Skip to main content
SpringerLink
Log in

UNECE Threat List Case Study: Prediction of Cyber Risks in the Automotive Domain Using Regression Analysis

  • Conference paper
  • First Online:
Computer Safety, Reliability, and Security. SAFECOMP 2022 Workshops (SAFECOMP 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13415))

Included in the following conference series:

  • 986 Accesses

Abstract

Cybersecurity has become a significant factor in the automotive industry. It is responsible for protecting data and critical components of the vehicle against cyberattacks. Automobile manufacturers should ensure their vehicle’s cybersecurity, considering the UNECE regulation for road vehicle approval. Estimating risk severity is critical in this domain for specifying appropriate security mechanisms to address existing cyber risks. To have an accurate risk evaluation, we need to consider multiple factors of likelihood and impact, which indicate the probability of risk occurrence and its severity. However, establishing a relationship amongst multiple factors of impact and likelihood remains a challenging problem that needs to be addressed. In this work, we propose applying machine learning regression analysis to create correlations between various independent factors of likelihood and impact for predicting dependent variables that indicate the assessment of cyber risk severities. We use the UNECE threat list as a case study to show how machine learning regression approaches may help predict realistic cyber risk estimations in the automotive domain. Finally, we evaluate outcomes to demonstrate the effectiveness of regression analysis for evaluating cyber risks in the automotive sector.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Shaaban, A.M., Schmittner, C., Gruber, T., Mohamed, A.B., Quirchmayr, G., Schikuta, E.: Ontology-based model for automotive security verification and validation. In: Proceedings of the 21st International Conference on Information Integration and Web-Based Applications & Services, iiWAS2019, pp. 73–82, NY. Association for Computing Machinery (2019)

    Google Scholar 

  2. Macher, G., Armengaud, E., Brenner, E., Kreiner, C.: Threat and risk assessment methodologies in the automotive domain. Procedia Comput. Sci. 83, 1288–1294 (2016)

    Article  Google Scholar 

  3. McAfee: Automotive security best practices. Technical report, McAfee (2016)

    Google Scholar 

  4. Kastebo, M., Nordh, V.: Model-based security testing in automotive industry. Master’s thesis, Department of Computer Science and Engineering, University of Gothenburg, Gothenburg, Sweden (2017)

    Google Scholar 

  5. Shaaban, A.M., Schmittner, C., Bonitz, A.: The design of a divide-and-conquer security framework for autonomous vehicles. In: The Eighth International Conference on Advances in Vehicular Systems, Technologies and Applications, pp. 94–102 (2019)

    Google Scholar 

  6. United Nations Economic Commission for Europe UNECE. CSOTA ad hoc “threats 2” (2017). https://wiki.unece.org/download/attachments/45383725/TFCS-ahT2-06%20%28Chair%29%20Table%20on%20CS%20threats%20-%20changes%20agreed%20by%20ahT2%20-%20non-cleaned%20up.xlsx?api=v2. Accessed 26 April 2022

  7. Python: Python language (2022). https://www.python.org. Accessed 07 June 2022

  8. The Task Force on and Cyber Security and Over-the-Air issues. Proposal for amendments to ECE/TRANS/WP.29/GRVA/2020/3 - draft new UN regulation on uniform provisions concerning the approval of vehicles with regard to cyber security and of their cybersecurity management systems (2020)

    Google Scholar 

  9. Shaaban, A.: An ontology-based cybersecurity framework for the automotive domain - design, implementation, and evaluation. PhD thesis, Faculty of Computer Science, University of Vienna, Austria (2021). https://utheses.univie.ac.at/detail/59948

  10. Schmittner, C., Latzenhofer, M., Magdy, S.A., Hofer, M.: A proposal for a comprehensive automotive cybersecurity reference architecture. In: The 7th International Conference on Advances in Vehicular Systems, Technologies and Applications (2018)

    Google Scholar 

  11. ISO/FDIS: ISO/FDIS 26262-9 Road vehicles - Functional safety - Part 9: Automotive safety integrity level (ASIL)-oriented and safety-oriented analyses. Technical report, International Standard (2018)

