Autonomous Vehicle Security: Hybrid Threat Modeling Approach

IF 5.3 Q1 ENGINEERING, ELECTRICAL & ELECTRONIC

IEEE Open Journal of Vehicular Technology Pub Date : 2025-06-17 DOI:10.1109/OJVT.2025.3580538

Amal Yousseef;Yu-Zheng Lin;Shalaka Satam;Banafsheh Saber Latibari;Jesus Pacheco;Soheil Salehi;Salim Hariri;Pratik Satam

{"title":"Autonomous Vehicle Security: Hybrid Threat Modeling Approach","authors":"Amal Yousseef;Yu-Zheng Lin;Shalaka Satam;Banafsheh Saber Latibari;Jesus Pacheco;Soheil Salehi;Salim Hariri;Pratik Satam","doi":"10.1109/OJVT.2025.3580538","DOIUrl":null,"url":null,"abstract":"Autonomous vehicles (AVs) are poised to revolutionize modern transportation, offering enhanced safety, efficiency, and convenience. However, AV architectures' increasing connectivity and complexity have introduced significant cybersecurity risks. This survey provides a comprehensive review of AV security challenges, focusing on widely adopted threat modeling frameworks such as STRIDE, DREAD, andMITRE ATT&CK. By examining common attack vectors and real-world case studies, including the Jeep Cherokee and Tesla Model S exploits, we highlight the urgent need for robust cybersecurity in in-vehicle systems and external interfaces. To complement existing modeling practices, we introduce Hybrid-SCDM, a novel framework that combines STRIDE-based threat classification with CVSS-derived DREAD scoring. This model transforms qualitative threat identification into quantitative risk prioritization by mapping CVSS metrics to DREAD dimensions through normalization. Applied to a generic multi-layered AV architecture, our findings show that intra-vehicle networks, especially CAN bus spoofing and fuzzing attacks, and suspension attacks, represent the most critical vulnerabilities due to their high exploitability and systemic impact. Beyond technical modeling, the survey explores emerging defense mechanisms such as blockchain-enabled Vehicle-to-Everything (V2X) communication, AI-driven anomaly detection, and secure Over-The-Air (OTA) updates. We also examine legal and ethical considerations surrounding data privacy, user safety, and regulatory compliance. By integrating analytical modeling with broad system insights, this work provides actionable recommendations for advancing the cybersecurity posture of autonomous vehicles.","PeriodicalId":34270,"journal":{"name":"IEEE Open Journal of Vehicular Technology","volume":"6 ","pages":"1774-1795"},"PeriodicalIF":5.3000,"publicationDate":"2025-06-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=11039067","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Open Journal of Vehicular Technology","FirstCategoryId":"1085","ListUrlMain":"https://ieeexplore.ieee.org/document/11039067/","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, ELECTRICAL & ELECTRONIC","Score":null,"Total":0}

引用次数: 0

Abstract

Autonomous vehicles (AVs) are poised to revolutionize modern transportation, offering enhanced safety, efficiency, and convenience. However, AV architectures' increasing connectivity and complexity have introduced significant cybersecurity risks. This survey provides a comprehensive review of AV security challenges, focusing on widely adopted threat modeling frameworks such as STRIDE, DREAD, andMITRE ATT&CK. By examining common attack vectors and real-world case studies, including the Jeep Cherokee and Tesla Model S exploits, we highlight the urgent need for robust cybersecurity in in-vehicle systems and external interfaces. To complement existing modeling practices, we introduce Hybrid-SCDM, a novel framework that combines STRIDE-based threat classification with CVSS-derived DREAD scoring. This model transforms qualitative threat identification into quantitative risk prioritization by mapping CVSS metrics to DREAD dimensions through normalization. Applied to a generic multi-layered AV architecture, our findings show that intra-vehicle networks, especially CAN bus spoofing and fuzzing attacks, and suspension attacks, represent the most critical vulnerabilities due to their high exploitability and systemic impact. Beyond technical modeling, the survey explores emerging defense mechanisms such as blockchain-enabled Vehicle-to-Everything (V2X) communication, AI-driven anomaly detection, and secure Over-The-Air (OTA) updates. We also examine legal and ethical considerations surrounding data privacy, user safety, and regulatory compliance. By integrating analytical modeling with broad system insights, this work provides actionable recommendations for advancing the cybersecurity posture of autonomous vehicles.

查看原文本刊更多论文

自动驾驶汽车安全：混合威胁建模方法

自动驾驶汽车（AVs）将彻底改变现代交通，提高安全性、效率和便利性。然而，自动驾驶架构日益增加的连接性和复杂性带来了重大的网络安全风险。本调查提供了对反病毒安全挑战的全面回顾，重点关注广泛采用的威胁建模框架，如STRIDE、DREAD和mitre ATT&CK。通过研究常见的攻击媒介和现实世界的案例研究，包括Jeep切诺基和特斯拉Model S漏洞，我们强调了在车载系统和外部接口中建立强大的网络安全的迫切需要。为了补充现有的建模实践，我们引入了Hybrid-SCDM，这是一种将基于stride的威胁分类与cvss衍生的DREAD评分相结合的新框架。该模型通过归一化将CVSS指标映射到DREAD维度，将定性的威胁识别转换为定量的风险优先级。应用于通用的多层自动驾驶架构，我们的研究结果表明，由于其高可利用性和系统性影响，车内网络，特别是CAN总线欺骗和模糊攻击，以及悬挂攻击代表了最关键的漏洞。除了技术建模之外，该调查还探讨了新兴的防御机制，如支持区块链的车联网（V2X）通信、人工智能驱动的异常检测和安全的空中（OTA）更新。我们还研究了有关数据隐私、用户安全和法规遵从性的法律和道德考虑。通过将分析建模与广泛的系统见解相结合，这项工作为推进自动驾驶汽车的网络安全态势提供了可行的建议。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