乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T14:53:05Z","timestamp":1740149585667,"version":"3.37.3"},"reference-count":154,"publisher":"MDPI AG","issue":"1","license":[{"start":{"date-parts":[[2023,12,31]],"date-time":"2023-12-31T00:00:00Z","timestamp":1703980800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"As threat vectors and adversarial capabilities evolve, Cloud-Assisted Connected and Autonomous Vehicles (CCAVs) are becoming more vulnerable to cyberattacks. Several established threat analysis and risk assessment (TARA) methodologies are publicly available to address the evolving threat landscape. However, these methodologies inadequately capture the threat data of CCAVs, resulting in poorly defined threat boundaries or the reduced efficacy of the TARA. This is due to multiple factors, including complex hardware\u2013software interactions, rapid technological advancements, outdated security frameworks, heterogeneous standards and protocols, and human errors in CCAV systems. To address these factors, this study begins by systematically evaluating TARA methods and applying the Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, and Elevation of privileges (STRIDE) threat model and Damage, Reproducibility, Exploitability, Affected Users, and Discoverability (DREAD) risk assessment to target system architectures. This study identifies vulnerabilities, quantifies risks, and methodically examines defined data processing components. In addition, this study offers an attack tree to delineate attack vectors and provides a novel defense taxonomy against identified risks. This article demonstrates the efficacy of the TARA in systematically capturing compromised security requirements, threats, limits, and associated risks with greater precision. By doing so, we further discuss the challenges in protecting hardware\u2013software assets against multi-staged attacks due to emerging vulnerabilities. As a result, this research informs advanced threat analyses and risk management strategies for enhanced security engineering of cyberphysical CCAV systems.<\/jats:p>","DOI":"10.3390\/s24010241","type":"journal-article","created":{"date-parts":[[2023,12,31]],"date-time":"2023-12-31T11:00:21Z","timestamp":1704020421000},"page":"241","source":"Crossref","is-referenced-by-count":5,"title":["Securing Cloud-Assisted Connected and Autonomous Vehicles: An In-Depth Threat Analysis and Risk Assessment"],"prefix":"10.3390","volume":"24","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-6701-3354","authenticated-orcid":false,"given":"Al Tariq","family":"Sheik","sequence":"first","affiliation":[{"name":"Warwick Manufacturing Group (WMG), University of Warwick, Coventry CV4 7AL, UK"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4715-212X","authenticated-orcid":false,"given":"Carsten","family":"Maple","sequence":"additional","affiliation":[{"name":"Warwick Manufacturing Group (WMG), University of Warwick, Coventry CV4 7AL, UK"}]},{"given":"Gregory","family":"Epiphaniou","sequence":"additional","affiliation":[{"name":"Warwick Manufacturing Group (WMG), University of Warwick, Coventry CV4 7AL, UK"}]},{"given":"Mehrdad","family":"Dianati","sequence":"additional","affiliation":[{"name":"Warwick Manufacturing Group (WMG), University of Warwick, Coventry CV4 7AL, UK"}]}],"member":"1968","published-online":{"date-parts":[[2023,12,31]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"6206","DOI":"10.1109\/TITS.2021.3084396","article-title":"A taxonomy and survey of edge cloud computing for intelligent transportation systems and connected vehicles","volume":"23","author":"Arthurs","year":"2021","journal-title":"IEEE Trans. Intell. Transp. Syst."},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Gillam, L., Katsaros, K., Dianati, M., and Mouzakitis, A. (2018, January 15\u201319). Exploring edges for connected and autonomous driving. Proceedings of the IEEE INFOCOM 2018\u2014IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), Honolulu, HI, USA.","DOI":"10.1109\/INFCOMW.2018.8406890"},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"2423915","DOI":"10.1155\/2019\/2423915","article-title":"A comprehensive survey on VANET security services in traffic management system","volume":"2019","author":"Sheikh","year":"2019","journal-title":"Wirel. Commun. Mob. Comput."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"155","DOI":"10.1080\/23738871.2017.1366536","article-title":"Security and privacy in the internet of things","volume":"2","author":"Maple","year":"2017","journal-title":"J. Cyber Policy"},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Maple, C., Bradbury, M., Le, A.T., and Ghirardello, K. (2019). A connected and autonomous vehicle reference architecture for attack surface analysis. Appl. Sci., 9.","DOI":"10.3390\/app9235101"},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"2208","DOI":"10.1016\/j.asr.2022.07.013","article-title":"Challenges in threat modelling of new space systems: A teleoperation use-case","volume":"70","author":"Sheik","year":"2022","journal-title":"Adv. Space Res."