Abstract
The automotive industry is maximizing cooperative interactions between vehicular sensors and infrastructure components to make intelligent decisions in its application (i.e., traffic management, navigation, or autonomous driving services). This cooperative behaviour also extends to security. More connected and cooperative components of vehicular intelligent transportation systems (ITS) result in an increased potential for malicious attacks that can negatively impact security and safety. The security risks in one architecture layer affect other layers of ITS; thus, cooperation is essential for secure operations of these systems. This paper presents results from a comprehensive literature review on the state-of-the-art of security risk management in vehicular ITS, evaluating its assets, threats/risks, and countermeasures. We examine these security elements along the dimensions of the perception, network, and application architecture layers of ITS. The study reveals gaps in ITS security risk management research within these architecture layers and provides suggestions for future research.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Al-Kahtani, M.S.: Survey on security attacks in vehicular ad hoc networks (VANETs). In: 2012 6th International Conference on Signal Processing and Communication Systems, pp. 1–9. IEEE (2012)
Atzori, L., Iera, A., Morabito, G.: The Internet of Things: a survey. Comput. Netw. 54(15), 2787–2805 (2010)
Badampudi, D., Wohlin, C., Petersen, K.: Experiences from using snowballing and database searches in systematic literature studies. In: Proceedings of the 19th International Conference on Evaluation and Assessment in Software Engineering, p. 17. ACM (2015)
Barth, M., Boriboonsomsin, K.: Energy and emissions impacts of a freeway-based dynamic eco-driving system. Transp. Res. Part D: Transp. Environ. 14(6), 400–410 (2009)
Bojan, T.M., Kumar, U.R., Bojan, V.M.: An Internet of Things based intelligent transportation system. In: 2014 IEEE International Conference on Vehicular Electronics and Safety, pp. 174–179. IEEE (2014)
Boriboonsomsin, K., Barth, M.J., Zhu, W., Vu, A.: Eco-routing navigation system based on multisource historical and real-time traffic information. IEEE Trans. Intell. Transp. Syst. 13(4), 1694–1704 (2012)
Cervero, R., Tsai, Y.: City Carshare in San Francisco, California: second-year travel demand and car ownership impacts. Transp. Res. Rec.: J. Transp. Res. Board 1887(1), 117–127 (2004)
Chen, Q., Sowan, A.K., Xu, S.: A safety and security architecture for reducing accidents in intelligent transportation systems. In: Proceedings of the International Conference on Computer-Aided Design, p. 95. ACM (2018)
DCSSL: Ebios: Expression of needs and identification of security objectives (2005)
De La Torre, G., Rad, P., Choo, K.K.R.: Driverless vehicle security: challenges and future research opportunities. Future Gener. Comput. Syst. (2018)
Den Hartog, J., Zannone, N., et al.: Security and privacy for innovative automotive applications: a survey. Comput. Commun. 132, 17–41 (2018)
Dominic, D., Chhawri, S., Eustice, R.M., Ma, D., Weimerskirch, A.: Risk assessment for cooperative automated driving. In: Proceedings of the 2nd ACM Workshop on Cyber-Physical Systems Security and Privacy, pp. 47–58. ACM (2016)
D’Orey, P.M., Ferreira, M.: ITS for sustainable mobility: a survey on applications and impact assessment tools. IEEE Trans. Intell. Transp. Syst. 15(2), 477–493 (2014). https://doi.org/10.1109/TITS.2013.2287257
Dubois, É., Heymans, P., Mayer, N., Matulevičius, R.: A systematic approach to define the domain of information system security risk management. In: Nurcan, S., Salinesi, C., Souveyet, C., Ralyté, J. (eds.) Intentional Perspectives on Information Systems Engineering, pp. 289–306. Springer, Heidelberg (2010)
Engoulou, R.G., Bellaïche, M., Pierre, S., Quintero, A.: VANET security surveys. Comput. Commun. 44, 1–13 (2014)
ENISA: Inventory of risk assessment and risk management methods (2005)
Ferreira, M., D’Orey, P.M.: On the impact of virtual traffic lights on carbon emissions mitigation. IEEE Trans. Intell. Transp. Syst. 13(1), 284–295 (2012)
