Report Scope
Introduction
The increase needs to replace current carbon technologies with driverless vehicles has led to the analysis of the vulnerabilities, threats, and risks in order to ensure the sustainability of the revolutionized smart vehicle technology. Reduced customer satisfaction and noncompliance with the regulations could lead to the distinction of smart vehicles technology(Porikli & Van Gool, 2014). The Gigantic corporation is planning on conducting a risk assessment project on smart vehicles. The project will transform the transport industry and disrupt business workflows(Neff, 2013).
Report Scope
Cellular and satellite technologies are used to form driverless vehicles in order to give directions and navigate roads. Risk assessment is done on these technologies. Laser beam technology is also part of this report’s scope(Simon, Ignaczak, & Lyons, 2009).Sensor networks are used in smart cars to sense road signs and other road activities. Risk assessment of this technology is done. The information system combining these technologies is also assessed for human safety vulnerabilities and threats(Pinto, 2012).
Overview of management of risk
A structured approach was used for the risk assessment for all the necessary resources to be captured. A risk assessment plan is drawn for analysis(Axelrod, 2017).The process begins with the identification of risk exposure and quantification of the risk exposure. The risk mitigation techniques used are risk avoidance, transfer, mitigation, reduction and acceptance(Arntz, Gregory, & Zierahn, 2016).
The flow chart diagram summarizes the process
Figure 1 The process of risk assessment
Several approaches were used to form the framework above in order to provide a methodologies and methods that could aid in decision making regarding driverless vehicles(Guerra, 2016).
The primary endeavor towards driverless vehicles goes back similarly as the mid 1920s (Litman, 2017) and got energy in the 1980s when scientists figured out how to create mechanized roadway frameworks (Schoettle & Sivak, 2014). This made ready for semiautonomous and self-ruling vehicles to be associated with the thruway framework. Pioneer pilots of AVs were to a great extent made in Germany and the U.S. amid 1980 to 2000 (Fagnant & Kockelman, 2015)
AVs are very obligated to the broad research on unmanned gear made by the barrier division known as (DARPA) the U.S. Protection Advanced Research Projects Agency (Mudalige, 2013). Google’s driverless auto gave colossal reputations to the AV and pulled in a pool of ability from a few orders. As of late as July 2015, Google’s driverless armadas logged more than one million miles amid which just 14 minor auto collisions on open streets were recorded. In all cases, in any case, the AV was not to blame; rather, it was either being physically driven3 or the other driver was to blame (Gerla, Lee, Pau, & Lee, 2014). All things considered, the main mischance where the Google auto was found to blame occurred on Valentine’s Day 2016, when the auto struck the side of an open transport in the Silicon Valley city of Mountain View (Trepagnier et al., 2011).
There is almost certainly that the improvement and use of self-ruling autos has an expense. The expense of the parts for the auto, the expense of the examination, the expense of assembling, and the expense to the possible client need to adjust if self-sufficient autos will end up mainstream. In any case what are the acquiring and expenses of owning a self-governing auto? For a field of research that is moderately new, the numbers aren’t clear or promptly evident. Be that as it may, one thing is sure for presently: it will cost more than $30,303, the normal cost of an auto (Fleming, 2012) The Google Car, the most intensely tried and progressed independent auto framework in advancement, has an extremely costly cost. The auto itself costs about $150,000 altogether.
Overview of management of risk
The most costly bit of the hardware is the $70,000 LIDAR framework (Priddle and Woodyard, 2012). This by itself is far above what the normal shopper is ready or ready to pay. Be that as it may, Google stays confident. Chris Urmson, an architect from Carnegie Mellon who is working with the Google Car framework, says that “sensibly valued LIDAR frameworks are coming generally soon” (Priddle & Woodyard, 2012). Regardless of whether this is valid, this expense should drop significantly to fall into a sensible value extend. As of now, the expense of the LIDAR system costs about to such an extent as a 2012 Cadillac Escalade ($66k – $74k), an auto far distant for the each man
A review presented by J.D. Powers and Associates as of late surveyed open enthusiasm for self-governing autos (Green, Skerlos, & Winebrake, 2014). The study found that one out of each five 8 individuals were keen on acquiring an independent auto in the wake of figuring out how much additional the highlight would cost. This additional expense was an insignificant $3,000 more. While this is costly to the extent highlights go, the current extra expenses of a self-sufficient auto will be hard – squeezed to meet that 3,000 dollar benchmark. Notwithstanding, the executive of advertising and deals at Ibeo Automotive Frameworks, a maker of LIDAR frameworks in Germany, has said that it plans to create LIDAR frameworks for autonomous autos for as low as $250 (Jardim, Quartulli, & Casley, 2013).