},{"key":"ref_7","unstructured":"HM Government (2023, October 16). Connected & Automated Mobility 2025: Realising the Benefits of Self-Driving Vehicles in the UK, Available online: https:\/\/assets.publishing.service.gov.uk\/government\/uploads\/system\/uploads\/attachment_data\/file\/1099173\/cam-2025-realising-benefits-self-driving-vehicles.pdf."},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Sheik, A.T., Maple, C., Epiphaniou, G., and Dianati, M. (2024). Threat Analysis of Platooning\u2014A Cloud Assisted Connected and Autonomous Vehicle Application. Information, 15.","DOI":"10.3390\/info15010014"},{"key":"ref_9","unstructured":"Shostack, A. (2014). Threat Modeling: Designing for Security, John Wiley & Sons."},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"779","DOI":"10.1080\/00423114.2018.1492142","article-title":"Towards connected autonomous driving: Review of use-cases","volume":"57","author":"Montanaro","year":"2019","journal-title":"Veh. Syst. Dyn."},{"key":"ref_11","unstructured":"USDOT (2023, October 16). VS15: Infrastructure Enhanced Cooperative Adaptive Cruise Control. Available online: https:\/\/www.arc-it.net\/html\/servicepackages\/sp190.html#tab-3."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"53","DOI":"10.1016\/j.cose.2019.03.010","article-title":"Threat modeling\u2014A systematic literature review","volume":"84","author":"Xiong","year":"2019","journal-title":"Comput. Secur."},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Khan, R., McLaughlin, K., Laverty, D., and Sezer, S. (2017, January 26\u201329). STRIDE-based threat modeling for cyber-physical systems. Proceedings of the 2017 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe), Turin, Italy.","DOI":"10.1109\/ISGTEurope.2017.8260283"},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Alberts, C., Behrens, S., Pethia, R., and Wilson, W. (1999). Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) Framework, Version 1.0, Software Engineering Institute, Carnegie Mellon University. Technical Report CMU\/SEI-99-TR-017.","DOI":"10.21236\/ADA367718"},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Alberts, C., Dorofee, A., Stevens, J., and Woody, C. (2003). Introduction to the OCTAVE Approach, Carnegie Mellon University Software Engineering Institute. Technical Report.","DOI":"10.21236\/ADA634134"},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"UcedaVelez, T., and Morana, M.M. (2015). Risk Centric Threat Modeling: Process for Attack Simulation and Threat Analysis, John Wiley & Sons.","DOI":"10.1002\/9781118988374"},{"key":"ref_17","unstructured":"McCarthy, C., Harnett, K., and Carter, A. (2014). Characterization of Potential Security Threats in Modern Automobiles: A Composite Modeling Approach, Technical Report."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"100219","DOI":"10.1016\/j.cosrev.2019.100219","article-title":"A review of attack graph and attack tree visual syntax in cyber security","volume":"35","author":"Lallie","year":"2020","journal-title":"Comput. Sci. Rev."},{"key":"ref_19","unstructured":"Committee, S.V.E.S.S. (2016). SAE J3061-Cybersecurity Guidebook for Cyber-Physical Automotive Systems, SAE\u2014Society of Automotive Engineers."},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Jamil, A.M., Khan, S., Lee, J.K., and Othmane, L.B. (2021, January 24\u201326). Towards Automated Threat Modeling of Cyber-Physical Systems. Proceedings of the 2021 International Conference on Software Engineering & Computer Systems and 4th International Conference on Computational Science and Information Management (ICSECS-ICOCSIM), Pekan, Malaysia.","DOI":"10.1109\/ICSECS52883.2021.00118"},{"key":"ref_21","unstructured":"Shevchenko, N., Frye, B., and Woody, C. (2018). White Paper: Threat Modelling for Cyber-Physical System-of-Systems: Methods Evaluation, Software Engineering Institute, Carnegie Mellon University. Technical Report."},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Schneier, B. (2015). Secrets and Lies: Digital Security in a Networked World, John Wiley & Sons.","DOI":"10.1002\/9781119183631"},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Thing, V.L.L., and Wu, J. (2016, January 15\u201318). Autonomous Vehicle Security: A Taxonomy of Attacks and Defences. Proceedings of the 2016 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber. Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), Chengdu, China.","DOI":"10.1109\/iThings-GreenCom-CPSCom-SmartData.2016.52"},{"key":"ref_24","unstructured":"Zhao, M. (2015). Advanced driver assistant system, threats, requirements, security solutions. Intel Labs, 2\u20133."},{"key":"ref_25","first-page":"546","article-title":"Potential Cyberattacks on Automated Vehicles","volume":"16","author":"Petit","year":"2014","journal-title":"IEEE Trans. Intell. Transp. Syst."},{"key":"ref_26","first-page":"1","article-title":"Remote exploitation of an unaltered passenger vehicle","volume":"2015","author":"Miller","year":"2015","journal-title":"Black Hat"},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"380","DOI":"10.3390\/electronics4030380","article-title":"Security of Cooperative Intelligent Transport Systems: Standards, Threats Analysis and Cryptographic Countermeasures","volume":"4","author":"Hamida","year":"2015","journal-title":"Electronics"},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Javed, M.A., Hamida, E.B., and Znaidi, W. (2016). Security in Intelligent Transport Systems for Smart Cities: From Theory to Practice. Sensors, 16.","DOI":"10.3390\/s16060879"},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"33","DOI":"10.1016\/j.adhoc.2017.03.006","article-title":"A survey of attacks and detection mechanisms on intelligent trasnportation system\u2014VANETS and IoV","volume":"61","author":"Sakiz","year":"2017","journal-title":"Hoc Netw."