Threat Analysis of Position, Navigation, and Timing for Highly Automated Vehicles

This paper focuses on threat and vulnerability analysis using a cooperative navigation strategy for highly automated vehicles operating at smart intersections. This work considers highly automated vehicles (HAVs) to operate simultaneously with connected but non-cooperative vehicles. The proposed work uses the beyond visual range information to reduce vulnerable situations. The safety of Vulnerable road users and the framework of Cooperative navigation is accomplished by using the data from the Road-Side Units (RSU) and On-board Units (OBU). Signalized intersection scenario uses information from the RSU, OBU, Autonomous Intersection Management (AIM) system, and Smart Traffic Lights (STL). This work presents the attack trees of the sensors used in automotive industries to calculate Position, Navigation, and Timing (PNT) solutions. This paper also presents systems Failure Mode and Effect Analysis (FMEA) to see the hazards related to the attack on the sensor, its effect on the subsystems, and the PNT solutions outcome. Threats and vulnerabilities are further validated by the design and test of the cooperative navigation algorithm and their quantitative results. Safety results are also used to generate the Threat Assessment and Risk Analysis (TARA) matrix for quantities analysis. The presented threat and vulnerability analysis are the near future requirement where the vehicle depends on onboard sensors and utilizes information from infrastructure devices. Jamming of infrastructure devices and interference into the OBU is enforced to evaluate the cooperative navigation framework in vulnerable situations occurring at the intersection. The results presented in this work will help enhance safety at smart intersections and drive attention toward more fatal scenarios. A literature survey was conducted to generate the relationship between the sensors and the subsystem shown in figure 2. Further analyses were done to develop the link between vulnerabilities and threats associated with sensors, shown in figure 3. Threats and vulnerabilities on cooperative autonomous driving system risk analysis through Attack trees that were developed based on literature review. Figure 4 to 9 shows the attack tree that defines the sensors' vulnerabilities that lead to threats. Figure 10 shows the FMEA of HAVs that established the link between sensors with the subsystem. Since errors generated in each subsystem will lead to errors in PNT solutions, Therefore figure 10 shows the link between the affected PNT solution with threats associated with the faulty solution. To enhance safety, a cooperative navigation framework is used to validate the scenario and threat risk analysis based on the literature review in relation to subsystems, sensors, threats, and vulnerabilities as mentioned in figures 2 and 3. Multiple threat scenarios were simulated and results of separation between ego vehicle and actor vehicles were presented in figures 12, 13, and 14. Figures 12, 13, and 14 show the separation in terms of time, and the minimum allowable safe separation is 2 sec. The vehicle having separation below 2 seconds will end up in vulnerable situations. Table 1 shows the level of severity with three distinct colors that are red, green, and yellow. The red color cell shows that the vehicle is operating in the most vulnerable situations. This work presents the threats and vulnerabilities of connected autonomous vehicles and validates the risk associated with each subsystem. To further enhance safety this work can also be extended to other subsystems since only path-following and collision-avoidance results were validated. This analysis will enhance and contribute to the safety of the connected autonomous vehicles operating at the smart intersection. In the future analysis of the Dynamic scenarios can be done for the enhancement of intersection safety.