Approaching the Automation of Cyber Security Testing of Connected Vehicles

The advancing digitalization of vehicles and automotive systems bears many advantages for creating and enhancing comfort and safety-related systems ranging from drive-by-wire, inclusion of advanced displays, entertainment systems up to sophisticated driving assistance and autonomous driving. It, however, also contains the inherent risk of being used for purposes that are not intended for, raging from small non-authorized customizations to the possibility of full-scale cyberattacks that affect several vehicles to whole fleets and vital systems such as steering and engine control. To prevent such conditions and mitigate cybersecurity risks from affecting the safety of road traffic, testing cybersecurity must be adopted into automotive testing at a large scale. Currently, the manual penetration testing processes cannot uphold the increasing demand due to time and cost to test complex systems. We propose an approach for an architecture that (semi-)automates automotive cybersecurity test, allowing for more economic testing and therefore keeping up to the rising demand induced by new vehicle functions as well as the development towards connected and autonomous vehicles.Comment: 3 pages, 1 figure, Central European Cybersecurity Conference 2019 (CECC2019), Munic

Ethical and Social Aspects of Self-Driving Cars

As an envisaged future of transportation, self-driving cars are being discussed from various perspectives, including social, economical, engineering, computer science, design, and ethics. On the one hand, self-driving cars present new engineering problems that are being gradually successfully solved. On the other hand, social and ethical problems are typically being presented in the form of an idealized unsolvable decision-making problem, the so-called trolley problem, which is grossly misleading. We argue that an applied engineering ethical approach for the development of new technology is what is needed; the approach should be applied, meaning that it should focus on the analysis of complex real-world engineering problems. Software plays a crucial role for the control of self-driving cars; therefore, software engineering solutions should seriously handle ethical and social considerations. In this paper we take a closer look at the regulative instruments, standards, design, and implementations of components, systems, and services and we present practical social and ethical challenges that have to be met, as well as novel expectations for software engineering.Comment: 11 pages, 3 figures, 2 table

Synergizing Roadway Infrastructure Investment with Digital Infrastructure for Infrastructure-Based Connected Vehicle Applications: Review of Current Status and Future Directions

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.The safety, mobility, environmental and economic benefits of Connected and Autonomous Vehicles (CAVs) are potentially dramatic. However, realization of these benefits largely hinges on the timely upgrading of the existing transportation system. CAVs must be enabled to send and receive data to and from other vehicles and drivers (V2V communication) and to and from infrastructure (V2I communication). Further, infrastructure and the transportation agencies that manage it must be able to collect, process, distribute and archive these data quickly, reliably, and securely. This paper focuses on current digital roadway infrastructure initiatives and highlights the importance of including digital infrastructure investment alongside more traditional infrastructure investment to keep up with the auto industry's push towards this real time communication and data processing capability. Agencies responsible for transportation infrastructure construction and management must collaborate, establishing national and international platforms to guide the planning, deployment and management of digital infrastructure in their jurisdictions. This will help create standardized interoperable national and international systems so that CAV technology is not deployed in a haphazard and uncoordinated manner

VANET Applications: Hot Use Cases

Current challenges of car manufacturers are to make roads safe, to achieve free flowing traffic with few congestions, and to reduce pollution by an effective fuel use. To reach these goals, many improvements are performed in-car, but more and more approaches rely on connected cars with communication capabilities between cars, with an infrastructure, or with IoT devices. Monitoring and coordinating vehicles allow then to compute intelligent ways of transportation. Connected cars have introduced a new way of thinking cars - not only as a mean for a driver to go from A to B, but as smart cars - a user extension like the smartphone today. In this report, we introduce concepts and specific vocabulary in order to classify current innovations or ideas on the emerging topic of smart car. We present a graphical categorization showing this evolution in function of the societal evolution. Different perspectives are adopted: a vehicle-centric view, a vehicle-network view, and a user-centric view; described by simple and complex use-cases and illustrated by a list of emerging and current projects from the academic and industrial worlds. We identified an empty space in innovation between the user and his car: paradoxically even if they are both in interaction, they are separated through different application uses. Future challenge is to interlace social concerns of the user within an intelligent and efficient driving

Federated Robust Embedded Systems: Concepts and Challenges

The development within the area of embedded systems (ESs) is moving rapidly, not least due to falling costs of computation and communication equipment. It is believed that increased communication opportunities will lead to the future ESs no longer being parts of isolated products, but rather parts of larger communities or federations of ESs, within which information is exchanged for the benefit of all participants. This vision is asserted by a number of interrelated research topics, such as the internet of things, cyber-physical systems, systems of systems, and multi-agent systems. In this work, the focus is primarily on ESs, with their specific real-time and safety requirements. While the vision of interconnected ESs is quite promising, it also brings great challenges to the development of future systems in an efficient, safe, and reliable way. In this work, a pre-study has been carried out in order to gain a better understanding about common concepts and challenges that naturally arise in federations of ESs. The work was organized around a series of workshops, with contributions from both academic participants and industrial partners with a strong experience in ES development. During the workshops, a portfolio of possible ES federation scenarios was collected, and a number of application examples were discussed more thoroughly on different abstraction levels, starting from screening the nature of interactions on the federation level and proceeding down to the implementation details within each ES. These discussions led to a better understanding of what can be expected in the future federated ESs. In this report, the discussed applications are summarized, together with their characteristics, challenges, and necessary solution elements, providing a ground for the future research within the area of communicating ESs

Design and development considerations of a cyber physical testbed for operational technology research and education

