CyRes -- Avoiding Catastrophic Failure in Connected and Autonomous Vehicles (Extended Abstract)
This addresses the critical need for sustainable resilience in automotive cybersecurity to support global transport initiatives, though it appears incremental as it builds on existing regulatory frameworks.
The paper tackles the problem of ensuring safe mass deployment of connected and autonomous vehicles by introducing CyRes, an operational cyber resilience methodology designed for standardization and legal testing, aiming to maintain public trust and prevent catastrophic failures.
Existing approaches to cyber security and regulation in the automotive sector cannot achieve the quality of outcome necessary to ensure the safe mass deployment of advanced vehicle technologies and smart mobility systems. Without sustainable resilience hard-fought public trust will evaporate, derailing emerging global initiatives to improve the efficiency, safety and environmental impact of future transport. This paper introduces an operational cyber resilience methodology, CyRes, that is suitable for standardisation. The CyRes methodology itself is capable of being tested in court or by publicly appointed regulators. It is designed so that operators understand what evidence should be produced by it and are able to measure the quality of that evidence. The evidence produced is capable of being tested in court or by publicly appointed regulators. Thus, the real-world system to which the CyRes methodology has been applied is capable of operating at all times and in all places with a legally and socially acceptable value of negative consequence.