Future of cyber-security in connected and autonomous mobility analysed by WMG

The Cyber Security for Connected and Autonomous Mobility (CAM) has been investigated in a series of projects funded by the Centre for Connected and Autonomous Vehicles (CCAV) and supported by Zenzic and InnovateUK (part of UKRI).

Out of Seven projects, WMG, at the University of Warwick was involved in three:

1. Positioning, Navigation and Timing (PNT) Cyber Resilience: a Lab2Live Observer Based Approach

2. ResiCAV

3. BeARCAT

Each project was tasked with exploring innovative methods for measuring and monitoring cyber security, defining a set of requirements for a future Cyber Security facility/capability and understanding the commercial landscape for such a facility.

These 3 objectives were addressed across a number of different themes with Cyber for CAM: Monitoring, Threats to connected vehicle, networks, Threats to automated vehicles or Countermeasure and risk mitigation.

Dr Elijah Adegoke, from WMG, University of Warwick was involved in the PNT Cyber Resilience project. In collaboration with Spirent, key recommendations made to Government include that spoofing and jamming attacks on GNSS signals are capable of leading to severe loss of functionality and safety in CAVs; thus there is an urgent need to invest in independent facilities capable of seamlessly testing attacks on CAM PNT systems in both controlled laboratory and live environments.

Zenzic, the University of Warwick and Spirent now aim to work with standardisation bodies to guide the development of GNSS attack detection and GNSS resiliency assessment standards, and the responsible disclosure of information on threat actors and attack events.

Dr Adegoke commented: "To investigate jamming and spoofing in CAM PNT systems, a test facility needs to be able to quantify the resilience of a CAV against both radio frequency based and software attacks for diverse receiver operating systems and hardware architectures. Access to a drive-in anechoic chamber, such as WMG's Communications and Sensors Lab in the Professor Lord Bhattacharyya Building, to allow the legal testing of over-the-air attacks is highly beneficial."

Professor Carsten Maple, of WMG, University of Warwick, was involved in ResiCAV and BeARCAT.

ResiCAV was led by Horiba Mira, and highlighted how connected and autonomous vehicles (CAVs) and their associated infrastructure can develop real-time responsiveness to cybersecurity threats, and highlighted the 'urgent need' for a national road transport cybersecurity programme in order for the UK to safely support CAV adoption across the transport network. Professor Carsten Maple comments:

"The ResiCAV project has proven that the UK could become a world-leader in automotive cybersecurity and vehicle resilience, however this can only be done if there is a collaboration between industry and the shared use of testbeds. The project has shown that cyber resilience can only be effectively achieved by developing a new engineering methodology. We have, with partners, started the journey to formalising the methodology, and provide the tools and techniques for achieving resilience through manufacture and operation.

"I hope this next step after this project is to see funding for the development of the 'UK Centre of Excellence for Road Transport Cybersecurity Resilience' to thrust the UK to the forefront of automotive cybersecurity."

Professor Maple was also involved in BeARCAT, led by Cisco the BeARCAT project highlights that with the high infrastructure set-up costs and extensive overheads in the management of a test facility for automotive cyber security, the most cost-effective course of action is for a UK CTF (Cyber Test Facility) to be collocated with the existing testbeds. He comments:

"We are pleased to have developed a Security Framework for cyber security testing in the CAV ecosystem, including coverage of security threat modelling and risk assessment. Working with our partners we have defined mechanisms for communications resilience and provide a blueprint, based on the security framework, for testing certification. We hope these contributions will be helpful to the Government as it seeks to establish a world-leading capability in developing and assessing cyber security for automotive systems."

All three projects prove the UK could be pioneering Cyber Security in Connected and Autonomous Mobility if companies within the industry work together to share resources and testbeds, which could bring autonomous vehicles one step closer to our roads.

/Public Release. This material from the originating organization/author(s) might be of the point-in-time nature, and edited for clarity, style and length. Mirage.News does not take institutional positions or sides, and all views, positions, and conclusions expressed herein are solely those of the author(s).View in full here.