Security and Privacy Issues for Connected Vehicles
This work tackles privacy concerns in connected vehicles, which is an incremental improvement over prior security-focused methods.
The paper addresses privacy issues in connected vehicles by introducing a privacy specification based on vehicleLang, using the Meta Attack Language for formal security assessment, and includes test cases for evaluation.
Modern vehicles contain more than a hundred Electronic Control Units (ECUs) that communicate over different in-vehicle networks, and they are often connected to the Internet, which makes them vulnerable to various cyber-attacks. Besides, data collected by the connected vehicles is directly connected to the vehicular network. Thus, big vehicular data are collected, which are valuable and generate insights into driver behavior. Previously, a probabilistic modeling and simulation language named vehicleLang is presented to analyze the security of connected vehicles. However, the privacy issues of vehicular data have not been addressed. To fill in the gap, this work present a privacy specification for vehicles based on vehicleLang, which uses the Meta Attack Language (MAL) to assess the security of connected vehicles in a formal way, with a special focus on the privacy aspect. To evaluate this work, test cases are also presented.