},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Bariah, L., Shehada, D., Salahat, E., and Yeun, C.Y. (2015, January 6\u20139). Recent advances in VANET security: A survey. Proceedings of the 2015 IEEE 82nd Vehicular Technology Conference (VTC2015-fall), Boston, MA, USA.","DOI":"10.1109\/VTCFall.2015.7391111"},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"11","DOI":"10.1016\/j.ress.2010.06.026","article-title":"Security threats to automotive CAN networks\u2014Practical examples and selected short-term countermeasures","volume":"96","author":"Hoppe","year":"2011","journal-title":"Reliab. Eng. Syst. Saf."},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"1","DOI":"10.5121\/ijans.2014.4201","article-title":"Security Attacks and Solutions in Vehicular Ad Hoc Networks: A Survey","volume":"4","author":"La","year":"2014","journal-title":"Int. J. Adhoc Netw. Syst."},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"126","DOI":"10.1109\/MCOM.2015.7120028","article-title":"Security vulnerabilities of connected vehicle streams and their impact on cooperative driving","volume":"53","author":"Amoozadeh","year":"2015","journal-title":"IEEE Commun. Mag."},{"key":"ref_34","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1016\/j.comcom.2014.02.020","article-title":"VANET security surveys","volume":"44","author":"Engoulou","year":"2014","journal-title":"Comput. Commun."},{"key":"ref_35","first-page":"1","article-title":"Privacy and cybersecurity are converging. Here\u2019s why that matters for people and for companies","volume":"10","author":"Burt","year":"2019","journal-title":"Harv. Bus. Rev."},{"key":"ref_36","first-page":"995","article-title":"Remote Attacks on Automated Vehicles Sensors Experiments on Camera and LiDAR. Experiments on Camera and Lidar","volume":"11","author":"Petit","year":"2015","journal-title":"Black Hat"},{"key":"ref_37","doi-asserted-by":"crossref","unstructured":"Garip, M.T., Gursoy, M.E., Reiher, P., and Gerla, M. (2015, January 8\u201311). Congestion attacks to autonomous cars using vehicular botnets. Proceedings of the NDSS Workshop on Security of Emerging Networking Technologies (SENT), San Diego, CA, USA.","DOI":"10.14722\/sent.2015.23001"},{"key":"ref_38","unstructured":"National Highway Traffic Safety Administration (2016). Cybersecurity Best Practices for Modern Vehicles."},{"key":"ref_39","first-page":"53","article-title":"Survey on VANET security challenges and possible cryptographic solutions","volume":"1","author":"Mejri","year":"2014","journal-title":"Veh. Commun."},{"key":"ref_40","doi-asserted-by":"crossref","unstructured":"Studnia, I., Nicomette, V., Alata, E., Deswarte, Y., Ka\u00e2niche, M., and Laarouchi, Y. (2013, January 24\u201327). Survey on security threats and protection mechanisms in embedded automotive networks. Proceedings of the 43rd Annual IEEE\/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W), Budapest, Hungary.","DOI":"10.1109\/DSNW.2013.6615528"},{"key":"ref_41","doi-asserted-by":"crossref","first-page":"49","DOI":"10.1109\/MSP.2004.26","article-title":"The security and privacy of smart vehicles","volume":"2","author":"Hubaux","year":"2004","journal-title":"IEEE Secur. Priv."},{"key":"ref_42","doi-asserted-by":"crossref","first-page":"63","DOI":"10.1109\/MVT.2015.2479367","article-title":"The key to intelligent transportation: Identity and credential management in vehicular communication systems","volume":"10","author":"Khodaei","year":"2015","journal-title":"IEEE Veh. Technol. Mag."},{"key":"ref_43","doi-asserted-by":"crossref","first-page":"45","DOI":"10.1109\/MVT.2017.2669348","article-title":"Driving with Sharks: Rethinking Connected Vehicles with Vehicle Cybersecurity","volume":"12","author":"Eiza","year":"2017","journal-title":"IEEE Veh. Technol. Mag."},{"key":"ref_44","first-page":"290","article-title":"Likelihoods of Threats to Connected Vehicles","volume":"5","author":"Othmane","year":"2014","journal-title":"Int. J. Next-Gener. Comput."},{"key":"ref_45","unstructured":"ABI (2023, October 16). Connected Vehicle Cloud Platforms. Available online: https:\/\/www.abiresearch.com\/market-research\/product\/1022093-connected-vehicle-cloud-platforms\/."},{"key":"ref_46","unstructured":"Senior, S., Rec, C., Nishar, H., and Horton, T. (2018). AWS Connected Vehicle Solution, Amazon."},{"key":"ref_47","unstructured":"Fu, Z., Hu, W., and Tan, T. (2005, January 11\u201314). Similarity based vehicle trajectory clustering and anomaly detection. Proceedings of the IEEE International Conference on Image Processing 2005, Genova, Italy."},{"key":"ref_48","doi-asserted-by":"crossref","first-page":"12","DOI":"10.1109\/MSPEC.2006.1652996","article-title":"Ring of steel II-New York City gets set to replicate London\u2019s high-security zone","volume":"43","author":"Mullins","year":"2006","journal-title":"IEEE Spectr."},{"key":"ref_49","doi-asserted-by":"crossref","unstructured":"M\u00fcter, M., Groll, A., and Freiling, F.C. (2010, January 23\u201325). A structured approach to anomaly detection for in-vehicle networks. Proceedings of the 2010 Sixth International Conference on Information Assurance and Security, Atlanta, GA, USA.","DOI":"10.1109\/ISIAS.2010.5604050"},{"key":"ref_50","doi-asserted-by":"crossref","first-page":"2898","DOI":"10.1109\/TITS.2017.2665968","article-title":"Cyber Threats Facing Autonomous and Connected Vehicles: Future Challenges","volume":"18","author":"Parkinson","year":"2017","journal-title":"IEEE Trans. Intell. Transp. Syst."},{"key":"ref_51","doi-asserted-by":"crossref","first-page":"39","DOI":"10.3233\/JCS-2007-15103","article-title":"Securing vehicular ad hoc networks","volume":"15","author":"Raya","year":"2007","journal-title":"J. Comput. Secur."},{"key":"ref_52","doi-asserted-by":"crossref","unstructured":"Al-Kahtani, M.S. (2012, January 12\u201314). Survey on security attacks in vehicular ad hoc networks (VANETs). Proceedings of the 2012 6th International Conference on Signal Processing and Communication Systems, Gold Coast, QLD, Australia.","DOI":"10.1109\/ICSPCS.2012.6507953"},{"key":"ref_53","unstructured":"Gillani, S., Shahzad, F., Qayyum, A., and Mehmood, R. (2013, January 14\u201315). A survey on security in vehicular ad hoc networks. Proceedings of the Communication Technologies for Vehicles: 5th International Workshop, Nets4Cars\/Nets4Trains 2013, Villeneuve d\u2019Ascq, France. Proceedings 5."},{"key":"ref_54","unstructured":"Othmane, L.B., Weffers, H., Mohamad, M.M., and Wolf, M. (2015). Wireless Sensor and Mobile Ad-Hoc Networks: Vehicular and Space Applications, Springer."},{"key":"ref_55","doi-asserted-by":"crossref","first-page":"284","DOI":"10.1109\/TITS.2012.2211870","article-title":"Security challenges in vehicular cloud computing","volume":"14","author":"Yan","year":"2013","journal-title":"IEEE Trans. Intell. Transp. Syst."},{"key":"ref_56","first-page":"1","article-title":"A Survey of the Connected Vehicle Landscape\u2013Architectures, Enabling Technologies, Applications, and Development Areas","volume":"99","author":"Siegel","year":"2017","journal-title":"IEEE Trans. Intell. Transp. Syst."},{"key":"ref_57","first-page":"7","article-title":"VANet security challenges and solutions: A survey","volume":"7","author":"Hasrouny","year":"2017","journal-title":"Veh. Commun."},{"key":"ref_58","doi-asserted-by":"crossref","unstructured":"Boumiza, S., and Braham, R. (November, January 30). Intrusion threats and security solutions for autonomous vehicle networks. Proceedings of the 2017 IEEE\/ACS 14th International Conference on Computer Systems and Applications (AICCSA), Hammamet, Tunisia.","DOI":"10.1109\/AICCSA.2017.42"},{"key":"ref_59","unstructured":"Kelarestaghi, K.B., Foruhandeh, M., Heaslip, K., and Gerdes, R. (2019). Survey on vehicular ad hoc networks and its access technologies security vulnerabilities and countermeasures. arXiv."},{"key":"ref_60","doi-asserted-by":"crossref","unstructured":"Sommer, F., D\u00fcrrwang, J., and Kriesten, R. (2019). Survey and classification of automotive security attacks. Information, 10.","DOI":"10.3390\/info10040148"},{"key":"ref_61","doi-asserted-by":"crossref","unstructured":"Jadhav, S., and Kshirsagar, D. (2018, January 16\u201318). A survey on security in automotive networks. Proceedings of the 2018 Fourth International Conference on Computing Communication Control and Automation (ICCUBEA), Pune, India.","DOI":"10.1109\/ICCUBEA.2018.8697772"},{"key":"ref_62","doi-asserted-by":"crossref","unstructured":"Yoshizawa, T., and Preneel, B. (2019, January 28\u201330). Survey of security aspect of v2x standards and related issues. Proceedings of the 2019 IEEE Conference on Standards for Communications and Networking (CSCN), Granada, Spain.","DOI":"10.1109\/CSCN.2019.8931311"},{"key":"ref_63","doi-asserted-by":"crossref","first-page":"2725","DOI":"10.1109\/COMST.2020.3012961","article-title":"Security and privacy challenges in connected vehicular cloud computing","volume":"22","author":"Masood","year":"2020","journal-title":"IEEE Commun. Surv. Tutorials"},{"key":"ref_64","doi-asserted-by":"crossref","first-page":"6240","DOI":"10.1109\/TITS.2021.3085297","article-title":"A survey on cyber-security of connected and autonomous vehicles (CAVs)","volume":"23","author":"Sun","year":"2021","journal-title":"IEEE Trans. Intell. Transp. Syst."},{"key":"ref_65","unstructured":"Guzman, Z. (2023, October 16). Hackers Remotely Kill Jeep\u2019s Engine on Highway. Available online: https:\/\/www.cnbc.com\/2015\/07\/21\/hackers-remotely-kill-jeep-engine-on-highway.html."},{"key":"ref_66","unstructured":"Skygo (2023, October 16). Security Research Report on Mercedes Benz Cars\u2014SkyGo Blog. Available online: https:\/\/skygo.360.net\/archive\/Security-Research-Report-on-Mercedes-Benz-Cars-en.pdf."},{"key":"ref_67","unstructured":"Thoughts, B.Y. (2023, October 16). Man Block ETC with Melon Seed Bags and Evades Fees 22 Times over 40,000 in 3 Months. Available online: https:\/\/www.youtube.com\/watch?v=Bzw7pA0rHCk."