Cyberattacks on Adaptive Cruise Controls and Emergency Braking Systems: Adversary Models, Impact Assessment, and Countermeasures

IF 5 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

IEEE Transactions on Reliability Pub Date : 2024-03-25 DOI:10.1109/TR.2024.3373810

Adriana Berdich;Bogdan Groza

{"title":"Cyberattacks on Adaptive Cruise Controls and Emergency Braking Systems: Adversary Models, Impact Assessment, and Countermeasures","authors":"Adriana Berdich;Bogdan Groza","doi":"10.1109/TR.2024.3373810","DOIUrl":null,"url":null,"abstract":"In the recent years, there has been a lot of focus on designing security for in-vehicle networks and detecting intrusions. Still, no countermeasure is perfect and most of the existing intrusion detection systems have a nonzero false negative rate, which implies that adversarial frames may still go undetected on the bus. Unfortunately, answers are largely missing for what will happen with the vehicle in such circumstances, i.e., how is the safety of the vehicle and bystanders affected by adversarial actions that go undetected, while there are little or no answers on the acceptable misclassification rates in real-world deployments. In this article, we attempt to provide such answers by pursuing an impact assessment for adversarial actions on the bus assuming low false negative rates. The assessment is based on the effects of such attacks on models for automatic emergency braking and adaptive cruise control systems that are implemented in Simulink, a commonly used tool for designing such systems in the automotive industry. To achieve this, we embed adversarial behavior into the Simulink model, according to recently reported attacks on in-vehicle controller area network buses. This allows us to assess the impact of adversarial actions according to existing safety standards and regulations.","PeriodicalId":56305,"journal":{"name":"IEEE Transactions on Reliability","volume":"73 2","pages":"1216-1230"},"PeriodicalIF":5.0000,"publicationDate":"2024-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Reliability","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10478772/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

In the recent years, there has been a lot of focus on designing security for in-vehicle networks and detecting intrusions. Still, no countermeasure is perfect and most of the existing intrusion detection systems have a nonzero false negative rate, which implies that adversarial frames may still go undetected on the bus. Unfortunately, answers are largely missing for what will happen with the vehicle in such circumstances, i.e., how is the safety of the vehicle and bystanders affected by adversarial actions that go undetected, while there are little or no answers on the acceptable misclassification rates in real-world deployments. In this article, we attempt to provide such answers by pursuing an impact assessment for adversarial actions on the bus assuming low false negative rates. The assessment is based on the effects of such attacks on models for automatic emergency braking and adaptive cruise control systems that are implemented in Simulink, a commonly used tool for designing such systems in the automotive industry. To achieve this, we embed adversarial behavior into the Simulink model, according to recently reported attacks on in-vehicle controller area network buses. This allows us to assess the impact of adversarial actions according to existing safety standards and regulations.

查看原文本刊更多论文

对自适应巡航控制系统和紧急制动系统的网络攻击：对手模型、影响评估和应对措施

近年来，车载网络的安全设计和入侵检测一直备受关注。然而，没有一种对策是完美无缺的，现有的大多数入侵检测系统的假阴性率都不为零，这就意味着恶意帧仍然可能在公共汽车上未被检测到。遗憾的是，对于车辆在这种情况下会发生什么，即车辆和旁观者的安全会受到未被发现的对抗性行为的何种影响，基本上没有答案，而对于实际部署中可接受的误判率，也几乎没有答案。在这篇文章中，我们试图提供这样的答案，即假定误判率较低，对公交车上的恶意行为进行影响评估。评估基于此类攻击对自动紧急制动和自适应巡航控制系统模型的影响，这些模型是在 Simulink 中实现的，Simulink 是汽车行业设计此类系统的常用工具。为此，我们根据最近报道的对车载控制器区域网络总线的攻击，将对抗行为嵌入到 Simulink 模型中。这样，我们就能根据现有的安全标准和法规评估对抗行为的影响。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Transactions on Reliability 工程技术-工程：电子与电气

CiteScore

12.20

自引率

8.50%

发文量

153

审稿时长

7.5 months

期刊介绍： IEEE Transactions on Reliability is a refereed journal for the reliability and allied disciplines including, but not limited to, maintainability, physics of failure, life testing, prognostics, design and manufacture for reliability, reliability for systems of systems, network availability, mission success, warranty, safety, and various measures of effectiveness. Topics eligible for publication range from hardware to software, from materials to systems, from consumer and industrial devices to manufacturing plants, from individual items to networks, from techniques for making things better to ways of predicting and measuring behavior in the field. As an engineering subject that supports new and existing technologies, we constantly expand into new areas of the assurance sciences.