REMIND: A Framework for the Resilient Design of Automotive Systems

In the past years, great effort has been spent on enhancing the security and safety of vehicular systems. Current advances in information and communication technology have increased the complexity of these systems and lead to extended functionalities towards self-driving and more connectivity. Unfortunately, these advances open the door for diverse and newly emerging attacks that hamper the security and, thus, the safety of vehicular systems. In this paper, we contribute to supporting the design of resilient automotive systems. We review and analyze scientific literature on resilience techniques, fault tolerance, and dependability. As a result, we present the REMIND resilience framework providing techniques for attack detection, mitigation, recovery, and resilience endurance. Moreover, we provide guidelines on how the REMIND framework can be used against common security threats and attacks and further discuss the trade-offs when applying these guidelines

RECLAMO: virtual and collaborative honeynets based on trust management and autonomous systems applied to intrusion management

Security intrusions in large systems is a problem due to its lack of scalability with the current IDS-based approaches. This paper describes the RECLAMO project, where an architecture for an Automated Intrusion Response System (AIRS) is being proposed. This system will infer the most appropriate response for a given attack, taking into account the attack type, context information, and the trust and reputation of the reporting IDSs. RECLAMO is proposing a novel approach: diverting the attack to a specific honeynet that has been dynamically built based on the attack information. Among all components forming the RECLAMO's architecture, this paper is mainly focused on defining a trust and reputation management model, essential to recognize if IDSs are exposing an honest behavior in order to accept their alerts as true. Experimental results confirm that our model helps to encourage or discourage the launch of the automatic reaction process

The challenges and opportunities of artificial intelligence in implementing trustworthy robotics and autonomous systems

Effective Robots and Autonomous Systems (RAS) must be trustworthy. Trust is essential in designing autonomous and semi-autonomous technologies, because “No trust, no use”. RAS should provide high quality of services, with the four key properties that make it trust, i.e. they must be (i) robust for any health issues, (ii) safe for any matters in their surrounding environments, (iii) secure for any threats from cyber spaces, and (iv) trusted for human-machine interaction. We have thoroughly analysed the challenges in implementing the trustworthy RAS in respects of the four properties, and addressed the power of AI in improving the trustworthiness of RAS. While we put our eyes on the benefits that AI brings to human, we should realise the potential risks that could be caused by AI. The new concept of human-centred AI will be the core in implementing the trustworthy RAS. This review could provide a brief reference for the research on AI for trustworthy RAS

Ensuring Safe and Robust Human-Machine Interaction in Autonomous Electric Vehicles: State-of-the-Art Techniques

Autonomous electric vehicles (AEVs) are gaining popularity due to their potential to reduce accidents caused by human error and decrease carbon emissions. However, ensuring safe and robust human-machine interaction in AEVs remains a significant challenge. To address this challenge, we reviewed several state-of-the-art techniques currently being developed and implemented. Our findings show that AEVs rely on a range of sensors and perception systems, including cameras, lidars, radars, and GPS, to detect and respond to their environment. Advanced perception algorithms and machine learning techniques are used to process the data collected by these sensors and provide real-time information about the vehicle's surroundings. The human-machine interface (HMI) is the primary means of interaction between the vehicle and the passenger, and it should be designed to be intuitive, informative, and easy to use. Artificial intelligence and machine learning algorithms are used to make decisions and adapt to changing road conditions. Cybersecurity measures, such as encryption, authentication, and intrusion detection, are essential to prevent cyberattacks on AEVs. Redundancy and fail-safe systems, including redundant sensors, processors, communication systems, backup power sources, and emergency braking systems, ensure that AEVs can continue to operate safely in the event of a failure or malfunction. Finally, rigorous testing and validation are necessary to ensure that AEVs meet safety standards and perform as intended. Our review provides valuable insights into the state-of-the-art techniques for ensuring robust and safe human-machine interaction in AEVs, which can guide future research and development in this area

Intrusion Resilience Systems for Modern Vehicles

Current vehicular Intrusion Detection and Prevention Systems either incur high false-positive rates or do not capture zero-day vulnerabilities, leading to safety-critical risks. In addition, prevention is limited to few primitive options like dropping network packets or extreme options, e.g., ECU Bus-off state. To fill this gap, we introduce the concept of vehicular Intrusion Resilience Systems (IRS) that ensures the resilience of critical applications despite assumed faults or zero-day attacks, as long as threat assumptions are met. IRS enables running a vehicular application in a replicated way, i.e., as a Replicated State Machine, over several ECUs, and then requiring the replicated processes to reach a form of Byzantine agreement before changing their local state. Our study rides the mutation of modern vehicular environments, which are closing the gap between simple and resource-constrained "real-time and embedded systems", and complex and powerful "information technology" ones. It shows that current vehicle (e.g., Zonal) architectures and networks are becoming plausible for such modular fault and intrusion tolerance solutions,deemed too heavy in the past. Our evaluation on a simulated Automotive Ethernet network running two state-of-the-art agreement protocols (Damysus and Hotstuff) shows that the achieved latency and throughout are feasible for many Automotive applications