},{"key":"ref_68","unstructured":"Curry, S. (2023, October 16). More Car Hacking!. Available online: https:\/\/twitter.com\/samwcyo\/status\/1597792097175674880."},{"key":"ref_69","unstructured":"Finkle, J., and Woodall, B. (2023, October 16). Researcher Says Can Hack GM\u2019s OnStar App, Open Vehicle, Start Engine. Available online: https:\/\/www.reuters.com\/article\/us-gm-hacking-idUSKCN0Q42FI20150730."},{"key":"ref_70","unstructured":"Lodge, D. (2023, October 16). Hacking the Mitsubishi Outlander Phev Hybrid. Available online: https:\/\/www.pentestpartners.com\/security-blog\/hacking-the-mitsubishi-outlander-phev-hybrid-suv\/."},{"key":"ref_71","unstructured":"Computest (2023, October 16). Car Hack Project Volkswagen\/Audi. Available online: https:\/\/www.computest.nl\/en\/knowledge-platform\/rd-projects\/car-hack\/."},{"key":"ref_72","unstructured":"Tencent (2023, October 16). Tesla Model S Wi-Fi Protocol Stack Vulnerability. Available online: https:\/\/v.qq.com\/x\/page\/v304513meir.html."},{"key":"ref_73","unstructured":"BlackHat (2023, October 16). Multiple Vulnerabilities Disclosed in Black Hat VW ID Series. Available online: https:\/\/www.blackhat.com\/eu-22\/."},{"key":"ref_74","doi-asserted-by":"crossref","first-page":"13338","DOI":"10.1109\/JIOT.2022.3144130","article-title":"Threat modeling and risk analysis for miniaturized wireless biomedical devices","volume":"9","author":"Vakhter","year":"2022","journal-title":"IEEE Internet Things J."},{"key":"ref_75","first-page":"100179","article-title":"A survey on security attacks in VANETs: Communication, applications and challenges","volume":"19","author":"Arif","year":"2019","journal-title":"Veh. Commun."},{"key":"ref_76","doi-asserted-by":"crossref","unstructured":"Vasconcelos Filho, \u00ca., Severino, R., Salgueiro dos Santos, P.M., Koubaa, A., and Tovar, E. (2023). Cooperative vehicular platooning: A multi-dimensional survey towards enhanced safety, security and validation. Cyber-Phys. Syst., 1\u201353.","DOI":"10.1080\/23335777.2023.2214584"},{"key":"ref_77","unstructured":"Francillon, A., Danev, B., and Capkun, S. (2011, January 21\u201325). Relay attacks on passive keyless entry and start systems in modern cars. Proceedings of the Network and Distributed System Security Symposium (NDSS), Z\u00fcrich, Switzreland."},{"key":"ref_78","unstructured":"Norte, J.C. (2023, October 16). Hacking Industrial Vehicles from the Internet. Available online: http:\/\/jcarlosnorte.com\/security\/2016\/03\/06\/hacking-tachographs-from-the-internets.html."},{"key":"ref_79","unstructured":"Mazloom, S., Rezaeirad, M., Hunter, A., and McCoy, D. (2016, January 8\u20139). A Security Analysis of an In-Vehicle Infotainment and App Platform. Proceedings of the 10th USENIX Workshop on Offensive Technologies (WOOT 16), Austin, TX, USA."},{"key":"ref_80","unstructured":"Obzy (2023, October 16). BMW 330I 2011 Format String DOS Vulnerability(CVE-2017-9212). Available online: https:\/\/twitter.com\/__obzy__\/status\/864704956116254720."},{"key":"ref_81","unstructured":"CISA (2023, October 16). ICS Advisory, Available online: https:\/\/sustainasip-143609846.hubspotpagebuilder.eu\/?hs_preview=ZgQINqbD-84946346185."},{"key":"ref_82","unstructured":"Samcurry (2023, October 16). Cracking My Windshield and Earning $10,000 on the Tesla Bug Bounty Program. Available online: https:\/\/bit.ly\/3XXgJFC."},{"key":"ref_83","unstructured":"Cylect (2023, October 16). Dosla\u2014Tesla Vulnerability\u2014CVE-2020-10558 | cylect.io. Available online: https:\/\/cylect.io\/blog\/cybr-2\/dosla-tesla-vulnerability-cve-2022-10558-1."},{"key":"ref_84","unstructured":"NIST (2023, October 16). CVE-2020-28656 Detail, Available online: https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-28656."},{"key":"ref_85","unstructured":"Tencent (2023, October 16). Tencent Security Keen Lab: Experimental Security Assessment of Mercedes-Benz Cars. Available online: https:\/\/bit.ly\/3R7TBlD."},{"key":"ref_86","unstructured":"GeekPWN (2023, October 16). Find a Few Key Keys on Google, and Then Crack Your Own Car?. Available online: https:\/\/mp.weixin.qq.com\/s\/-xlV8nPjIy5nUT4Zt4a5rg."},{"key":"ref_87","unstructured":"Dengdeng (2023, October 16). Many Car Owners in Shanghai Were Reminded That \u201cThere Is a Gunfight on the Road\u201d?. Available online: https:\/\/mp.weixin.qq.com\/s\/Zc-_Z0PyZQ8qSvZEXU2U3Q."},{"key":"ref_88","unstructured":"Keen Security Lab (2023, October 16). Experimental Security Assessment of BMW Cars by KeenLab. Available online: https:\/\/bit.ly\/34ICOBC."},{"key":"ref_89","unstructured":"Keen Security Lab (2023, October 16). Tencent Security Keen Lab: Experimental Security Assessment of Mercedes-Benz Cars. Available online: https:\/\/bit.ly\/34Gpqhj."},{"key":"ref_90","unstructured":"Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S., Koscher, K., Czeskis, A., Roesner, F., and Kohno, T. (2011, January 8\u201312). Comprehensive experimental analyses of automotive attack surfaces. Proceedings of the 20th USENIX Security Symposium (USENIX Security 11), San Francisco, CA, USA."},{"key":"ref_91","unstructured":"Sgayou (2023, October 16). Subaru Starlink Persistent Root Code Execution. Available online: https:\/\/github.com\/sgayou\/subaru-starlink-research."},{"key":"ref_92","unstructured":"Liu, J. (2023, October 16). Belgian Security Researchers from KU Leuven and IMEC Demonstrate Serious Flaws in Tesla Model X Keyless Entry System. Available online: https:\/\/bit.ly\/3XJa81V."},{"key":"ref_93","unstructured":"Zehavi, I., and Shamir, A. (2023). Facial Misrecognition Systems: Simple Weight Manipulations Force DNNs to Err Only on Specific Persons. arXiv."},{"key":"ref_94","unstructured":"Nassi, B., Nassi, D., Ben-Netanel, R., Mirsky, Y., Drokin, O., and Elovici, Y. (2023, October 16). Phantom of the ADAS: Phantom Attacks on Driver-Assistance Systems. Available online: https:\/\/eprint.iacr.org\/2020\/085."},{"key":"ref_95","first-page":"109","article-title":"Can you trust autonomous vehicles: Contactless attacks against sensors of self-driving vehicle","volume":"24","author":"Yan","year":"2016","journal-title":"Def. Con."},{"key":"ref_96","doi-asserted-by":"crossref","first-page":"7897","DOI":"10.1109\/TII.2021.3071405","article-title":"Deep learning-based autonomous driving systems: A survey of attacks and defenses","volume":"17","author":"Deng","year":"2021","journal-title":"IEEE Trans. Ind. Inform."},{"key":"ref_97","doi-asserted-by":"crossref","first-page":"4316","DOI":"10.1109\/TITS.2020.3032227","article-title":"Deep learning for safe autonomous driving: Current challenges and future directions","volume":"22","author":"Muhammad","year":"2020","journal-title":"IEEE Trans. Intell. Transp. Syst."},{"key":"ref_98","doi-asserted-by":"crossref","first-page":"102269","DOI":"10.1016\/j.cose.2021.102269","article-title":"A survey on security attacks and defense techniques for connected and autonomous vehicles","volume":"109","author":"Pham","year":"2021","journal-title":"Comput. Secur."},{"key":"ref_99","doi-asserted-by":"crossref","first-page":"231","DOI":"10.2528\/PIER06090504","article-title":"Augmentation of anti-jam GPS system using smart antenna with a simple DOA estimation algorithm","volume":"67","author":"Mukhopadhyay","year":"2007","journal-title":"Prog. Electromagn. Res."},{"key":"ref_100","doi-asserted-by":"crossref","unstructured":"Purwar, A., Joshi, D., and Chaubey, V.K. (2016, January 16\u201318). GPS signal jamming and anti-jamming strategy\u2014A theoretical analysis. Proceedings of the 2016 IEEE Annual India Conference (INDICON), Bangalore, India.","DOI":"10.1109\/INDICON.2016.7838933"},{"key":"ref_101","doi-asserted-by":"crossref","unstructured":"Meng, Q., Hsu, L.T., Xu, B., Luo, X., and El-Mowafy, A. (2019). A GPS spoofing generator using an open sourced vector tracking-based receiver. Sensors, 19.","DOI":"10.3390\/s19183993"},{"key":"ref_102","doi-asserted-by":"crossref","unstructured":"Narain, S., Ranganathan, A., and Noubir, G. (2019, January 19\u201323). Security of GPS\/INS based on-road location tracking systems. Proceedings of the 2019 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA.","DOI":"10.1109\/SP.2019.00068"},{"key":"ref_103","unstructured":"CyberRegulus (2023, October 16). Tesla Model S and Model 3 Prove Vulnerable to GPS Spoofing Attacks as Autopilot Navigation Steers Car off Road, Research from Regulus Cyber Shows. Available online: https:\/\/bit.ly\/3kNhRgM."},{"key":"ref_104","unstructured":"Bitsight (2023, October 16). Bitsight Discovers Critical Vulnerabilities in Widely Used Vehicle GPS Tracker. Available online: https:\/\/bit.ly\/3je70fd."},{"key":"ref_105","unstructured":"AnonymousTV (2023, October 16). The Largest Taxi Service in Russia \u2018Yandex Taxi\u2019 Was Hacked by the #Anonymous Collective. Available online: https:\/\/twitter.com\/YourAnonTV\/status\/1565555525378506752."},{"key":"ref_106","first-page":"19","article-title":"GPS spoofing countermeasures","volume":"25","author":"Warner","year":"2003","journal-title":"Homel. Secur. J."},{"key":"ref_107","unstructured":"Mitre (2023, October 16). CVE-2020-15912. Available online: https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-15912."},{"key":"ref_108","unstructured":"Foster, I., Prudhomme, A., Koscher, K., and Savage, S. (2015, January 10\u201311). Fast and vulnerable: A story of telematic failures. Proceedings of the 9th USENIX Workshop on Offensive Technologies, WOOT, Washington, DC, USA."},{"key":"ref_109","first-page":"211","article-title":"Truck Hacking: An Experimental Analysis of the SAE J1939 Standard","volume":"16","author":"Burakova","year":"2016","journal-title":"WOOT"},{"key":"ref_110","doi-asserted-by":"crossref","unstructured":"Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., McCoy, D., Kantor, B., Anderson, D., and Shacham, H. (2010, January 16\u201319). Experimental security analysis of a modern automobile. Proceedings of the 2010 IEEE Symposium on Security and Privacy, Oakland, CA, USA.","DOI":"10.1109\/SP.2010.34"},{"key":"ref_111","doi-asserted-by":"crossref","unstructured":"Kumar, K.N., Vishnu, C., Mitra, R., and Mohan, C.K. (2020, January 13\u201315). Black-box adversarial attacks in autonomous vehicle technology. Proceedings of the 2020 IEEE Applied Imagery Pattern Recognition Workshop (AIPR), Washington, DC, USA.","DOI":"10.1109\/AIPR50011.2020.9425267"},{"key":"ref_112","unstructured":"Denis, K. (2023, October 16). Remotely Controlled EV Home Chargers\u2014The Threats and Vulnerabilities. Available online: https:\/\/securelist.com\/remotely-controlled-ev-home-chargers-the-threats-and-vulnerabilities\/89251\/."},{"key":"ref_113","unstructured":"Tencent (2023, October 16). Tencent Keen Security Lab: Experimental Security Assessment on Lexus Cars. Available online: https:\/\/bit.ly\/3XIZhos."},{"key":"ref_114","doi-asserted-by":"crossref","first-page":"4467","DOI":"10.1109\/TITS.2021.3055351","article-title":"Threat analysis for automotive CAN networks: A GAN model-based intrusion detection technique","volume":"22","author":"Xie","year":"2021","journal-title":"IEEE Trans. Intell. Transp. Syst."},{"key":"ref_115","unstructured":"Smith, C. (2014). 2014 Car Hackers Handbook-Open Garages, Theia Labs."},{"key":"ref_116","unstructured":"Verdult, R., Garcia, F.D., and Ege, B. (2013, January 14). Dismantling Megamos Crypto: Wirelessly Lockpicking a Vehicle Immobilizer. Proceedings of the USENIX Security Symposium, Washington, DC, USA."},{"key":"ref_117","unstructured":"Sina (2023, October 16). Volvo, BYD, etc. Were Exposed to the Defect of Anti-Theft System with 1 Minute Keyless Unlocking. Available online: https:\/\/finance.sina.com.cn\/consume\/puguangtai\/20151125\/155223849739.shtml."},{"key":"ref_118","unstructured":"Greenberg, A. (2023, October 16). Hackers Can Steal a Tesla Model S in Seconds by Cloning Its Key Fob. Available online: https:\/\/www.wired.com\/story\/hackers-steal-tesla-model-s-seconds-key-fob\/."},{"key":"ref_119","unstructured":"Rosenblatt, S. (2023, October 16). This Hack Could Take Control of Your Ford\u2014The Parallax. Available online: https:\/\/www.the-parallax.com\/hacker-ford-key-fob-vulnerability\/."},{"key":"ref_120","unstructured":"Seth, R. (2023, October 16). This App Can Track Tesla Model 3 Location. Available online: https:\/\/www.the-parallax.com\/tesla-radar-model-3-phone-key-ibeacon\/."},{"key":"ref_121","unstructured":"Kunnamon (2023, October 16). Redacted TBONE Document Submitted to Tesla Bug Bounty Program. Available online: https:\/\/kunnamon.io\/tbone\/."},{"key":"ref_122","unstructured":"John, D. (2023, October 16). Canadian Software Developer Discovers Bluetooth Key Vulnerability That Allows Anyone to Unlock a Tesla. Available online: https:\/\/bit.ly\/408iH88."},{"key":"ref_123","unstructured":"HackingIntoYourHeart (2023, October 16). Unoriginal Rice Patty is My Personal Title for the Replay-Based Attack on Honda and Acura Vehicles. Available online: https:\/\/github.com\/HackingIntoYourHeart\/Unoriginal-Rice-Patty."},{"key":"ref_124","unstructured":"ReverseKevin (2023, October 16). Honda Civic Replay Attack. Available online: https:\/\/www.youtube.com\/watch?v=NjbjepeILrk."},{"key":"ref_125","unstructured":"Pompel123 (2023, October 16). Firmware to Open Any and All Tesla Vehicle Charging Ports in Range!. Available online: https:\/\/github.com\/pompel123\/Tesla-Charging-Port-Opener."},{"key":"ref_126","unstructured":"Sharma, A. (2023, October 16). Honda Bug Lets a Hacker Unlock and Start Your Car via Replay Attack. Available online: https:\/\/www.bleepingcomputer.com\/news\/security\/honda-bug-lets-a-hacker-unlock-and-start-your-car-via-replay-attack\/."},{"key":"ref_127","unstructured":"Khan, S. (2023, October 16). Technical Advisory\u2014Tesla Ble Phone-as-a-Key Passive Entry Vulnerable to Relay Attacks. Available online: https:\/\/bit.ly\/3DiuZ3M."},{"key":"ref_128","unstructured":"Trifinite (2023, October 16). Project Tempa. Available online: https:\/\/trifinite.org\/stuff\/project_tempa\/."},{"key":"ref_129","unstructured":"Rollingpwn (2023, October 16). Rolling PWN Attack. Available online: https:\/\/rollingpwn.github.io\/rolling-pwn\/."},{"key":"ref_130","unstructured":"Clatworthy, B. (2023, October 16). Luxury Cars Are Gone in 90 Seconds with Thief Kit. Available online: https:\/\/www.thetimes.co.uk\/article\/luxury-cars-are-gone-in-90-seconds-with-thief-kit-z300g0njf."},{"key":"ref_131","unstructured":"Blackberry (2023, October 16). QNX-2021-001 Vulnerability in the C Runtime Library Impacts BlackBerry QNX Software Development Platform (SDP), QNX OS for Medical, and QNX OS for Safety. Available online: https:\/\/support.blackberry.com\/kb\/articleDetail?articleNumber=000082334."},{"key":"ref_132","doi-asserted-by":"crossref","unstructured":"Oka, D.K., Furue, T., Langenhop, L., and Nishimura, T. (2014, January 17\u201319). Survey of vehicle IoT bluetooth devices. Proceedings of the 2014 IEEE 7th International Conference on Service-Oriented Computing and Applications, Matsue, Japan.","DOI":"10.1109\/SOCA.2014.20"},{"key":"ref_133","unstructured":"VDECert (2023, October 16). SWARCO: Critical Vulnerability in CPU LS4000. Available online: https:\/\/cert.vde.com\/de\/advisories\/VDE-2020-016\/."},{"key":"ref_134","unstructured":"Sohu (2023, October 16). An Online Car-Hailing Driver was Jailed for Stealing Electricity 382 Times in Half a Year Using the \u2018Pinch Gun Method\u2019 and \u2018Card Second Method\u2019. Available online: https:\/\/www.sohu.com\/a\/259418261_391288."