Browse Publications Technical Papers 2019-01-0477
2019-04-02

A Study on Comprehensive Evaluation of Intelligent Connected Vehicle Cybersecurity 2019-01-0477

In view of the automotive cybersecurity incidents occur frequently, but there is no automotive cybersecurity evaluation standard, a comprehensive evaluation method is proposed, which firstly reviews the process of obtaining automotive cybersecurity function requirements through threat analysis and risk assessment. Then the international research projects on automotive cybersecurity and the key issues are summarized. It is proposed to score (0-100) from the three dimensions of cybersecurity level, intelligence level and enterprise incident response capacity, and comprehensively evaluate the cybersecurity performance level of automobile. Cybersecurity level includes cybersecurity concept design, protection scheme verification and penetration test. We conducted penetration testing from seven aspects, including network architecture, ECU, T-box, radio, IVI, cloud platform, APP, considering 30 test groups, including software security, hardware security, communication security, identity authentication, data security, etc., and 108 test cases. The intelligence level is evaluated according to 40 documents of 5 categories, and the enterprise's incident response capacity is evaluated according to 20 documents of 5 categories. The analytic hierarchy process (AHP) is adopted to determine the weight distribution of cybersecurity level, intelligence level and enterprise incident response capacity. To ensure the reasonableness of weight allocation, 50 people of different gender, occupation and education background were invited to fill in the questionnaire. The specific scoring method for three dimensions is given and the comprehensive evaluation case of vehicle information security is given. Finally, the finiteness of this method is summarized, and it is pointed out that it can be further studied in the aspect of vulnerability rating specification and document review rules.

SAE MOBILUS

Subscribers can view annotate, and download all of SAE's content. Learn More »

Access SAE MOBILUS »

Attention: This item is not yet published. Pre-Order to be notified, via email, when it becomes available.
Members save up to 40% off list price.
Login to see discount.
Special Offer: With TechSelect, you decide what SAE Technical Papers you need, when you need them, and how much you want to pay.
X