School of Engineering, RMIT University, Melbourne, Australia.
School of Engineering, RMIT University, Melbourne, Australia.
Accid Anal Prev. 2022 Feb;165:106515. doi: 10.1016/j.aap.2021.106515. Epub 2021 Dec 8.
Emerging Connected and Autonomous Vehicles (CAVs) technology have a ubiquitous communication framework. It poses security challenges in the form of cyber-attacks, prompting rigorous cybersecurity measures. There is a lack of knowledge on the anticipated cause-effect relationships and mechanisms of CAVs cybersecurity and the possible system behaviour, especially the unintended consequences. Therefore, this study aims to develop a conceptual System Dynamics (SD) model to analyse cybersecurity in the complex, uncertain deployment of CAVs. Specifically, the SD model integrates six critical avenues and maps their respective parameters that either trigger or mitigate cyber-attacks in the operation of CAVs using a systematic theoretical approach. These six avenues are: i) CAVs communication framework, ii) secured physical access, iii) human factors, iv) CAVs penetration, v) regulatory laws and policy framework, and iv) trust-across the CAVs-industry and among the public. Based on the conceptual model, various system archetypes are analysed. "Fixes that Fail", in which the upsurge in hacker capability is the unintended natural result of technology maturity, requires continuous efforts to combat it. The primary mitigation steps are human behaviour analysis, knowledge of motivations and characteristics of CAVs cyber-attackers, CAVs users and Original Equipment Manufacturers education. "Shifting the burden", where policymakers counter the perceived cyber threats of hackers by updating legislation that also reduces CAVs adaptation by imitations, indicated the need for calculated regulatory and policy intervention. The "limits to success" triggered by CAVs penetration increase the defended hacks to establish regulatory laws, improve trust, and develop more human analysis. However, it may also open up caveats for cyber-crimes and alert that CAVs deployment to be alignment with the intended goals for enhancing cybersecurity. The proposed model can support decision-making and training and stimulate the roadmap towards an optimized, self-regulating, and resilient cyber-safe CAV system.
新兴的联网和自动驾驶汽车(CAV)技术具有无处不在的通信框架。它以网络攻击的形式带来了安全挑战,需要严格的网络安全措施。对于 CAV 网络安全的预期因果关系和机制以及可能的系统行为(尤其是意外后果),人们知之甚少。因此,本研究旨在开发一个概念性系统动力学(SD)模型,以分析 CAV 复杂且不确定部署中的网络安全问题。具体来说,该 SD 模型使用系统理论方法整合了六个关键途径,并映射了它们各自的参数,这些参数要么触发要么减轻了 CAV 运行中的网络攻击。这六个途径是:i)CAVs 通信框架,ii)安全的物理访问,iii)人为因素,iv)CAVs 渗透,v)法规法律和政策框架,以及 iv)CAVs 行业和公众之间的信任。基于概念模型,分析了各种系统原型。“失效的修复”,其中黑客能力的提高是技术成熟的意外自然结果,需要不断努力与之抗衡。主要缓解措施包括分析人为行为、了解 CAV 网络攻击者、CAVs 用户和原始设备制造商的动机和特征。“转移负担”,政策制定者通过更新立法来应对黑客感知到的网络威胁,这些立法也通过模仿来减少 CAVs 的适应性,这表明需要进行有计划的监管和政策干预。CAVs 渗透引发的“成功的限制”增加了防御性攻击,以制定监管法规、提高信任度并进行更多的人为分析。然而,这也可能为网络犯罪开辟漏洞,并提醒 CAVs 的部署要与增强网络安全的预期目标保持一致。该模型可以为决策制定和培训提供支持,并为实现优化、自我监管和有弹性的网络安全 CAV 系统的路线图提供动力。
