No Cover Image

Journal article 337 views 95 downloads

WOLVES: Window of Opportunity attack feasibility likelihood value estimation through a simulation-based approach

Suraj Harsha Kamtam Orcid Logo, Qian Lu Orcid Logo, Abdur Rakib Orcid Logo, Muhamad Azfar Ramli Orcid Logo, Rakhi Manohar Mepparambath Orcid Logo, Siraj Shaikh Orcid Logo, Hoang Nguyen Orcid Logo

Computers & Security, Volume: 157, Start page: 104549

Swansea University Authors: Siraj Shaikh Orcid Logo, Hoang Nguyen Orcid Logo

  • 69751.VoR.pdf

    PDF | Version of Record

    © 2025 The Authors. This is an open access article under the CC BY license.

    Download (3.4MB)

Check full text

DOI (Published version): 10.1016/j.cose.2025.104549

Abstract

The Road Vehicles Cybersecurity Engineering Standard, ISO/SAE 21434, provides a framework for road vehicle Threat Analysis and Risk Assessment (TARA). The TARA framework must include Connected Vehicles (CVs) and their connectivity with external interfaces. However, assessing cyber-attack feasibility...

Full description

Published in: Computers & Security
ISSN: 0167-4048 1872-6208
Published: Elsevier BV 2025
Online Access: Check full text

URI: https://cronfa.swan.ac.uk/Record/cronfa69751
Abstract: The Road Vehicles Cybersecurity Engineering Standard, ISO/SAE 21434, provides a framework for road vehicle Threat Analysis and Risk Assessment (TARA). The TARA framework must include Connected Vehicles (CVs) and their connectivity with external interfaces. However, assessing cyber-attack feasibility on CVs is a significant challenge, as traditionally, qualitative and subjective expert opinions are the norm. Additionally, there is a need for historical data on security-related incidents and dynamically evolving interconnected vehicle-to-everything (V2X) entities for feasibility assessment, which is not readily available. To address this problem, this paper presents, to the best of our knowledge, the first simulation-based TARA framework designed to characterise, quantify, and assess the Window of Opportunity (WO) for attackers—a metric that indicates the likelihood of an attack. A case study involving Bluetooth, with one attacker and one target, is modelled to demonstrate the proposed framework WOLVES’s applicability. Two scenarios have been investigated using different motorway roads in the UK. The primary outcome is the WOLVES framework, which employs a data-driven approach using both prior and likelihood information to estimate the probability of a successful cyber attack on a given technology in CVs. The findings from this research could assist threat analysts, decision-makers, and planners involved in CV risk assessment by enhancing the modelling of attack feasibility for cybersecurity threats in dynamic scenarios and developing appropriate mitigation strategies.
Keywords: Bluetooth communication; Attack feasibility assessment; Dynamic threat assessment; Vehicular Network Simulations; Window of Opportunity; Automotive cybersecurity
College: Faculty of Science and Engineering
Funders: This work was supported by Coventry University and the A*STAR Research Attachment Programme (ARAP) .
Start Page: 104549

Similar Items