Security risk assessment framework for smart car using the attack tree analysis

Security risk assessment framework for smart car using the attack tree analysis

As the automobile industry has recently adopted information technologies, the latter are being used to replace mechanical systems with electronically-controlled systems. Moreover, automobiles are evolving into smart cars or connected cars as they are connected to various IT devices and networks such...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Journal of ambient intelligence and humanized computing 2018-06, Vol.9 (3), p.531-551
Hauptverfasser: Kong, Hee-Kyung, Hong, Myoung Ki, Kim, Tae-Sung
Format: Artikel
Sprache:eng
Schlagworte:
Artificial Intelligence
Automobile safety
Automobiles
Autonomous vehicles
Code Division Multiple Access
Communication
Computational Intelligence
Electronic systems
Engineering
Information technology
Mechanical systems
Mobile ad hoc networks
Original Research
Risk analysis
Risk assessment
Robotics and Automation
Security management
Smart cars
Threat evaluation
User Interfaces and Human Computer Interaction
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:As the automobile industry has recently adopted information technologies, the latter are being used to replace mechanical systems with electronically-controlled systems. Moreover, automobiles are evolving into smart cars or connected cars as they are connected to various IT devices and networks such as VANET (Vehicular Ad hoc NETwork). Although there were no concerns about the hacking of automobiles in the past, various security threats are now emerging as electronic systems are gradually filling up the interiors of many automobiles, which are in turn being connected to external networks. As such, researchers have begun studying smart car security, leading to the disclosure of security threats through the testing or development of various automobile security technologies. However, the security threats facing smart cars do not occur frequently and, practically speaking, it is unrealistic to attempt to cope with every possible security threat when considering such factors as performance, compatibility, and so forth. Moreover, the excessive application of security technology will increase the overall vehicle cost and lower the effectiveness of investment. Therefore, smart car security risks should be assessed and prioritized to establish efficient security measures. To that end, this study constructed a security risk assessment framework in a bid to establish efficient measures for smart car security. The proposed security risk assessment framework configured the assessment procedure based on the conventional security risk analysis model GMITS (ISO13335) and utilized ‘attack tree analysis’ to assess the threats and vulnerabilities. The security risk assessment framework used the results of an asset analysis, threat/vulnerability analysis, and risk analysis to finally assess the risk and identify the risk rating. Moreover, it actually applied the proposed framework to assess security risks concerning targeted increases in vehicle velocity and leakages of personal information, which are the leading threats faced by smart cars. Here, the framework was applied to vehicle velocity increase and personal information leakage, which are the leading threats.
ISSN:1868-5137
1868-5145
DOI:10.1007/s12652-016-0442-8