Cyber-physical systems (CPS) are vital in automating complex tasks across various sectors, yet they face significant vulnerabilities due to the rising threats of cybersecurity attacks. The recent surge in cyber-attacks on critical infrastructure (CI) and industrial control systems (ICSs), with a 150% increase in 2022 affecting over 150 industrial operations, underscores the urgent need for advanced cybersecurity strategies and education. To meet this requirement, we develop a specialised cyber-physical testbed (CPT) tailored for transportation CI, featuring a simplified yet effective automated level-crossing system. This hybrid CPT serves as a cost-effective, high-fidelity, and safe platform to facilitate cybersecurity education and research. High-fidelity networking and low-cost development are achieved by emulating the essential ICS components using single-board computers (SBC) and open-source solutions. The physical implementation of an automated level-crossing visualised the tangible consequences on real-world systems while emphasising their potential impact. The meticulous selection of sensors enhances the CPT, allowing for the demonstration of analogue transduction attacks on this physical implementation. Incorporating wireless access points into the CPT facilitates multi-user engagement and an infrared remote control streamlines the reinitialization effort and time after an attack. The SBCs overwhelm as traffic surges to 12 Mbps, demonstrating the consequences of denial-of-service attacks. Overall, the design offers a cost-effective, open-source, and modular solution that is simple to maintain, provides ample challenges for users, and supports future expansion.</p

Scenarios for the development of smart grids in the UK: literature review

Smart grids are expected to play a central role in any transition to a low-carbon energy future, and much research is currently underway on practically every area of smart grids. However, it is evident that even basic aspects such as theoretical and operational definitions, are yet to be agreed upon and be clearly defined. Some aspects (efficient management of supply, including intermittent supply, two-way communication between the producer and user of electricity, use of IT technology to respond to and manage demand, and ensuring safe and secure electricity distribution) are more commonly accepted than others (such as smart meters) in defining what comprises a smart grid. It is clear that smart grid developments enjoy political and financial support both at UK and EU levels, and from the majority of related industries. The reasons for this vary and include the hope that smart grids will facilitate the achievement of carbon reduction targets, create new employment opportunities, and reduce costs relevant to energy generation (fewer power stations) and distribution (fewer losses and better stability). However, smart grid development depends on additional factors, beyond the energy industry. These relate to issues of public acceptability of relevant technologies and associated risks (e.g. data safety, privacy, cyber security), pricing, competition, and regulation; implying the involvement of a wide range of players such as the industry, regulators and consumers. The above constitute a complex set of variables and actors, and interactions between them. In order to best explore ways of possible deployment of smart grids, the use of scenarios is most adequate, as they can incorporate several parameters and variables into a coherent storyline. Scenarios have been previously used in the context of smart grids, but have traditionally focused on factors such as economic growth or policy evolution. Important additional socio-technical aspects of smart grids emerge from the literature review in this report and therefore need to be incorporated in our scenarios. These can be grouped into four (interlinked) main categories: supply side aspects, demand side aspects, policy and regulation, and technical aspects.

Satellite Navigation for the Age of Autonomy

Global Navigation Satellite Systems (GNSS) brought navigation to the masses. Coupled with smartphones, the blue dot in the palm of our hands has forever changed the way we interact with the world. Looking forward, cyber-physical systems such as self-driving cars and aerial mobility are pushing the limits of what localization technologies including GNSS can provide. This autonomous revolution requires a solution that supports safety-critical operation, centimeter positioning, and cyber-security for millions of users. To meet these demands, we propose a navigation service from Low Earth Orbiting (LEO) satellites which deliver precision in-part through faster motion, higher power signals for added robustness to interference, constellation autonomous integrity monitoring for integrity, and encryption / authentication for resistance to spoofing attacks. This paradigm is enabled by the 'New Space' movement, where highly capable satellites and components are now built on assembly lines and launch costs have decreased by more than tenfold. Such a ubiquitous positioning service enables a consistent and secure standard where trustworthy information can be validated and shared, extending the electronic horizon from sensor line of sight to an entire city. This enables the situational awareness needed for true safe operation to support autonomy at scale.Comment: 11 pages, 8 figures, 2020 IEEE/ION Position, Location and Navigation Symposium (PLANS

Mitigating the Effects of Cyber Attacks and Human Control in an Autonomous Intersection

Widespread use of fully autonomous vehicles is near. However, the desire for a human to maintain control, even if limited, of a vehicle will likely never fully subside. Protocols to safely and efficiently manage reservation-based intersections with a mixture of fully autonomous, semi-autonomous, and non-autonomous vehicles exist such as AIM, SemiAIM, and H-AIM. Missing from these protocols is persistent human control of semi-autonomous vehicles in approaching and navigating autonomous intersections without the use of traditional signals. This thesis offers a proof-of-concept of a reservation-based protocol with necessary extensions required for human control in semi-autonomous vehicles. Desired is a protocol that maintains the benefits in efficiency of a fully autonomous environment, such as AIM, while allowing persistent human control of a vehicle. Proposed are possible feedback mechanisms for human response such as displays detailing intersection arrival time, goal velocity, lane keeping assistance, and other warnings. Also developed is a synthetic environment able to demonstrate cyber attacks, their mitigations, and aid in designing a protocol introducing persistent human control. The AFTR Burner three-dimensional virtual world offers the ability to model this physics based environment in a highly predictable and realistic manner. The reservation-based protocol used in the synthetic environment is first verified and validated against both an established reservation-based protocol, such as AIM, and also use case scenarios to determine if the expected behavior is exhibited. Preliminary observations suggest that persistent human control is a possibility among reservation-based autonomous intersections, but further research must be done to determine its viability