Firesmith, D.: Engineering safety and security-related requirements for software-intensive systems. Carnegie-Mellon University Pittsburg PA Software Engineering Institute, Technical report (2007)
Firesmith, D., et al.: Engineering security requirements. J. Object Technol. 2(1), 53–68 (2003)
Fries, R., Chowdhury, M., Brummond, J.: Transportation Infrastructure Security Utilizing Intelligent Transportation Systems. Wiley, Hoboken (2009)
Hamida, E., Noura, H., Znaidi, W.: Security of cooperative intelligent transport systems: standards threats analysis and cryptographic countermeasures. Electronics 4(3), 380–423 (2015)
Hasrouny, H., Samhat, A.E., Bassil, C., Laouiti, A.: VANet security challenges and solutions: a survey. Veh. Commun. 7, 7–20 (2017)
Huang, S., Sadek, A.W., Zhao, Y.: Assessing the mobility and environmental benefits of reservation-based intelligent intersections using an integrated simulator. IEEE Trans. Intell. Transp. Syst. 13(3), 1201–1214 (2012)
Hussain, S., Kamal, A., Ahmad, S., Rasool, G., Iqbal, S.: Threat modelling methodologies: a survey. Sci. Int. (Lahore) 26(4), 1607–1609 (2014)
ISO/IEC: 27001: 2013: Information technology-security techniques-information security management systems-requirements (2013)
Kitchenham, B., Brereton, O.P., Budgen, D., Turner, M., Bailey, J., Linkman, S.: Systematic literature reviews in software engineering - a systematic literature review. Inf. Softw. Technol. 51(1), 7–15 (2009)
Kitchenham, B., Pretorius, R., Budgen, D., Brereton, O.P., Turner, M., Niazi, M., Linkman, S.: Systematic literature reviews in software engineering - a tertiary study. Inf. Softw. Technol. 52(8), 792–805 (2010)
Kong, H.K., Hong, M.K., Kim, T.S.: Security risk assessment framework for smart car using the attack tree analysis. J. Ambient Intell. Humanized Comput. 9(3), 531–551 (2018)
Laurendeau, C., Barbeau, M.: Threats to security in DSRC/WAVE. In: Kunz, T., Ravi, S.S. (eds.) ADHOC-NOW 2006. LNCS, vol. 4104, pp. 266–279. Springer, Heidelberg (2006). https://doi.org/10.1007/11814764_22
Li, L.: Study on security architecture in the Internet of Things. In: Proceedings of 2012 International Conference on Measurement, Information and Control, vol. 1, pp. 374–377. IEEE (2012)
Lu, Y., Maple, C., Sheik, T., Alhagagi, H., Watson, T., Dianati, M., Mouzakitis, A.: Analysis of cyber risk and associated concentration of research (ACR) 2 in the security of vehicular edge clouds. In: Living in the Internet of Things: Cybersecurity of the IoT - 2018, pp. 1–11. IET (2018)
Malakorn, K.J., Park, B.: Assessment of mobility, energy, and environment impacts of IntelliDrive-based cooperative adaptive cruise control and intelligent traffic signal control. In: 2010 IEEE International Symposium on Sustainable Systems and Technology (ISSST), pp. 1–6. IEEE, IEEE (2010)
Matulevičius, R.: Fundamentals of Secure System Modelling. Springer, Heidelberg (2017)
Mejri, M.N., Jalel, B.O., Hamdi, M.: Survey on VANET security challenges and possible cryptographic solutions. Veh. Commun. 1(2), 53–66 (2014)
Moalla, R., Labiod, H., Lonc, B., Simoni, N.: Risk analysis study of its communication architecture. In: 2012 3rd International Conference on the Network of the Future (NOF), pp. 1–5. IEEE (2012)
Morris, B.T., Tran, C., Scora, G., Trivedi, M.M., Barth, M.J.: Real-time video-based traffic measurement and visualization system for energy/emissions. IEEE Trans. Intell. Transp. Syst. 13(4), 1667–1678 (2012)
Mukisa, S.S., Rashid, A.: Cyber-security challenges of agent technology in intelligent transportation systems. In: Proceedings of the 1st International Workshop on Agents and CyberSecurity, p. 9. ACM (2014)
ben Othmane, L., Ranchal, R., Fernando, R., Bhargava, B., Bodden, E.: Incorporating attacker capabilities in risk estimation and mitigation. Comput. Secur. 51, 41–61 (2015)
OWASP: Top 10 IoT Vulnerabilities (2014)
Pelzl, J., Wolf, M., Wollinger, T.: Automotive embedded systems applications and platform embedded security requirements. In: Markantonakis, K., Mayes, K. (eds.) Secure Smart Embedded Devices, Platforms and Applications, pp. 287–309. Springer, New York (2014). https://doi.org/10.1007/978-1-4614-7915-4_12
