Security Risks of Agentic Vehicles: A Systematic Analysis of Cognitive and Cross-Layer Threats
It addresses security risks for safety-critical cyber-physical platforms like vehicles, providing a structured framework for analysis, but is incremental as it builds on existing OWASP concepts.
The paper investigates security threats in Agentic Vehicles (AgVs), analyzing both agentic AI layer vulnerabilities and cross-layer risks from perception and control layers, and introduces a role-based architecture with a severity matrix to illustrate how distortions can escalate into unsafe behavior.
Agentic AI is increasingly being explored and introduced in both manually driven and autonomous vehicles, leading to the notion of Agentic Vehicles (AgVs), with capabilities such as memory-based personalization, goal interpretation, strategic reasoning, and tool-mediated assistance. While frameworks such as the OWASP Agentic AI Security Risks highlight vulnerabilities in reasoning-driven AI systems, they are not designed for safety-critical cyber-physical platforms such as vehicles, nor do they account for interactions with other layers such as perception, communication, and control layers. This paper investigates security threats in AgVs, including OWASP-style risks and cyber-attacks from other layers affecting the agentic layer. By introducing a role-based architecture for agentic vehicles, consisting of a Personal Agent and a Driving Strategy Agent, we will investigate vulnerabilities in both agentic AI layer and cross-layer risks, including risks originating from upstream layers (e.g., perception layer, control layer, etc.). A severity matrix and attack-chain analysis illustrate how small distortions can escalate into misaligned or unsafe behavior in both human-driven and autonomous vehicles. The resulting framework provides the first structured foundation for analyzing security risks of agentic AI in both current and emerging vehicle platforms.