In the event that this is valid, the astoundingly minimal effort of LIDAR that the Google Car paid ($70,000) could possibly drop the cost of the auto from $150,000 to $80,250. What’s more, if comparable sensors and gear in the auto additionally pursue value drops as innovation progresses, at that point meeting the objective of an just extra $3,000 for a self-sufficient auto probably won’t appear entirey unimaginable.
The process was broken down into smaller processes for a collaborative approach in assessing the risk. Each process produced outputs used as inputs for the next phase(Reimer, 2014). Analysis and assessment of the environmental aspects regarding driverless vehicles were done. The methodology was then preliminarily assessed for risk. The subject could be assessed in a higher level due to this methodology(Thomopoulos & Givoni, 2015).
Prioritization of the risk depending on the extent of materialization of the risk was the third step. A detailed assessment focusing on the technologies used in the smart cars and their negative impacts on the corporation and clients was done(Richtel & Dougherty, 2015).
Analysis done from this stage is used in the risk management approaches to form control measures. Recommendations form the risk assessment analysis and management are given to the board for decision making(Goodall, 2016).
Figure 2 gives a summary of the methodology steps.
Techniques
The assessment team used various methodologies in order to get risk details and the effect of these risks to the stakeholders. The methods are used in order to follow the methodology. The methods that were used include
Literature Review: Google Self Driving Cars
Risk Assessment Questionnaire
Questionnaires were used to for fact-finding. A questionnaire tool was used. The questionnaire focused on various technologies and questioning the respondents on various risks associated with the implementation of these technologies(Peterson, 2012).
Risky operations result in risky outcomes thus operational risks were also assessed. Laws and regulations set for the operations were also analyzed. This was done in order to realize the hindrances the transport industry could be facing in order while adopting the driverless vehicles’ technology.
(Goodrich, 2013)Closed questions were used for the questionnaire with a structured approach. This made fact-finding to be better structured. It gave a better analysis of outcomes of the survey. The NIST SP-26 was adopted in the questionnaire. It deals with methods of ensuring security self-assessment (Tirone, Glenn, Casey, & Collins, 2015).
Assessment Tools
There are tools that were used to ethically hack the technology systems used by the smart cars in order to ascertain whether the systems can withstand breaches and to which extent the damage could cause on performance and safety. The framework used in hacking was the Metasploit framework. The platform used was the KaliLinux platform(Singh, Grann, & Fazel, 2011).
Tools used to enhance signal interferences and jamming technologies were used for assessment. Satellite signals used for navigation used by driverless vehicles were also used. The software configuration used in these technologies was also assessed for possible hacks and vulnerabilities in security. The survey team was able to understand important technologies and possible risks associated with the technologies due to the assessment.
Threat and Vulnerability sources
There are several vulnerabilities and threats associated with driverless cars. These features are incorporated in features like the smart keys that could be remotely locked, automated gas payment systems and mapping application sued for navigation(Friedlander & Kraemer, 2010). These threats and vulnerabilities pose risks. The table below gives a summary
Table 1 Summary of vulnerabilities and threats
|
Vulnerable |
Threats |
|
Controlling keys remotely |
A potential hacker could hack the system remotely |
|
Insecurity in communication |
Breaches in data are potentially available |
|
Sharing of locations between driverless vehicles |
The privacy breach is potentially available |
|
Payment systems do not build with high technology |
Payment modules could be hacked due to this |
From the summary given in the table, it can be concluded that most breaches are due to the use of wireless devices in vehicles. This poses risks that could be exploited and cause chaos in vehicles’ operation or even loss of lives.
Transaction walkthrough
The walkthrough was guided by the survey team. The survey team analyzed the use cases of the technologies used in the smart vehicles. The use case scenarios were conducted in order to understand how the applications and technologies are used(Ring, 2015).
