Journal article 687 views 107 downloads
A simulation framework for automotive cybersecurity risk assessment
Don Nalin Dharshana Jayaratne 
,
Suraj Harsha Kamtam ,
Siraj Shaikh ,
Muhamad Azfar Ramli ,
Qian Lu,
Rakhi Manohar Mepparambath ,
Hoang Nguyen ,
Abdur Rakib
,
Suraj Harsha Kamtam ,
Siraj Shaikh ,
Muhamad Azfar Ramli ,
Qian Lu,
Rakhi Manohar Mepparambath ,
Hoang Nguyen ,
Abdur Rakib
Simulation Modelling Practice and Theory, Volume: 136, Start page: 103005
Swansea University Authors:
Siraj Shaikh , Hoang Nguyen
-
PDF | Version of Record
© 2024 The Author(s). This is an open access article under the CC BY license.
Download (1.6MB)
DOI (Published version): 10.1016/j.simpat.2024.103005
Abstract
Human-initiated disruptions such as cyberattacks on connected vehicles have the potential to cause cascading failures in transport systems, leading to systemic risks. ‘ISO/SAE 21434:2021 Road vehicles - Cybersecurity engineering’ is the current standard for risk management of road vehicles. However,...
| Published in: | Simulation Modelling Practice and Theory |
|---|---|
| ISSN: | 1569-190X |
| Published: |
Elsevier BV
2024
|
| Online Access: |
Check full text
|
| URI: | https://cronfa.swan.ac.uk/Record/cronfa67382 |
| first_indexed |
2024-08-15T10:38:16Z |
|---|---|
| last_indexed |
2024-11-25T14:20:04Z |
| id |
cronfa67382 |
| recordtype |
SURis |
| fullrecord |
<?xml version="1.0"?><rfc1807><datestamp>2024-09-20T15:51:50.6718734</datestamp><bib-version>v2</bib-version><id>67382</id><entry>2024-08-15</entry><title>A simulation framework for automotive cybersecurity risk assessment</title><swanseaauthors><author><sid>50117e8faac2d0937989e14847105704</sid><ORCID>0000-0002-0726-3319</ORCID><firstname>Siraj</firstname><surname>Shaikh</surname><name>Siraj Shaikh</name><active>true</active><ethesisStudent>false</ethesisStudent></author><author><sid>cb24d5c5080534dc5b5e3390f24dd422</sid><ORCID>0000-0003-0260-1697</ORCID><firstname>Hoang</firstname><surname>Nguyen</surname><name>Hoang Nguyen</name><active>true</active><ethesisStudent>false</ethesisStudent></author></swanseaauthors><date>2024-08-15</date><deptcode>MACS</deptcode><abstract>Human-initiated disruptions such as cyberattacks on connected vehicles have the potential to cause cascading failures in transport systems, leading to systemic risks. ‘ISO/SAE 21434:2021 Road vehicles - Cybersecurity engineering’ is the current standard for risk management of road vehicles. However, the threat analysis and risk assessment framework given in the standard focuses on asset-level analysis and assessment. Hence, this study develops a novel simulation-based framework to perform threat analysis and risk assessment on connected vehicles from a transport network perspective. The proposed framework is developed based on the ISO/SAE 21434 threat analysis and risk assessment methodology. We demonstrate the applicability and usefulness of the framework through a remote attack via the cellular network on the in-vehicle communication bus system of a connected vehicle to show the potential impacts on the transport network. Based on the findings of our case studies, we exemplify how cyberattacks on individual system components of a connected vehicle have the potential to cause systemic failures.</abstract><type>Journal Article</type><journal>Simulation Modelling Practice and Theory</journal><volume>136</volume><journalNumber/><paginationStart>103005</paginationStart><paginationEnd/><publisher>Elsevier BV</publisher><placeOfPublication/><isbnPrint/><isbnElectronic/><issnPrint>1569-190X</issnPrint><issnElectronic/><keywords>Connected vehicles; Automotive cybersecurity; Risk assessment; Simulation</keywords><publishedDay>1</publishedDay><publishedMonth>11</publishedMonth><publishedYear>2024</publishedYear><publishedDate>2024-11-01</publishedDate><doi>10.1016/j.simpat.2024.103005</doi><url/><notes/><college>COLLEGE NANME</college><department>Mathematics and Computer Science School</department><CollegeCode>COLLEGE CODE</CollegeCode><DepartmentCode>MACS</DepartmentCode><institution>Swansea University</institution><apcterm/><funders>This work was supported by Coventry University and the A*STAR Research Attachment Programme (ARAP) .</funders><projectreference/><lastEdited>2024-09-20T15:51:50.6718734</lastEdited><Created>2024-08-15T11:35:17.9310000</Created><path><level id="1">Faculty of Science and Engineering</level><level id="2">School of Mathematics and Computer Science - Computer Science</level></path><authors><author><firstname>Don Nalin Dharshana</firstname><surname>Jayaratne</surname><orcid>0000-0001-9493-5808</orcid><order>1</order></author><author><firstname>Suraj Harsha</firstname><surname>Kamtam</surname><orcid>0000-0003-4687-796x</orcid><order>2</order></author><author><firstname>Siraj</firstname><surname>Shaikh</surname><orcid>0000-0002-0726-3319</orcid><order>3</order></author><author><firstname>Muhamad Azfar</firstname><surname>Ramli</surname><orcid>0000-0002-6321-0828</orcid><order>4</order></author><author><firstname>Qian</firstname><surname>Lu</surname><order>5</order></author><author><firstname>Rakhi Manohar</firstname><surname>Mepparambath</surname><orcid>0000-0003-3308-7838</orcid><order>6</order></author><author><firstname>Hoang</firstname><surname>Nguyen</surname><orcid>0000-0003-0260-1697</orcid><order>7</order></author><author><firstname>Abdur</firstname><surname>Rakib</surname><order>8</order></author></authors><documents><document><filename>67382__31121__a88fafafca7640b7851ea349930dcc61.pdf</filename><originalFilename>67382.pdf</originalFilename><uploaded>2024-08-15T11:38:04.8586293</uploaded><type>Output</type><contentLength>1681009</contentLength><contentType>application/pdf</contentType><version>Version of Record</version><cronfaStatus>true</cronfaStatus><documentNotes>© 2024 The Author(s). This is an open access article under the CC BY license.</documentNotes><copyrightCorrect>true</copyrightCorrect><language>eng</language><licence>http://creativecommons.org/licenses/by/4.0/</licence></document></documents><OutputDurs/></rfc1807> |
| spelling |
2024-09-20T15:51:50.6718734 v2 67382 2024-08-15 A simulation framework for automotive cybersecurity risk assessment 50117e8faac2d0937989e14847105704 0000-0002-0726-3319 Siraj Shaikh Siraj Shaikh true false cb24d5c5080534dc5b5e3390f24dd422 0000-0003-0260-1697 Hoang Nguyen Hoang Nguyen true false 2024-08-15 MACS Human-initiated disruptions such as cyberattacks on connected vehicles have the potential to cause cascading failures in transport systems, leading to systemic risks. ‘ISO/SAE 21434:2021 Road vehicles - Cybersecurity engineering’ is the current standard for risk management of road vehicles. However, the threat analysis and risk assessment framework given in the standard focuses on asset-level analysis and assessment. Hence, this study develops a novel simulation-based framework to perform threat analysis and risk assessment on connected vehicles from a transport network perspective. The proposed framework is developed based on the ISO/SAE 21434 threat analysis and risk assessment methodology. We demonstrate the applicability and usefulness of the framework through a remote attack via the cellular network on the in-vehicle communication bus system of a connected vehicle to show the potential impacts on the transport network. Based on the findings of our case studies, we exemplify how cyberattacks on individual system components of a connected vehicle have the potential to cause systemic failures. Journal Article Simulation Modelling Practice and Theory 136 103005 Elsevier BV 1569-190X Connected vehicles; Automotive cybersecurity; Risk assessment; Simulation 1 11 2024 2024-11-01 10.1016/j.simpat.2024.103005 COLLEGE NANME Mathematics and Computer Science School COLLEGE CODE MACS Swansea University This work was supported by Coventry University and the A*STAR Research Attachment Programme (ARAP) . 