Connected vehicles:organizational cybersecurity processes and their evaluation

Abstract. Vehicles have become increasingly network connected cyber physical systems and they are vulnerable to cyberattacks. In the wake of multiple vehicle hacks, automotive industry and governments have recognized the critical need of cybersecurity to be integrated into vehicle development framework and get manufactures involved in managing whole vehicle lifecycle. The United Nations Economic Commission for Europe (UNECE) WP.29 (World Forum for Harmonization of Vehicle Regulations) committee published in 2021 two new regulations for road vehicles type approval: R155 for cybersecurity and R156 for software update. The latter of these influence also to agricultural vehicle manufacturers, which is the empirical context of this study. Also new cybersecurity engineering standard from International Standardization Organization (ISO) and Society of Automotive Engineers (SAE) organizations change organizations risk management framework. The vehicle manufacturers must think security from an entirely new standpoint: how to reduce vehicle cybersecurity risk to other road users. This thesis investigates automotive regulations and standards related to cybersecurity and cybersecurity management processes. The methodology of the empirical part is design science that is a suitable method for the development of new artifacts and solutions. This study developed an organization status evaluation tool in the form of a questionnaire. Stakeholders can use the tool to collect information about organizational capabilities for comprehensive vehicles cybersecurity management process. As a main result this thesis provides base information for cybersecurity principles and processes for cybersecurity management, and an overview of current automotive regulation and automotive cybersecurity related standards.Verkotetut ajoneuvot : organisaation kyberturvallisuusprosessit ja niiden arviointi. Tiivistelmä. Ajoneuvoista on tullut kyberhyökkäyksille alttiita tietoverkkoon yhdistettyjä kyberfyysisiä järjestelmiä. Ajoneuvojen hakkeroinnit herättivät hallitukset ja ajoneuvoteollisuuden huomaamaan, että kyberturvallisuus on integroitava osaksi ajoneuvojen kehitysympäristöä ja valmistajat on saatava mukaan hallitsemaan ajoneuvon koko elinkaarta. Yhdistyneiden Kansakuntien Euroopan talouskomission (UNECE) WP.29 (World Forum for Harmonization of Vehicle Regulations) -komitean jäsenet julkaisivat vuonna 2021 kaksi uutta tyyppihyväksyntäsäädöstä maantiekäyttöön tarkoitetuille ajoneuvoille. Nämä ovat kyberturvallisuuteen R155 ja ohjelmistopäivitykseen R156 liittyvät säädökset, joista jälkimmäinen vaikuttaa myös maatalousajoneuvojen valmistajiin. Myös uusi International Standardization Organization (ISO) ja Society of Automotive Engineers (SAE) organisaatioiden yhdessä tekemä kyberturvallisuuden suunnittelustandardi muuttaa organisaatioiden riskienhallintaa. Ajoneuvovalmistajien on pohdittava turvallisuutta aivan uudesta näkökulmasta; kuinka pienentää ajoneuvojen kyberturvallisuusriskiä muille tienkäyttäjille. Tämä opinnäytetyö tutkii kyberturvallisuuteen liittyviä autoalan säädöksiä ja standardeja sekä kyberturvallisuuden johtamisprosesseja. Työn empiirinen osa käsittelee maatalousajonevoihin erikoistunutta yritystä. Empiirisen osan metodologia on suunnittelutiede, joka soveltuu uusien artefaktien ja ratkaisujen kehittämiseen. Tutkimuksen empiirisessä osassa kehitettiin uusi arviointityökalu, jolla sidosryhmät voivat kerätä tietoja organisaation valmiuksista ajoneuvojen kyberturvallisuuden hallintaan. Tämä opinnäytetyö tarjoaa pohjatietoa kyberturvallisuuden periaatteista ja kyberturvallisuuden hallinnan prosesseista sekä yleiskatsauksen nykyiseen autoalan sääntelyyn ja kyberturvallisuuteen liittyviin ajoneuvostandardeihin

Connected and vulnerable:cybersecurity in vehicles

Back in 2015, two hackers hacked a Jeep Cherokee, wirelessly gaining access to the controls of the vehicle through the vehicle’s entertainment system. The hackers slowed the vehicle down on a highway. Remarkably, this did not result in accidents. This did, however, illustrate the already existing cybersecurity risks of vehicles and their threat to road safety, thereby making legislators aware of these dangers. Recently, several legislative steps were made to improve the cybersecurity in vehicles. As cybersecurity enters the realm of road safety, it is necessary to identify the key principles for cybersecurity in vehicles. The current legal framework is discussed in light of these principles, identifying gaps in the current legal framework for cybersecurity in vehicles. As this contribution argues, the focus of the current legislative measures focuses predominantly on the ‘first line of defence’. These measures aim to prevent unauthorised access to the vehicle’s systems, but fail to identify the steps necessary to limit the damage that can be done if this first line of defence is breached and unauthorised access is gained. Moreover, other identified cybersecurity principles are not adequately ensured. In addition, the fragmentation of the current legal framework in itself gives rise to concerns

Threat Assessment and Risk Analysis (TARA) for Interoperable Medical Devices in the Operating Room Inspired by the Automotive Industry

Prevailing trends in the automotive and medical device industry, such as life cycle overarching configurability, connectivity, and automation, require an adaption of development processes, especially regarding the security and safety thereof. The changing requirements imply that interfaces are more exposed to the outside world, making them more vulnerable to cyberattacks or data leaks. Consequently, not only do development processes need to be revised but also cybersecurity countermeasures and a focus on safety, as well as privacy, have become vital. While vehicles are especially exposed to cybersecurity and safety risks, the medical devices industry faces similar issues. In the automotive industry, proposals and draft regulations exist for security-related risk assessment processes. The medical device industry, which has less experience in these topics and is more heterogeneous, may benefit from drawing inspiration from these efforts. We examined and compared current standards, processes, and methods in both the automotive and medical industries. Based on the requirements regarding safety and security for risk analysis in the medical device industry, we propose the adoption of methods already established in the automotive industry. Furthermore, we present an example based on an interoperable Operating Room table (OR table)

