The rapid evolution of intelligent connected vehicles (ICVs) has ushered in a new era of transportation, promising enhanced safety, efficiency, and convenience. However, this technological leap also introduces significant cybersecurity challenges that could jeopardise passenger safety and vehicle integrity. A recent review paper by Mahdi Dibaei, Xi Zheng, Kun Jiang, Sasa Maric, Robert Abbas, Shigang Liu, Yuexin Zhang, Yao Deng, Sheng Wen, Jun Zhang, Yang Xiang, and Shui Yu sheds light on the critical security threats facing ICVs and explores comprehensive defence mechanisms to mitigate these risks.
The architecture of next-generation vehicles, including driverless and intelligent cars, is complex and interconnected, relying heavily on Electronic Control Units (ECUs) and the Control Area Network (CAN) bus for in-vehicle communication. The security of these components is paramount, as vulnerabilities can be exploited to compromise vehicle functions and endanger passengers. With the advent of 4G LTE and 5G technologies, vehicle-to-everything (V2X) communications have expanded, introducing additional security challenges. The interconnected nature of these systems means that a breach in one area can have cascading effects, underscoring the need for robust cybersecurity measures.
The review paper identifies several major security attacks that ICVs are susceptible to. These include remote hacking, where attackers gain unauthorised access to vehicle systems; man-in-the-middle attacks, where communication between vehicles or between a vehicle and infrastructure is intercepted and altered; and denial-of-service attacks, which disrupt communication and control systems. Each of these attacks can have severe consequences, from loss of vehicle control to compromising passenger safety.
To address these threats, the researchers categorise available defences into four main categories: cryptography, network security, software vulnerability detection, and malware detection. Cryptography plays a crucial role in securing communications by encrypting data to prevent unauthorised access. Network security measures focus on protecting the integrity and availability of communication channels, ensuring that data transmitted between vehicles and infrastructure remains secure. Software vulnerability detection involves identifying and patching weaknesses in vehicle software that could be exploited by attackers. Malware detection aims to identify and neutralise malicious software that could compromise vehicle systems.
The paper also explores future directions for enhancing the security of ICVs. As technology continues to evolve, so too must the strategies for protecting against cyber threats. The researchers emphasise the importance of ongoing research and development in cybersecurity to stay ahead of emerging threats. They highlight the need for collaborative efforts between academia, industry, and government to create a comprehensive framework for securing ICVs.
The review paper by Dibaei et al. provides a valuable overview of the current landscape of cybersecurity in intelligent connected vehicles. By identifying major security attacks and categorising available defences, the researchers offer a roadmap for enhancing the security of these advanced transportation systems. As the automotive industry continues to innovate, the insights and recommendations from this paper will be instrumental in shaping the future of ICV security. The paper underscores the importance of a multi-faceted approach to cybersecurity, combining cryptography, network security, software vulnerability detection, and malware detection to create a robust defence against the evolving threats facing intelligent connected vehicles. Read the original research paper here.