2024-09-20T15:51:50.6718734 2024-08-15T11:35:17.9310000 Faculty of Science and Engineering School of Mathematics and Computer Science - Computer Science Don Nalin Dharshana Jayaratne 0000-0001-9493-5808 1 Suraj Harsha Kamtam 0000-0003-4687-796x 2 Siraj Shaikh 0000-0002-0726-3319 3 Muhamad Azfar Ramli 0000-0002-6321-0828 4 Qian Lu 5 Rakhi Manohar Mepparambath 0000-0003-3308-7838 6 Hoang Nguyen 0000-0003-0260-1697 7 Abdur Rakib 8 67382__31121__a88fafafca7640b7851ea349930dcc61.pdf 67382.pdf 2024-08-15T11:38:04.8586293 Output 1681009 application/pdf Version of Record true © 2024 The Author(s). This is an open access article under the CC BY license. true eng http://creativecommons.org/licenses/by/4.0/ |
| title |
A simulation framework for automotive cybersecurity risk assessment |
| spellingShingle |
A simulation framework for automotive cybersecurity risk assessment Siraj Shaikh Hoang Nguyen |
| title_short |
A simulation framework for automotive cybersecurity risk assessment |
| title_full |
A simulation framework for automotive cybersecurity risk assessment |
| title_fullStr |
A simulation framework for automotive cybersecurity risk assessment |
| title_full_unstemmed |
A simulation framework for automotive cybersecurity risk assessment |
| title_sort |
A simulation framework for automotive cybersecurity risk assessment |
| author_id_str_mv |
50117e8faac2d0937989e14847105704 cb24d5c5080534dc5b5e3390f24dd422 |
| author_id_fullname_str_mv |
50117e8faac2d0937989e14847105704_***_Siraj Shaikh cb24d5c5080534dc5b5e3390f24dd422_***_Hoang Nguyen |
| author |
Siraj Shaikh Hoang Nguyen |
| author2 |
Don Nalin Dharshana Jayaratne Suraj Harsha Kamtam Siraj Shaikh Muhamad Azfar Ramli Qian Lu Rakhi Manohar Mepparambath Hoang Nguyen Abdur Rakib |
| format |
Journal article |
| container_title |
Simulation Modelling Practice and Theory |
| container_volume |
136 |
| container_start_page |
103005 |
| publishDate |
2024 |
| institution |
Swansea University |
| issn |
1569-190X |
| doi_str_mv |
10.1016/j.simpat.2024.103005 |
| publisher |
Elsevier BV |
| college_str |
Faculty of Science and Engineering |
| hierarchytype |
|
| hierarchy_top_id |
facultyofscienceandengineering |
| hierarchy_top_title |
Faculty of Science and Engineering |
| hierarchy_parent_id |
facultyofscienceandengineering |
| hierarchy_parent_title |
Faculty of Science and Engineering |
| department_str |
School of Mathematics and Computer Science - Computer Science{{{_:::_}}}Faculty of Science and Engineering{{{_:::_}}}School of Mathematics and Computer Science - Computer Science |
| document_store_str |
1 |
| active_str |
0 |
| description |
Human-initiated disruptions such as cyberattacks on connected vehicles have the potential to cause cascading failures in transport systems, leading to systemic risks. ‘ISO/SAE 21434:2021 Road vehicles - Cybersecurity engineering’ is the current standard for risk management of road vehicles. However, the threat analysis and risk assessment framework given in the standard focuses on asset-level analysis and assessment. Hence, this study develops a novel simulation-based framework to perform threat analysis and risk assessment on connected vehicles from a transport network perspective. The proposed framework is developed based on the ISO/SAE 21434 threat analysis and risk assessment methodology. We demonstrate the applicability and usefulness of the framework through a remote attack via the cellular network on the in-vehicle communication bus system of a connected vehicle to show the potential impacts on the transport network. Based on the findings of our case studies, we exemplify how cyberattacks on individual system components of a connected vehicle have the potential to cause systemic failures. |
| published_date |
2024-11-01T17:34:51Z |
| _version_ |
1850690599562248192 |
| score |
11.08899 |