By Ali Shoker, RC3 Research Scientist
I raise awareness to the need for considering the cybersecurity of a CyberPhysical System (CPS) from a system perspective from past experience on automotive cybersecurity. This is of high relevance to our society as our smart life is increasingly becoming a complex smart “systems of systems”. As part of my previous work on cybersecurity in the European Commission co-funded project, InSecTT, which included 52 top European companies and universities, I tackled the cyber threats on Truck Platooning by emphasizing the importance of the system perspective.
A truck platoon is a convoy-like set of trucks led by a front truck to navigate to a common destination, often using Vehicle-to-Vehicle (V2V) wireless communication. Some of the platooning advantages are safe driving, road efficiency, and reduced costs–in fuel, because of air drag differentiation, and in drivers’ time dedication. Throughout the work, I emphasized that only considering unit cybersecurity threat modeling is insufficient in such a “system of systems”. Without loss of generality, I give three examples:
- Trucks should not be treated equally because the leader (and sometimes the trailing) truck has more privileges. This means that an attack on the leader is not a mere attack on any truck since it can put the entire platoon in danger and lead to a disaster.
- Trucks would communicate securely using classical Public Key Infrastructure (PKI) certification which is very costly. Since the trucks in a platoon are tightly connected and coordinated (not only a general V2V communication), treating them as a system brings new benefits, like using symmetric or group key cryptography–known to be much efficient than PKI. This can also raise new challenges that are worth consideration, e.g., revoke truck access to the platoon (possible via the group key) after leaving it.
- Since the platoon is cooperative, there are other reasonable threat models to consider like the Rational (selfish) model. For instance, since the leader consumes more energy than the following trucks (because of aerodynamic air differential), truck manufactures may selfishly prevent their trucks from being the platoon leader. This is not very unlikely as one might think. We all remember the VW “diesel dupe” scandal of manipulating the performance of CO2 emission software tests, leading to half million cars recalled in the US.
Tackling the platoon cybersecurity from a system perspective helped us to identify potential attacks and countermeasures, new to the community. In fact, we noticed that the focus of the automotive industrial partners has always been on the cybersecurity of trucks and parts as independent units.
To summarize, there is a need to consider the cybersecurity of a CPS from a systems perspective because a CPS is simply a “system” whose units must cooperate correctly to achieve their common goal. Apart from the technical jargon, the idea may be explained through drawing a simple COVID-19 analogy: no matter how vigilant and considerate someone is in combatting the pandemic, s/he should abide to the regulations and measure set at the level of the society (i.e., the system/regime) to be well protected and stay efficient.
Related Persons
