Security Risks and Designs in the Connected Vehicle Ecosystem: In-Vehicle and Edge Platforms

IF 5.3 Q1 ENGINEERING, ELECTRICAL & ELECTRONIC

IEEE Open Journal of Vehicular Technology Pub Date : 2024-12-30 DOI:10.1109/OJVT.2024.3524088

Marco De Vincenzi;John Moore;Bradley Smith;Sanjay E. Sarma;Ilaria Matteucci

{"title":"Security Risks and Designs in the Connected Vehicle Ecosystem: In-Vehicle and Edge Platforms","authors":"Marco De Vincenzi;John Moore;Bradley Smith;Sanjay E. Sarma;Ilaria Matteucci","doi":"10.1109/OJVT.2024.3524088","DOIUrl":null,"url":null,"abstract":"The evolution of Connected Vehicles (CVs) has introduced significant advancements in both in-vehicle and vehicle-edge platforms, creating a highly connected ecosystem. These advancements, however, have heightened exposure to cybersecurity risks. This work reviews emerging security challenges in the CV ecosystem from a new perspective, focusing on the integration of in-vehicle platforms such as the infotainment system and vehicle-edge platforms. By analyzing case studies such as Android Automotive, Message Queuing Telemetry Transport (MQTT), and the Robot Operating System (ROS), we identify the primary security threats, including malware attacks, data manipulation, and Denial of Service (DoS) attacks. The discussion extends to privacy concerns and the lack of trust-building mechanisms in CVs, highlighting how these gaps can be exploited. To mitigate these risks, we retrieve solutions drawn from the broader field of Internet of Things (IoT) security research, including Multi-Factor Authentication (MFA) and trust-based systems. The proposed framework aims to increase the trustworthiness of devices within the CV ecosystem. Finally, we identify future research directions in adaptive mechanisms and cross-domain security.","PeriodicalId":34270,"journal":{"name":"IEEE Open Journal of Vehicular Technology","volume":"6 ","pages":"442-454"},"PeriodicalIF":5.3000,"publicationDate":"2024-12-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10818588","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Open Journal of Vehicular Technology","FirstCategoryId":"1085","ListUrlMain":"https://ieeexplore.ieee.org/document/10818588/","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, ELECTRICAL & ELECTRONIC","Score":null,"Total":0}

引用次数: 0

Abstract

The evolution of Connected Vehicles (CVs) has introduced significant advancements in both in-vehicle and vehicle-edge platforms, creating a highly connected ecosystem. These advancements, however, have heightened exposure to cybersecurity risks. This work reviews emerging security challenges in the CV ecosystem from a new perspective, focusing on the integration of in-vehicle platforms such as the infotainment system and vehicle-edge platforms. By analyzing case studies such as Android Automotive, Message Queuing Telemetry Transport (MQTT), and the Robot Operating System (ROS), we identify the primary security threats, including malware attacks, data manipulation, and Denial of Service (DoS) attacks. The discussion extends to privacy concerns and the lack of trust-building mechanisms in CVs, highlighting how these gaps can be exploited. To mitigate these risks, we retrieve solutions drawn from the broader field of Internet of Things (IoT) security research, including Multi-Factor Authentication (MFA) and trust-based systems. The proposed framework aims to increase the trustworthiness of devices within the CV ecosystem. Finally, we identify future research directions in adaptive mechanisms and cross-domain security.

查看原文本刊更多论文

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Open Journal of Vehicular Technology Multiple-

CiteScore

9.60

自引率

0.00%

发文量

审稿时长

10 weeks