TOMSAC - Methodology for trade-off management between automotive safety and cyber security

Safety and security interdependencies have been of interest for researchers for several decades. However, in practice, they are not given the necessary consideration yet due to various reasons, such as lack of understanding and reluctance to change current practices. This research is aimed at advancing the state of the art in this area by developing a practical, easy to adapt and to use methodology for managing interdependencies and trade-offs throughout the development lifetime of cyber physical systems. The methodology is named TOMSAC, short for Trade-Off Management between Safety And Cyber security

Context-aware Security for Vehicles and Fleets: A Survey

Vehicles are becoming increasingly intelligent and connected. Interfaces for communication with the vehicle, such as WiFi and 5G, enable seamless integration into the user’s life, but also cyber attacks on the vehicle. Therefore, research is working on in-vehicle countermeasures such as authentication, access controls, or intrusion detection. Recently, legal regulations have also become effective that require automobile manufacturers to set up a monitoring system for fleet-wide security analysis. The growing amount of software, networking, and the automation of driving create new challenges for security. Context-awareness, situational understanding, adaptive security, and threat intelligence are necessary to cope with these ever-increasing risks. In-vehicle security should be adaptive to secure the car in an infinite number of (driving) situations. For fleet-wide analysis and alert triage, knowledge and understanding of the circumstances are required. Context-awareness, nonetheless, has been sparsely considered in the field of vehicle security. This work aims to be a precursor to context-aware, adaptive and intelligent security for vehicles and fleets. To this end, we provide a comprehensive literature review that analyzes the vehicular as well as related domains. Our survey is mainly characterized by the detailed analysis of the context information that is relevant for vehicle security in the future

Internet of Things: A Model for Cybersecurity Standards and the Categorisation of Devices

The networking of physical devices, including their infrastructure and data, is known as the Internet of Things. The number of networked devices is con- stantly increasing over the last years and is expected to continue to rise in the future. This also results in an increasing number of attacks on these devices which are considered potentially insecure. The reasons for the lack of cyber- security are diverse and lead, for example, to botnets and similar problems. Mandatory standards and guidelines can help to ensure cybersecurity re- gardless of a fast pace of development and a low price of the devices. In some areas, the development of these guidelines is already well advanced, ideally across countries as a European standard. However, problems with standardiza- tion are the different definitions of device categories and thus, the assignment of a device to a standard. Even in academia, definitions and categories for Internet of Things devices are ambiguous or completely lacking. This makes it difficult to find relevant publications. Therefore, a model of the Internet of Things was researched to solve these problems and define clear categories. The model divides the Internet of Things into categories, supplements the definitions with characteristics and distinguishes the different device types. The architectures and associated components are also considered. The model can be applied to all devices and available cybersecurity standards which is shown by mapping them to the model. The real-world applications are diverse and illustrated as different use cases. As digitalization evolves rapidly, the researched model is designed to adapt flexibly to new developments

Balancing Digital Innovation and Cybersecurity Capabilities through Organizational Ambidexterity – An Investigation in the Automotive Industry

An organization’s digital innovation capability, i.e., its ability to leverage (technological) trends and developments, is not only associated with opportunities but also entails challenges and risks. Various incidents underline the importance of cybersecurity in this context. While organizations in the automotive industry have recognized both as inevitable, they perceive a trade-off between their innovation and cybersecurity capabilities. As digital innovations are often prestigious, they might prioritize factors like time-to-market and postpone cybersecurity to development and operations. To identify factors enabling organizations to balance the ambidextrous requirements of the two, we conducted an interview study in the automotive industry. Our findings indicate that organizational ambidexterity enabled by strategic and operational elements can minimize the trade-off and the associated risks, with implications for both theory and practice

Cybersecurity of Autonomous Systems in the Transportation Sector: An Examination of Regulatory and Private Law Approaches with Recommendations for Needed Reforms

The past twenty-five years gave rise to increasing levels of automation within the transportation sector. From initial subsystems, like vessel satellite tracking and automobile chassis control, automation continues apace. The future promises fully autonomous devices such as unmanned aerial systems (“UAS”) and self-driving cars (“UAV”). These autonomous and automatic systems and devices (“AASD”) provide safety, efficiency, and productivity benefits. Yet AASD operate under continual threat of cyber-attack. ¶ Compromised AASD can produce dire consequences in the transportation sector. The possible consequences extend far beyond financial harms to severe bodily injury or even death. Given both the prevalence of cyber threats and their potentially deadly consequences, the public holds a legitimate interest in ensuring that incentives exist to address the cybersecurity of such systems. ¶ This paper examines both the private and public law mechanisms for influencing AASD cybersecurity behaviors in the transportation sector; and undertakes the first comprehensive comparison of existing agency regulatory schemes. The findings presented herein propose: (1) additional legislation to promote sharing of cyber event data; and (2) transportation sector regulatory best practices that require mandatory submission and review of cybersecurity plans by OEMs and service providers when compromise of their products or services threatens safety of life or critical infrastructure. None of the recommendations advanced herein require regulators to direct the adoption of any specific technical solution or specific cybersecurity standard. Thus, industry participants can remain nimble in the face of evolving cyber threats, while ensuring public safety through what proves to be needed regulatory oversight