Information Security Risk Management of Vehicles

Dmytro Klets; Igor V. Gritsuk; Andrii Makovetskyi; Nickolay Bulgakov; Mikhail Podrigalo; Ihor Kyrychenko; Olena Volska; Nikolai Kyzminec

doi:10.4271/2018-01-0015

The results of this work is allowed to identify a number of cybersecurity threats of the automated security-critical automotive systems, which reduces the efficiency of operation, road safety and system safety. Wired or wireless access of the information networks of the modern vehicles allows to gain control over power unit, chassis, security system components and comfort systems.

According to the evaluating criterion of board electronics, the presence of poorly-protected communication channels, the 75% of the researched modern vehicles do not meet the minimum requirements of cybersecurity due to the danger of external blocking of vital systems. The revealed vulnerabilities of the security-critical automotive systems lead to the necessity of developing methods for mechanical and electronic protection of the modern vehicle.

The law of normal distribution of the mid-points of the expert evaluation of the cyber-security of a modern vehicle has been determined. Based on the system approach, ranking of the main cybersecurity treats is performed. Electronic body systems of modern vehicles are the most likely to be damaged by intruders, which can lead to the vehicle theft.

Using the complex of safety criteria of modern vehicles, the probability and possible consequences of risks in the interception of the control of vehicles are determined.

The obtained results can be used at the stages of production and operation of the vehicles with the aim to improve cybersecurity, road safety and system safety as a whole taking into account its life-cycle management.

Standards

SAE MOBILUS®

Publications

News

Events

Professional Development

A World in Motion (K-12)

Membership

Participate with SAE

Donate

Information Security Risk Management of Vehicles 2018-01-0015

SAE MOBILUS