    Google Scholar 

  12. Ali, A.A.: ISO 26262 functional safety standard and the impact in software lifecycle. J. Univ. Appl. Sci. (2017). http://rgdoi.net/10.13140/RG.2.2.12486.16963

  13. Rong, S., Bao-Wen, Z.: The research of regression model in machine learning field. In: MATEC Web of Conferences, vol. 176, p. 01033 (2018). EDP Sciences

    Google Scholar 

  14. Gallo, A.: A refresher on regression analysis (2015). https://hbr.org/2015/11/a-refresher-on-regression-analysis. Accessed 10 Feb 2022

  15. Vu, D.H., Muttaqi, K.M., Agalgaonkar, A.P.: A variance inflation factor and backward elimination based robust regression model for forecasting monthly electricity demand using climatic variables. Appl. Energy 140, 385–394 (2015)

    Article  Google Scholar 

  16. Dutta, A.: Random forest regression in Python (2022). https://www.geeksforgeeks.org/random-forest-regression-in-python/. Accessed 04 May 2022

  17. Xu, M., Watanachaturaporn, P., Varshney, P.K., Arora, M.K.: Decision tree regression for soft classification of remote sensing data. Remote Sens. Environ. 97(3), 322–336 (2005)

    Article  Google Scholar 

  18. Awad, M., Khanna, R.: Support vector regression. In: Efficient Learning Machines, pp. 67–80. Apress, Berkeley, CA (2015). https://doi.org/10.1007/978-1-4302-5990-9_4

    Chapter  Google Scholar 

  19. Raj, A.: Unlocking the true power of support vector regression (2020)

    Google Scholar 

  20. Sethi, A.: Support vector regression tutorial for machine learning (2020). https://www.analyticsvidhya.com/blog/2020/03/support-vector-regression-tutorial-for-machine-learning/. Accessed 28 Apr 2022

  21. Ostertagová, E.: Modelling using polynomial regression. Procedia Eng. 48, 500–506 (2012)

    Article  Google Scholar 

  22. Abhigyan: Understanding polynomial regression!!! (2020). https://medium.com/analytics-vidhya/understanding-polynomial-regression-5ac25b970e18. Accessed 26 Apr 2022

Download references

Acknowledgement

The ECQA Certified Cybersecurity Engineer and Manager - Automotive Sector is co-funded by the Erasmus+ Call 2020 Round 1 KA203 Programme of the European Union under the agreement 2020-1-CZ01- KA203-078494. This work is partially supported by Grant of SGS No. SP2021/87, VSB - Technical University of Ostrava, Czech Republic.

Author information

Authors and Affiliations

  1. AIT Austrian Institute of Technology, Vienna, Austria

    Abdelkader Magdy Shaaban, Sebastian Chlup & Christoph Schmittner

Authors
  1. Abdelkader Magdy Shaaban
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sebastian Chlup
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Christoph Schmittner
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Abdelkader Magdy Shaaban .

Editor information

Editors and Affiliations

  1. Fraunhofer IKS, Munich, Germany

    Mario Trapp

  2. Austrian Institute of Technology, Vienna, Austria

    Erwin Schoitsch

  3. LAAS-CNRS, University of Toulouse, Toulouse, France

    Jérémie Guiochet

  4. Thales Deutschland GmbH, Ditzingen, Germany

    Friedemann Bitsch

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Shaaban, A.M., Chlup, S., Schmittner, C. (2022). UNECE Threat List Case Study: Prediction of Cyber Risks in the Automotive Domain Using Regression Analysis. In: Trapp, M., Schoitsch, E., Guiochet, J., Bitsch, F. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2022 Workshops . SAFECOMP 2022. Lecture Notes in Computer Science, vol 13415. Springer, Cham. https://doi.org/10.1007/978-3-031-14862-0_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-14862-0_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-14861-3

  • Online ISBN: 978-3-031-14862-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation