Security and Privacy Issues for Connected Vehicles

Abstract

Modern vehicles contain more than a hundred Electronic Control Units (ECUs) that communicate over different in-vehicle networks, and they are often connected to the Internet, which makes them vulnerable to various cyber-attacks. Besides, data collected by the connected vehicles is directly connected to the vehicular network. Thus, big vehicular data are collected, which are valuable and generate insights into driver behavior. Previously, a probabilistic modeling and simulation language named vehicleLang is presented to analyze the security of connected vehicles. However, the privacy issues of vehicular data have not been addressed. To fill in the gap, this work present a privacy specification for vehicles based on vehicleLang, which uses the Meta Attack Language (MAL) to assess the security of connected vehicles in a formal way, with a special focus on the privacy aspect. To evaluate this work, test cases are also presented.