle, A., Weyl, B.: Security requirements for automotive on-board networks. In: 2009 9th International Conference on Intelligent Transport Systems Telecommunications,(ITST), pp. 641–646. IEEE, Piscataway (2009)

    Google Scholar 

  14. Islam, R., Refat, R.U.D., Yerram, S.M., Malik, H.: Graph-based intrusion detection system for controller area networks. IEEE Trans. Intell. Transp. Syst. 23, 1727–1736 (2020)

    Article  Google Scholar 

  15. ISO/IEC, ISO/SAE DIS 21434 - Road Vehicles - Cybersecurity Engineering, International Organization for Standardization, Geneva, Switzerland (2021)

    Google Scholar 

  16. Jichici, C., Groza, B., Ragobete, R., Murvay, P.-S., Andreica, T.: Effective intrusion detection and prevention for the commercial vehicle sae j1939 can bus. IEEE Trans. Intell. Transp. Syst. 23, 17425–17439 (2022)

    Article  Google Scholar 

  17. Kapoor, P., Vora, A., Kang, K.-D.: Detecting and mitigating spoofing attack against an automotive radar. In: 2018 IEEE 88th Vehicular Technology Conference (VTC-Fall), pp. 1–6. IEEE, Piscataway (2018)

    Google Scholar 

  18. Macher, G., Schmittner, C., Veledar, O., Brenner, E.: ISO/SAE DIS 21434 automotive cybersecurity standard-in a nutshell. In: International Conference on Computer Safety, Reliability, and Security, pp. 123–135. Springer, Berlin (2020)

    Google Scholar 

  19. Mader, R., Winkler, G., Reindl, N.: Thomas amd Pandya. The car’s electronic architecture in motion: the coming transformation. In: 42nd International Vienna Motor Symposium (2021)

    Google Scholar 

  20. Marchetti, M., Stabili, D., Guido, A., Colajanni, M.: Evaluation of anomaly detection for in-vehicle networks through information-theoretic algorithms. In: 2016 IEEE 2nd International Forum on Research and Technologies for Society and Industry Leveraging a Better Tomorrow (RTSI), pp. 1–6. IEEE, Piscataway (2016)

    Google Scholar 

  21. Miller, C., Valasek, C.: Remote exploitation of an unaltered passenger vehicle. Black Hat USA 2015(S 91) (2015)

    Google Scholar 

  22. Müter, M., Asaj, N.: Entropy-based anomaly detection for in-vehicle networks. In: 2011 IEEE Intelligent Vehicles Symposium (IV), pp. 1110–1115. IEEE, Piscataway (2011)

    Google Scholar 

  23. Narayanan, S.N., Mittal, S., Joshi, A.: Obd_securealert: an anomaly detection system for vehicles. In: 2016 IEEE International Conference on Smart Computing (SMARTCOMP), pp. 1–6. IEEE, Piscataway (2016)

    Google Scholar 

  24. Nassi, B., Mirsky, Y., Nassi, D., Ben-Netanel, R., Drokin, O., Elovici, Y.: Phantom of the ADAS: Securing Advanced Driver-Assistance Systems from Split-Second Phantom Attacks, pp. 293–308. Association for Computing Machinery, New York (2020)

    Google Scholar 

  25. Nie, S., Liu, L., Du, Y.: Free-fall: hacking tesla from wireless to can bus. Brief. Black Hat USA 25, 1–16 (2017)

    Google Scholar 

  26. Plappert, C., Zelle, D., Gadacz, H., Rieke, R., Scheuermann, D., Krauß, C.: Attack surface assessment for cybersecurity engineering in the automotive domain. In: 2021 29th Euromicro International Conference on Parallel, Distributed and Network-Based Processing (PDP), pp. 266–275. IEEE, Piscataway (2021)

    Google Scholar 

  27. Püllen, D., Liske, J., Katzenbeisser, S.: ISO/SAE 21434-based risk assessment of security incidents in automated road vehicles. In: International Conference on Computer Safety, Reliability, and Security, pp. 82–97. Springer, Berlin (2021)

    Google Scholar 

  28. Razikin, K., Soewito, B.: Cybersecurity decision support model to designing information technology security system based on risk analysis and cybersecurity framework. Egypt. Inf. J. 23, 383–404 (2022)

    Google Scholar 

  29. Sato, T., Shen, J., Wang, N., Jia, Y., Lin, X., Chen, Q.A.: Dirty road can attack: security of deep learning based automated lane centering under {Physical-World} attack. In: 30th USENIX Security Symposium (USENIX Security 21), pp. 3309–3326 (2021)

    Google Scholar 

  30. Schmittner, C., Schrammel, B., König, S.: Asset driven ISO/SAE 21434 compliant automotive cybersecurity analysis with threatget. In: European Conference on Software Process Improvement, pp. 548–563. Springer, Berlin (2021)

    Google Scholar 

  31. Studnia, I., Alata, E., Nicomette, V., Kaâniche, M., Laarouchi, Y.: A language-based intrusion detection approach for automotive embedded networks. Int. J. Embed. Syst. 10(1), 1–12 (2018)

    Article  Google Scholar 

  32. Sun, J., Cao, Y., Chen, Q.A., Mao, Z.M.: Towards robust {LiDAR-based} perception in autonomous driving: general black-box adversarial sensor attack and countermeasures. In: 29th USENIX Security Symposium (USENIX Security 20), pp. 877–894 (2020)

    Google Scholar 

  33. Test protocol – AEB VRU systems, version 3.0.3. In: Vulnerable Road User (VRU) Protection. Euro NCAP (2020)

    Google Scholar 

  34. Wang, Y., Wang, Y., Qin, H., Ji, H., Zhang, Y., Wang, J.: A systematic risk assessment framework of automotive cybersecurity. Autom. Innov. 4(3), 253–261 (2021)

    Article  Google Scholar 

  35. Yan, C., Xu, Z., Yin, Z., Ji, X., Xu, W.: Rolling colors: adversarial laser exploits against traffic light recognition. In: 31st USENIX Security Symposium (USENIX Security 22). USENIX Association, Boston (2022)

    Google Scholar 

  36. Zhou, C., Yan, Q., Shi, Y., Sun, L.: DoubleStar: long-range attack towards depth estimation based obstacle avoidance in autonomous systems. In: 31st USENIX Security Symposium (USENIX Security 22). USENIX Association, Boston (2022)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Faculty of Automatics and Computers, Politehnica University of Timisoara, Timisoara, Romania

    Adriana Berdich & Bogdan Groza

Authors
  1. Adriana Berdich
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bogdan Groza
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Bogdan Groza .

Editor information

Editors and Affiliations

  1. NVIDIA, Santa Clara, CA, USA

    Vipin Kumar Kukkala

  2. Colorado State University, Fort Collins, CO, USA

    Sudeep Pasricha

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Berdich, A., Groza, B. (2023). Secure by Design Autonomous Emergency Braking Systems in Accordance with ISO 21434. In: Kukkala, V.K., Pasricha, S. (eds) Machine Learning and Optimization Techniques for Automotive Cyber-Physical Systems. Springer, Cham. https://doi.org/10.1007/978-3-031-28016-0_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-28016-0_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-28015-3

  • Online ISBN: 978-3-031-28016-0

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation