{"title":"对自适应巡航控制系统和紧急制动系统的网络攻击:对手模型、影响评估和应对措施","authors":"Adriana Berdich;Bogdan Groza","doi":"10.1109/TR.2024.3373810","DOIUrl":null,"url":null,"abstract":"In the recent years, there has been a lot of focus on designing security for in-vehicle networks and detecting intrusions. Still, no countermeasure is perfect and most of the existing intrusion detection systems have a nonzero false negative rate, which implies that adversarial frames may still go undetected on the bus. Unfortunately, answers are largely missing for what will happen with the vehicle in such circumstances, i.e., how is the safety of the vehicle and bystanders affected by adversarial actions that go undetected, while there are little or no answers on the acceptable misclassification rates in real-world deployments. In this article, we attempt to provide such answers by pursuing an impact assessment for adversarial actions on the bus assuming low false negative rates. The assessment is based on the effects of such attacks on models for automatic emergency braking and adaptive cruise control systems that are implemented in Simulink, a commonly used tool for designing such systems in the automotive industry. To achieve this, we embed adversarial behavior into the Simulink model, according to recently reported attacks on in-vehicle controller area network buses. This allows us to assess the impact of adversarial actions according to existing safety standards and regulations.","PeriodicalId":56305,"journal":{"name":"IEEE Transactions on Reliability","volume":"73 2","pages":"1216-1230"},"PeriodicalIF":5.0000,"publicationDate":"2024-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Cyberattacks on Adaptive Cruise Controls and Emergency Braking Systems: Adversary Models, Impact Assessment, and Countermeasures\",\"authors\":\"Adriana Berdich;Bogdan Groza\",\"doi\":\"10.1109/TR.2024.3373810\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In the recent years, there has been a lot of focus on designing security for in-vehicle networks and detecting intrusions. Still, no countermeasure is perfect and most of the existing intrusion detection systems have a nonzero false negative rate, which implies that adversarial frames may still go undetected on the bus. Unfortunately, answers are largely missing for what will happen with the vehicle in such circumstances, i.e., how is the safety of the vehicle and bystanders affected by adversarial actions that go undetected, while there are little or no answers on the acceptable misclassification rates in real-world deployments. In this article, we attempt to provide such answers by pursuing an impact assessment for adversarial actions on the bus assuming low false negative rates. The assessment is based on the effects of such attacks on models for automatic emergency braking and adaptive cruise control systems that are implemented in Simulink, a commonly used tool for designing such systems in the automotive industry. To achieve this, we embed adversarial behavior into the Simulink model, according to recently reported attacks on in-vehicle controller area network buses. This allows us to assess the impact of adversarial actions according to existing safety standards and regulations.\",\"PeriodicalId\":56305,\"journal\":{\"name\":\"IEEE Transactions on Reliability\",\"volume\":\"73 2\",\"pages\":\"1216-1230\"},\"PeriodicalIF\":5.0000,\"publicationDate\":\"2024-03-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Transactions on Reliability\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/10478772/\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Reliability","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10478772/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
Cyberattacks on Adaptive Cruise Controls and Emergency Braking Systems: Adversary Models, Impact Assessment, and Countermeasures
In the recent years, there has been a lot of focus on designing security for in-vehicle networks and detecting intrusions. Still, no countermeasure is perfect and most of the existing intrusion detection systems have a nonzero false negative rate, which implies that adversarial frames may still go undetected on the bus. Unfortunately, answers are largely missing for what will happen with the vehicle in such circumstances, i.e., how is the safety of the vehicle and bystanders affected by adversarial actions that go undetected, while there are little or no answers on the acceptable misclassification rates in real-world deployments. In this article, we attempt to provide such answers by pursuing an impact assessment for adversarial actions on the bus assuming low false negative rates. The assessment is based on the effects of such attacks on models for automatic emergency braking and adaptive cruise control systems that are implemented in Simulink, a commonly used tool for designing such systems in the automotive industry. To achieve this, we embed adversarial behavior into the Simulink model, according to recently reported attacks on in-vehicle controller area network buses. This allows us to assess the impact of adversarial actions according to existing safety standards and regulations.
期刊介绍:
IEEE Transactions on Reliability is a refereed journal for the reliability and allied disciplines including, but not limited to, maintainability, physics of failure, life testing, prognostics, design and manufacture for reliability, reliability for systems of systems, network availability, mission success, warranty, safety, and various measures of effectiveness. Topics eligible for publication range from hardware to software, from materials to systems, from consumer and industrial devices to manufacturing plants, from individual items to networks, from techniques for making things better to ways of predicting and measuring behavior in the field. As an engineering subject that supports new and existing technologies, we constantly expand into new areas of the assurance sciences.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