Perallos, A., Hernandez-Jayo, U., Zuazola, I.J.G., Onieva, E.: Intelligent Transport Systems: Technologies and Applications. Wiley, Hoboken (2015)
Ruddle, A.R., Ward, D.D., Perallos, A., Hernandez-Jayo, U., Onieva, E., Garcıa-Zuazola, I.: Cyber security risk analysis for intelligent transport systems and in-vehicle networks. In: Intelligent Transport Systems Technologies and Applications, p. 83 (2015)
Servin, O., Boriboonsomsin, K., Barth, M.: An energy and emissions impact evaluation of intelligent speed adaptation. In: 2006 IEEE Intelligent Transportation Systems Conference, ITSC 2006, pp. 1257–1262. IEEE (2006)
Shostack, A.: Threat Modeling: Designing for Security. Wiley, Hoboken (2014)
Sun, Y., Wu, L., Wu, S., Li, S., Zhang, T., Zhang, L., Xu, J., Xiong, Y., Cui, X.: Attacks and countermeasures in the internet of vehicles. Ann. Telecommun. 72(5–6), 283–295 (2017)
Tao, C.C.: Dynamic taxi-sharing service using intelligent transportation system technologies. In: 2007 International Conference on Wireless Communications, Networking and Mobile Computing, WiCom 2007, pp. 3209–3212. IEEE (2007)
Tbatou, S., Ramrami, A., Tabii, Y.: Security of communications in connected cars modeling and safety assessment. In: Proceedings of the 2nd International Conference on Big Data, Cloud and Applications, p. 56. ACM (2017)
Tielert, T., Killat, M., Hartenstein, H., Luz, R., Hausberger, S., Benz, T.: The impact of traffic-light-to-vehicle communication on fuel consumption and emissions. In: 2010 Internet of Things (IOT), pp. 1–8. IEEE (2010)
Tsugawa, S., Kato, S., Aoki, K.: An automated truck platoon for energy saving. In: 2011 IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS), pp. 4109–4114. IEEE (2011)
Wohlin, C.: Guidelines for snowballing in systematic literature studies and a replication in software engineering. In: Proceedings of the 18th International Conference on Evaluation And Assessment in Software Engineering, p. 38. ACM (2014)
Yang, X., Li, Z., Geng, Z., Zhang, H.: A multi-layer security model for Internet of Things. In: Wang, Y., Zhang, X. (eds.) IOT 2012. CCIS, vol. 312, pp. 388–393. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32427-7_54
Yang, Z., Yue, Y., Yang, Y., Peng, Y., Wang, X., Liu, W.: Study and application on the architecture and key technologies for IoT. In: 2011 International Conference on Multimedia Technology, pp. 747–751. IEEE (2011)
Yousuf, O., Mir, R.N.: A survey on the Internet of Things security: state-of-art, architecture, issues and countermeasures. Inf. Comput. Secur. 27(2), 292–323 (2019)
Zhang, Z., Cho, M.C.Y., Wang, C., Hsu, C., Chen, C., Shieh, S.: IoT security: ongoing challenges and research opportunities. In: 2014 IEEE 7th International Conference on Service-Oriented Computing and Applications, pp. 230–234 (2014)
Zhao, K., Ge, L.: A Survey on the Internet of Things security. In: 2013 9th International Conference on Computational Intelligence and Security, pp. 663–667. IEEE (2013)
Zhou, H., Liu, B., Wang, D.: Design and research of urban intelligent transportation system based on the Internet of Things. In: Wang, Y., Zhang, X. (eds.) IOT 2012. CCIS, vol. 312, pp. 572–580. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32427-7_82
Acknowledgments
This paper is supported in part by European Union’s Horizon 2020 research and innovation programme under grant agreement No 830892, project SPARTA.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Affia, AA.O., Matulevičius, R., Nolte, A. (2019). Security Risk Management in Cooperative Intelligent Transportation Systems: A Systematic Literature Review. In: Panetto, H., Debruyne, C., Hepp, M., Lewis, D., Ardagna, C., Meersman, R. (eds) On the Move to Meaningful Internet Systems: OTM 2019 Conferences. OTM 2019. Lecture Notes in Computer Science(), vol 11877. Springer, Cham. https://doi.org/10.1007/978-3-030-33246-4_18
Download citation
DOI: https://doi.org/10.1007/978-3-030-33246-4_18
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-33245-7
Online ISBN: 978-3-030-33246-4
eBook Packages: Computer ScienceComputer Science (R0)