Etude de Faisabilité des Mécanismes de Détection de Mauvais Comportement dans les systèmes de transport intelligents coopératifs (C-ITS)

International audience—Cooperative Intelligent Transport Systems (C–ITS) is an emerging technology that aims at improving road safety, traffic efficiency and drivers experience. To this end, vehicles cooperate with each others and the infrastructure by exchanging Vehicle–to–X communication (V2X) messages. In such communicating systems message authentication and privacy are of paramount importance. The commonly adopted solution to cope with these issues relies on the use of a Public Key Infrastructure (PKI) that provides digital certificates to entities of the system. Even if the use of pseudonym certificates mitigate the privacy issues, the PKI cannot address all cyber threats. That is why we need a mechanism that enable each entity of the system to detect and report misbehaving neighbors. In this paper, we provide a state-of-the-art of misbehavior detection methods. We then discuss their feasibility with respect to current standards and law compliance as well as hardware/software requirements

Secured information dissemination and misbehavior detection in VANETs

In a connected vehicle environment, the vehicles in a region can form a distributed network (Vehicular Ad-hoc Network or VANETs) where they can share traffic-related information such as congestion or no-congestion with other vehicles within its proximity, or with a centralized entity via. the roadside units (RSUs). However, false or fabricated information injected by an attacker (or a malicious vehicle) within the network can disrupt the decision-making process of surrounding vehicles or any traffic-monitoring system. Since in VANETs the size of the distributed network constituting the vehicles can be small, it is not difficult for an attacker to propagate an attack across multiple vehicles within the network. Under such circumstances, it is difficult for any traffic monitoring organization to recognize the traffic scenario of the region of interest (ROI). Furthermore, even if we are able to establish a secured connected vehicle environment, an attacker can leverage the connectivity of individual vehicles to the outside world to detect vulnerabilities, and disrupt the normal functioning of the in-vehicle networks of individual vehicles formed by the different sensors and actuators through remote injection attacks (such as Denial of Service (DoS)). Along this direction, the core contribution of our research is directed towards secured data dissemination, detection of malicious vehicles as well as false and fabricated information within the network. as well as securing the in-vehicle networks through improvisation of the existing arbitration mechanism which otherwise leads to Denial of Service (DoS) attacks (preventing legitimate components from exchanging messages in a timely manner). --Abstract, page iv

Towards a comparable evaluation for VANET protocols: NS-2 experiments builder assistant and extensible test bed

Proceedings of: 9th Embedded Security in Cars Conference (ESCAR 2011), November 9 to 10, 2011, Dresden, GermanyIn order to validate an Intelligent Transportation System (ITS) application or service, simulation techniques are usually employed. Nowadays, there are two problems associated to this kind of validation: the relative complexity of existing simulators and the lack of common criteria in the creation of simulation experiments. The first one makes it hard for users not familiar with a simulation tool to create and execute comprehensive experiments. The second one leads to a situation in which different proposals are validated in different scenarios, thus making it difficult to compare their performance. This work contributes on addressing both problems by proposing VanSimFM, an open-source assistant tool for creating NS-2 simulation experiments, and by defining an extensible test bed which contains a set of simulation scenarios. The test bed is intended to represent the different situations that may be found in a real vehicular environment.This work is partially supported by Ministerio de Ciencia e Innovacion of Spain, project E-SAVE, under grant TIN2009-13461.No publicad

Social internet of vehicles for smart cities

Open Access journa

Cyber Threats Facing Autonomous and Connected Vehicles: Future Challenges

Vehicles are currently being developed and sold with increasing levels of connectivity and automation. As with all networked computing devices, increased connectivity often results in a heightened risk of a cyber security attack. Furthermore, increased automation exacerbates any risk by increasing the opportunities for the adversary to implement a successful attack. In this paper, a large volume of publicly accessible literature is reviewed and compartmentalised based on the vulnerabilities identified and mitigation techniques developed. This review highlighted that the majority of research is reactive and vulnerabilities are often discovered by friendly adversaries (white-hat hackers). Many gaps in the knowledge base were identified. Priority should be given to address these knowledge gaps to minimise future cyber security risks in the connected and autonomous vehicle sector