},{"key":"ref_135","doi-asserted-by":"crossref","first-page":"680","DOI":"10.1016\/j.future.2016.11.009","article-title":"Mobile edge computing, fog et al.: A survey and analysis of security threats and challenges","volume":"78","author":"Roman","year":"2018","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_136","unstructured":"Whittaker, Z. (2023, October 16). Mercedes-Benz App Glitch Exposed Car Owners\u2019 Information to Other Users. Available online: https:\/\/bit.ly\/3HdD7Uh."},{"key":"ref_137","unstructured":"Beardsley, T. (2023, October 16). R7-2017-02: Hyundai Blue Link Potential Info Disclosure (Fixed): Rapid7 Blog. Available online: https:\/\/www.rapid7.com\/blog\/post\/2017\/04\/25\/r7-2017-02-hyundai-blue-link-potential-info-disclosure-fixed\/."},{"key":"ref_138","unstructured":"Hunt, T. (2023, October 16). Controlling Vehicle Features of Nissan Leafs across the Globe via Vulnerable Apis. Available online: https:\/\/www.troyhunt.com\/controlling-vehicle-features-of-nissan\/."},{"key":"ref_139","unstructured":"Schneider (2023, October 16). Schneider Electric Security Notification. Available online: https:\/\/download.schneider-electric.com\/files?p_Doc_Ref=SEVD-2021-194-06."},{"key":"ref_140","unstructured":"XiunoBBS (2023, October 16). Vulnerability Mining Practice of Charging Piles. Available online: https:\/\/bbs.kanxue.com\/thread-272546.htm."},{"key":"ref_141","unstructured":"Di, W. (2023, October 16). Information on 100,000 Citroen Owners May Have Been Leaked. Available online: shorturl.at\/beSTV."},{"key":"ref_142","unstructured":"Xxdesmus (2023, October 16). Honda Motor Company Leaks Database with 134 Million Rows of Employee Computer Data. Available online: https:\/\/rainbowtabl.es\/2019\/07\/31\/honda-motor-company-leak\/."},{"key":"ref_143","unstructured":"ZDNET (2023, October 16). Mercedes-Benz Onboard Logic Unit (OLU) Source Code Leaks Online. Available online: https:\/\/www.zdnet.com\/article\/mercedes-benz-onboard-logic-unit-olu-source-code-leaks-online\/."},{"key":"ref_144","unstructured":"Valdes-Dapena, P. (2023, October 16). Volkswagen Hack: 3 Million Customers Have Had Their Information Stolen | CNN Business. Available online: https:\/\/edition.cnn.com\/2021\/06\/11\/cars\/vw-audi-hack-customer-information\/index.html."},{"key":"ref_145","unstructured":"MBUSA (2023, October 16). Mercedes-Benz USA Announces Initial Findings of Data Investigation Affecting Customers and Interested Buyers. Available online: https:\/\/bit.ly\/3wS6Hu5."},{"key":"ref_146","unstructured":"Volvo (2023, October 16). Notice of Cyber Security Breach by Third Party. Available online: https:\/\/www.media.volvocars.com\/global\/en-gb\/media\/pressreleases\/292817\/notice-of-cyber-security-breach-by-third-party-1."},{"key":"ref_147","unstructured":"Asia, N. (2023, October 16). Toyota Halts Operations at All Japan Plants Due to Cyberattack. Available online: https:\/\/asia.nikkei.com\/Spotlight\/Supply-Chain\/Toyota-halts-operations-at-all-Japan-plants-due-to-cyberattack."},{"key":"ref_148","unstructured":"Denso (2023, October 16). Notice of Unauthorized Access to Group Company: Newsroom: News: Denso Global Website. Available online: https:\/\/www.denso.com\/global\/en\/news\/newsroom\/2022\/20220314-g01\/."},{"key":"ref_149","unstructured":"Redazione (2023, October 16). La Ferrari \u00e8 Stata Colpita Dal Ransomware Ransomexx. 7GB di Dati Scaricabili Online. Available online: https:\/\/www.redhotcyber.com\/post\/la-ferrari-e-stata-colpita-dal-ransomware-ransomexx-7gb-di."},{"key":"ref_150","unstructured":"Nio (2023, October 16). Statement on Data Security Incidents. Available online: https:\/\/app.nio.com\/app\/web\/v2\/share_comment?id=2284166&type=essay."},{"key":"ref_151","doi-asserted-by":"crossref","first-page":"64","DOI":"10.1109\/MCC.2016.63","article-title":"Threats to networking cloud and edge datacenters in the Internet of Things","volume":"3","author":"Puthal","year":"2016","journal-title":"IEEE Cloud Comput."},{"key":"ref_152","unstructured":"Huiyu, W. (2023, October 16). X-in-the-Middle: Attacking Fast Charging Electric Vehicles. Available online: https:\/\/conference.hitb.org\/hitbsecconf2021ams\/sessions\/x-in-the-middle-attacking-fast-charging-electric-vehicles\/."},{"key":"ref_153","unstructured":"Eckert, S. (2023, October 16). Replay Attack: Numerous Traffic Lights in Germany are Vulnerable to Manipulation. Available online: https:\/\/twitter.com\/sveckert\/status\/1600443031915663360."},{"key":"ref_154","doi-asserted-by":"crossref","first-page":"103539","DOI":"10.1016\/j.csi.2021.103539","article-title":"A taxonomy of attack mechanisms in the automotive domain","volume":"78","author":"Pekaric","year":"2021","journal-title":"Comput. Stand. Interfaces"}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/24\/1\/241\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,1,2]],"date-time":"2024-01-02T05:17:25Z","timestamp":1704172645000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/24\/1\/241"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,12,31]]},"references-count":154,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2024,1]]}},"alternative-id":["s24010241"],"URL":"https:\/\/doi.org\/10.3390\/s24010241","relation":{},"ISSN":["1424-8220"],"issn-type":[{"type":"electronic","value":"1424-8220"}],"subject":[],"published":{"date-parts":[[2023,12,31]]}}}