Use cases used in the smart vehicles are as illustrated below;
Use Case 0- Using driverless mode to transport passengers
Use Case 1-Using wireless technology to remotely manage vehicles.
Use Case2-Using location services in the vehicles to track.
Use Case 3-Scanning driverless vehicles’ environment using a laser beam
The survey team thoroughly reviewed the documentation of the system and technical documents by viewing details for the use cases. The findings from the documents were used for prototyping. Review of the documentation is discussed below.
Review of documentation
User manuals and technical documents were reviewed. The surveyor was able to get better insight into the functionality of the system. The outcome was an overview of the smart cars’ project that enabled the surveyor to identify entities that are vulnerable. This is key in the classification of risks(Papa & Lauwers, 2015).
Approach used in risk assessment
Organization documents such as its security policy and its ICT compliance standards were also assessed and not only the documents related to the system. This was done in order to inform the survey team about the regulations and standards that govern the delivery of service in terms of security and ICT. Analysis of the technical designs and architectures was done in order to identify potential breaches in the design that would cause security risks(Abueh & Liu, 2016).
Interviews
Interviews are important in order to validate information that has been provided by the respondents of the questionnaires. Users of the system and stakeholders were interviewed in order to identify their opinion about the invention of the driverless vehicles. The structure of the interview was the same as for the questionnaires apart from the ability of the interviewee to be able to include their analysis of the risks involved in the use of driverless vehicles’ technologies.
Site Visit
A site visit to the Gigantic Corporation was done by the survey team. This was done in order to get first-hand information about the business operations and its workflow of manufacturing smart vehicles. The visit was also important in identifying risks associated with the manufactured products. Gauging the risks involved in the business operations during design and development was made easier.
The stakeholders had a chance to express the challenges that are faced during production. The survey team became more equipped about the challenges and would be able to carry out a risk assessment on the challenges.
The survey team came up with algorithms that were sued in modeling the risks associated with the technologies involved in the business process(Geldmacher & Plesea, 2016). The formula highlighted below was used for the model;
The following risk definitions explain the formulae to help classify the threat levels;
Identified Threats
Table 2 Classification of the threats
|
Threat |
Description |
|
High (1.0) |
The source of the threat is highly motivated to exploit the vulnerability. |
|
Medium (0.5) |
The organization has developed measures to curb exploitation of the vulnerability by the threat agent. |
|
Low(0.1) |
This risk classification is associated with unmotivated threat agent making it unable to exploit the vulnerable. The existing controls could be used to control exploitation |
Vulnerabilities
Existing vulnerabilities in the organization and threats were categorized in order for the survey team to identify what the Gigantic Corporation already has and the vulnerabilities present in the value chain(Parkinson, Ward, Wilson, & Miller, 2017). The classified vulnerabilities are shown in the table.
Table 3Vulnerability Categories
|
Vulnerability Category |
Impact |
|
Devastating |
The organization could have upto 75% damage when exploitation occurs |
|
Severe |
The vehicle could be up to 50% exposed to damages due to exploitation |
|
Noticeable |
The vehicle could be up to 25% exposed to damages due to exploitation |
|
Minor |
The vehicle could be exposed to negligible damages due to exploitation |
consequences
A base score system was used to measure the consequences in order to gauge the impact of the vulnerabilities being exploited. Different threat agents have different impacts on the driverless vehicles(Stayton, 2015). The table below explains the base score categories on effects of exploitation on vulnerability.
Table 4 Analysis of impacts
|
Effect Score |
Description |
|
High (100) |
Its characteristics are a loss in integrity, confidentiality, and availability of the systems and applications. This breach could potentially damage a company |
|
Medium(50) |
This affects the integrity, confidentiality, and availability(CIA) of vital operations of the smart driverless cars. It moderately affects operations |
|
Low (10) |
loss of CIA of the various services that the driverless vehicles provide face limited impact. It has a limited effect on operations in terms of limited materialization |
The components of the driverless cars and vulnerabilities are highlighted in this section.
Technology components
Networks, applications, databases, platforms,and protocols used by the vehicles are the technological components. The components are discussed in the figure below
Figure 3 Driverless Vehicle Technology Component(“How does a self-driving car work? – The Economist explains,” n.d.)