APPLYING COLLABORATIVE ONLINE ACTIVE LEARNING IN VEHICULAR NETWORKS FOR FUTURE CONNECTED AND AUTONOMOUS VEHICLES

The main objective of this thesis is to provide a framework for, and proof of concept of, collaborative online active learning in vehicular networks. Another objective is to advance the state of the art in simulation-based evaluation and validation of connected intelligent vehicle applications. With advancements in machine learning and artificial intelligence, connected autonomous vehicles (CAVs) have begun to migrate from laboratory development and testing conditions to driving on public roads. Their deployment in our environmental landscape offers potential for decreases in road accidents and traffic congestion, as well as improved mobility in overcrowded cities. Although common driving scenarios can be relatively easily solved with classic perception, path planning, and motion control methods, the remaining unsolved scenarios are corner cases in which traditional methods fail. These unsolved cases are the keys to deploying CAVs safely on the road, but they require an enormous amount of data collection and high-quality human annotation, which are very cost-ineffective considering the ever-changing real-world scenarios and highly diverse road/weather conditions. Additionally, evaluating and testing applications for CAVs in real testbeds are extremely expensive, as obvious failures like crashes tend to be rare events and can hardly be captured through predefined test scenarios. Therefore, realistic simulation tools with the benefit of lower cost as well as generating reproducible experiment results are needed to complement the real testbeds in validating applications for CAVs. Therefore, in this thesis, we address the challenges therein and establish the fundamentals of the collaborative online active learning framework in vehicular network for future connected and autonomous vehicles.Ph.D

PNT cyber resilience : a Lab2Live observer based approach, Report 1 : GNSS resilience and identified vulnerabilities. Technical Report 1

The use of global navigation satellite systems (GNSS) such as GPS and Galileo are vital sources of positioning, navigation and timing (PNT) information for vehicles. This information is of critical importance for connected autonomous vehicles (CAVs) due to their dependence on this information for localisation, route planning and situational awareness. A downside to solely relying on GNSS for PNT is that the signal strength arriving from navigation satellites in space is weak and currently there is no authentication included in the civilian GNSS adopted in the automotive industry. This means that cyber-attacks against the GNSS signal via jamming or spoofing are attractive to adversaries due to the potentially high impact they can achieve. This report reviews the vulnerabilities of GNSS services for CAVs (a summary is shown in Figure 1), as well as detection and mitigating techniques, summarises the opinions on PNT cyber testing sourced from a select group of experts, and finishes with a description of the associated lab-based and real-world feasibility study and proposed research methodology

On the Secure and Resilient Design of Connected Vehicles: Methods and Guidelines

Vehicles have come a long way from being purely mechanical systems to systems that consist of an internal network of more than 100 microcontrollers and systems that communicate with external entities, such as other vehicles, road infrastructure, the manufacturer’s cloud and external applications. This combination of resource constraints, safety-criticality, large attack surface and the fact that millions of people own and use them each day, makes securing vehicles particularly challenging as security practices and methods need to be tailored to meet these requirements.This thesis investigates how security demands should be structured to ease discussions and collaboration between the involved parties and how requirements engineering can be accelerated by introducing generic security requirements. Practitioners are also assisted in choosing appropriate techniques for securing vehicles by identifying and categorising security and resilience techniques suitable for automotive systems. Furthermore, three specific mechanisms for securing automotive systems and providing resilience are designed and evaluated. The first part focuses on cyber security requirements and the identification of suitable techniques based on three different approaches, namely (i) providing a mapping to security levels based on a review of existing security standards and recommendations; (ii) proposing a taxonomy for resilience techniques based on a literature review; and (iii) combining security and resilience techniques to protect automotive assets that have been subject to attacks. The second part presents the design and evaluation of three techniques. First, an extension for an existing freshness mechanism to protect the in-vehicle communication against replay attacks is presented and evaluated. Second, a trust model for Vehicle-to-Vehicle communication is developed with respect to cyber resilience to allow a vehicle to include trust in neighbouring vehicles in its decision-making processes. Third, a framework is presented that enables vehicle manufacturers to protect their fleet by detecting anomalies and security attacks using vehicle trust and the available data in the cloud