Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Autonomous Vehicle Security: A Deep Dive into Threat Modeling

Amal Yousseef, Shalaka Satam, Banafsheh Saber Latibari, Jesus Pacheco, Soheil Salehi, Salim Hariri, Partik Satam

TL;DR

The paper tackles securing autonomous vehicles by surveying threat modeling approaches and real-world attack vectors that leverage AV interconnectivity. It evaluates threat modeling frameworks such as STRIDE, DREAD, and MITRE ATT&CK in the AV context and maps threats to sensor, network, and software components. Key contributions include a structured comparison of frameworks, representative case studies, and exploring future solutions like blockchain for V2X, AI-driven threat detection, and secure OTA updates, along with legal and ethical considerations. The work underlines the need for multi-layered, threat-model-driven defenses to enhance safety, privacy, and regulatory compliance in autonomous mobility.

Abstract

Autonomous vehicles (AVs) are poised to revolutionize modern transportation, offering enhanced safety, efficiency, and convenience. However, the increasing complexity and connectivity of AV systems introduce significant cybersecurity challenges. This paper provides a comprehensive survey of AV security with a focus on threat modeling frameworks, including STRIDE, DREAD, and MITRE ATT\&CK, to systematically identify and mitigate potential risks. The survey examines key components of AV architectures, such as sensors, communication modules, and electronic control units (ECUs), and explores common attack vectors like wireless communication exploits, sensor spoofing, and firmware vulnerabilities. Through case studies of real-world incidents, such as the Jeep Cherokee and Tesla Model S exploits, the paper highlights the critical need for robust security measures. Emerging technologies, including blockchain for secure Vehicle-to-Everything (V2X) communication, AI-driven threat detection, and secure Over-The-Air (OTA) updates, are discussed as potential solutions to mitigate evolving threats. The paper also addresses legal and ethical considerations, emphasizing data privacy, user safety, and regulatory compliance. By combining threat modeling frameworks, multi-layered security strategies, and proactive defenses, this survey offers insights and recommendations for enhancing the cybersecurity of autonomous vehicles.

Autonomous Vehicle Security: A Deep Dive into Threat Modeling

TL;DR

The paper tackles securing autonomous vehicles by surveying threat modeling approaches and real-world attack vectors that leverage AV interconnectivity. It evaluates threat modeling frameworks such as STRIDE, DREAD, and MITRE ATT&CK in the AV context and maps threats to sensor, network, and software components. Key contributions include a structured comparison of frameworks, representative case studies, and exploring future solutions like blockchain for V2X, AI-driven threat detection, and secure OTA updates, along with legal and ethical considerations. The work underlines the need for multi-layered, threat-model-driven defenses to enhance safety, privacy, and regulatory compliance in autonomous mobility.

Abstract

Autonomous vehicles (AVs) are poised to revolutionize modern transportation, offering enhanced safety, efficiency, and convenience. However, the increasing complexity and connectivity of AV systems introduce significant cybersecurity challenges. This paper provides a comprehensive survey of AV security with a focus on threat modeling frameworks, including STRIDE, DREAD, and MITRE ATT\&CK, to systematically identify and mitigate potential risks. The survey examines key components of AV architectures, such as sensors, communication modules, and electronic control units (ECUs), and explores common attack vectors like wireless communication exploits, sensor spoofing, and firmware vulnerabilities. Through case studies of real-world incidents, such as the Jeep Cherokee and Tesla Model S exploits, the paper highlights the critical need for robust security measures. Emerging technologies, including blockchain for secure Vehicle-to-Everything (V2X) communication, AI-driven threat detection, and secure Over-The-Air (OTA) updates, are discussed as potential solutions to mitigate evolving threats. The paper also addresses legal and ethical considerations, emphasizing data privacy, user safety, and regulatory compliance. By combining threat modeling frameworks, multi-layered security strategies, and proactive defenses, this survey offers insights and recommendations for enhancing the cybersecurity of autonomous vehicles.

Paper Structure

This paper contains 41 sections, 7 figures, 2 tables.

Table of Contents

  1. Introduction
  2. Background on Autonomous Vehicles
  3. B. Evolution of Cybersecurity Challenges in AVs
  4. Importance of Security in Autonomous Vehicles
  5. Objectives and Scope of the Survey
  6. Structure of the Paper
  7. Autonomous Vehicles
  8. Overview of Autonomous Vehicle Architecture
  9. Example Vehicle Architectures
  10. Generic Autonomous Vehicle Architecture
  11. Autonomous Vehicle cybersecurity Attacks
  12. Common Cybersecurity Attack Vectors in AVs
  13. Emerging Cybersecurity Threats
  14. Mitigation Strategies
  15. Case Studies
  16. ...and 26 more sections

Figures (7)

  • Figure 1: Jeep Cherokee Network Architecture miller2015remote.
  • Figure 2: Lexus Network Architecture tencent2020.
  • Figure 3: Tesla Network Architecture mahaffey2015.
  • Figure 4: Automation level 2 or 3 wiring harness ixia2014.
  • Figure 5: Generic AV Architecture.
  • ...and 2 more figures