Information Security Analysis in the Passenger-Autonomous Vehicle Interaction
This addresses cybersecurity and privacy issues for passengers and service providers in autonomous vehicle systems, but it is incremental as it builds on existing risk management methods.
The study tackled the problem of cybersecurity risks in passenger-autonomous vehicle interactions by proposing a security requirements elicitation approach based on a threat model, with findings applicable to ride-hailing service providers using supervisory AV control.
Autonomous vehicles (AV) are becoming a part of humans' everyday life. There are numerous pilot projects of driverless public buses; some car manufacturers deliver their premium-level automobiles with advanced self-driving features. Thus, assuring the security of a Passenger-Autonomous Vehicle interaction arises as an important research topic, as along with opportunities, new cybersecurity risks and challenges occur that potentially may threaten Passenger's privacy and safety on the roads. This study proposes an approach of the security requirements elicitation based on the developed threat model. Thus, information security risk management helps to fulfil one of the principles needed to protect data privacy - information security. We demonstrate the process of security requirements elicitation to mitigate arising security risks. The findings of the paper are case-oriented and are based on the literature review. They are applicable for AV system implementation used by ride-hailing service providers that enable supervisory AV control.