Physical Location
The infrastructure that supports the smart cars is hosted by the Gigantic Corporation’sdata center. The data center is the storage for servers and infrastructure. The satellite transmitter, datacenter and application servers are physically located in Sydney
The locality was analyzed for potential risk. The assessmentof threats was done based on the analysis methods mentioned.
Techniques
Date Used By the System.
The smart vehicles use critical user information and the information is shared with other vehicles within the network(Bonnefon, Shariff, & Rahwan, 2016). Information captured include
Table 6 Data Details
|
Data |
Data Description |
|
Personal Information |
Username, addresses,phone numbers,national identification and date of birth |
|
Vehicle details |
registration number of the vehicle Vehicle tag |
|
Finance data |
Credit card number verification code for transaction expiration date of card Card type Authority reference reference number of transaction |
5.4 Users
Users of the driverless system are critical in the driverless system. The users include;
Table 7 Users Details
|
User Type |
User Description |
|
Car Owner |
Automobile buyer |
|
Passengers |
This represents the human the vehicle is transporting at that time |
|
Pedestrians |
This user who interact with the system while the vehicle is on the roads |
|
Administrators |
The administrator gains access to the components of the system. This access could be used for troubleshooting. |
A Flow Diagram
The workflows of the smart cars are illustrated below,
The diagram shows that the vehicle makes decisions about acceleration or slowing down(Rimmer, 2017). Technologies such as wireless networks, radar and positioning systems are incorporated.
Figure 4 Flow Diagram
Vulnerability statement
The survey team elicited the vulnerabilities in the technologies used in order to familiarize with them(Ya?dereli, Gemci, & Akta?, 2015).
|
Vulnerable |
Definition |
|
Interception of data |
There is potential interception of shared data within the network. Data exchange exposesvehicle datato unauthorized persons |
|
Flaws in software |
The software flaws that originate from the misconfiguration. Smart vehicles could make wrong judgement due to the softwrae flaws |
|
Insecurity in cryptographic tools |
The cryptographic tools used to secure data on transit and storage by encryption is relatively insecure hence are easily hack able. |
|
Interception of the network |
The smart vehicles are always in contact with the wireless networks. This line of site is susceptible to hacking by jamming of signals |
Figure 5 Statement of vulnerability
Agents of threat
Threats could exploit vulnerabilities caused by threat agents described in the threat statements below(McClean, Stull, Farrar, & Mascareñas, 2013).
|
Threat Agent |
The action of the Agent |
|
Hackers |
Interference of signals Interception of data |
|
Computer criminals |
Private information stealing Spoofing of data Cyber intrusion |
|
Environment |
Natural disasters like road accidents |
Figure 6 Threat Agents Details
Recommendations on standards that the Gigantic Corporation could deploy in order to affect the operation of businesses are given by the industry(Alheeti, Gruebler, & McDonald-Maier, 2015). The recommendations include
recommendations for the risk projects that exist in the industry
- Implementing effective cryptographic tools including the AES algorithm for encryption to improve integrity of data.
- Establishing a system for identification to uniquely identify the cars in the wireless network with personally identifiable details not being compromised.
- Implementing well-documented testing plans to eliminate any bugs present in software applications. This helps reduce the risks associated with the software codes errors.
- Enforcing controls of access to reduce the chances of unauthorized entities logging into the vehicle systems remotely. This could be implemented by selectively allowing the administrators ability to log into the cars’ system.
- Enhancement of protection of the communication paths to ensure their privacy in the channels between the smart cars’ systems and servers that is remotely located. This reduces the chances of spoofing
- Using hashing to protect the confidential details that could identify the vehicle using technologies such as blockchain to ensure the private vehicle data such as credit details for gas purchase are confidently kept.
The assessment report generated these findings by the surveyors,
Recommendations based on findings
The following techniques are recommended for risk mitigation;
- Improve security of the applications by use of integration, systems and tests of acceptance to make sure the product operate as required.
- Using advanced 256 standards for encryption to encrypt the data in transit between the car systems and the remote system.
- Use of blockchain technology to hide confidential data about the driverless vehicles to enhance the privacy.
- Using a fail-safe system that is tested to ensure vehicles are not susceptible to issues of the environment like signal degradation due to rainy weather.
Risks involved in materializing could be reduced by using blockchain technology for anonymity and using AES 256 for encrypting. Implementing testing of system phases is a technique that could also be used.
Conclusion
Driverless vehicles technology is an invention that could revolutionize the transport industry and value chain. However, the risks involved in this technology hinder this revolution. Hacking and interception of signals are risks that hinder revolution of this innovation. It is recommended that the Gigantic Corporation changes its architectures for development and deployment for incorporation of information technology. Using tools for privacy enhancement ensures that the driverless innovation is not used to cause harm to its users.
References
Abueh, Y. J., & Liu, H. (2016). Message authentication in driverless cars. In Technologies for Homeland Security (HST), 2016 IEEE Symposium on (pp. 1–6). IEEE.
Alheeti, K. M. A., Gruebler, A., & McDonald-Maier, K. D. (2015). An intrusion detection system against malicious attacks on the communication network of driverless cars. In Consumer Communications and Networking Conference (CCNC), 2015 12th Annual IEEE (pp. 916–921). IEEE.
Arntz, M., Gregory, T., & Zierahn, U. (2016). The risk of automation for jobs in OECD countries.
Axelrod, C. W. (2017). Cybersecurity in the age of autonomous vehicles, intelligent traffic controls and pervasive transportation networks. In Systems, Applications and Technology Conference (LISAT), 2017 IEEE Long Island (pp. 1–6). IEEE.
Bonnefon, J.-F., Shariff, A., & Rahwan, I. (2016). The social dilemma of autonomous vehicles. Science, 352(6293), 1573–1576.
Fagnant, D. J., & Kockelman, K. (2015). Preparing a nation for autonomous vehicles: opportunities, barriers and policy recommendations. Transportation Research Part A: Policy and Practice, 77, 167–181.
Fleming, B. (2012). Smarter and Safer Vehicles [Automotive Electronics]. IEEE Vehicular Technology Magazine, 7(2), 4–9.
Friedlander, R. R., & Kraemer, J. R. (2010). System and method for detection of earthquakes and tsunamis, and hierarchical analysis, threat classification, and interface to warning systems. Google Patents.
Geldmacher, W., & Plesea, D. A. (2016). SWOT Analysis and Evaluation of a Driverless Carsharing Model. In European Conference on Innovation and Entrepreneurship (p. 921). Academic Conferences International Limited.
Gerla, M., Lee, E.-K., Pau, G., & Lee, U. (2014). Internet of vehicles: From intelligent grid to autonomous cars and vehicular clouds. In Internet of Things (WF-IoT), 2014 IEEE World Forum on (pp. 241–246). IEEE.
Goodall, N. J. (2016). Can you program ethics into a self-driving car? IEEE Spectrum, 53(6), 28–58.
Goodrich, J. (2013). Driving miss daisy: an autonomous chauffeur system. Hous. L. Rev., 51, 265.
Green, E. H., Skerlos, S. J., & Winebrake, J. J. (2014). Increasing electric vehicle policy efficiency and effectiveness by reducing mainstream market bias. Energy Policy, 65, 562–566.
Guerra, E. (2016). Planning for cars that drive themselves: Metropolitan Planning Organizations, regional transportation plans, and autonomous vehicles. Journal of Planning Education and Research, 36(2), 210–224.
How does a self-driving car work? – The Economist explains. (n.d.). Retrieved September 25, 2018, from https://www.economist.com/the-economist-explains/2015/05/12/how-does-a-self-driving-car-work
Jardim, A. S., Quartulli, A. M., & Casley, S. V. (2013). A Study of Public Acceptance of Autonomous Cars.
Litman, T. (2017). Autonomous vehicle implementation predictions. Victoria Transport Policy Institute Victoria, Canada.
McClean, J., Stull, C., Farrar, C., & Mascareñas, D. (2013). A preliminary cyber-physical security assessment of the robot operating system (ros). In Unmanned Systems Technology XV (Vol. 8741, p. 874110). International Society for Optics and Photonics.
Mudalige, U. P. (2013). Autonomous vehicle management. Google Patents.
Neff, R. A. (2013). Driverless vehicle.
Papa, E., & Lauwers, D. (2015). Smart mobility: Opportunity or threat to innovate places and cities.
Parkinson, S., Ward, P., Wilson, K., & Miller, J. (2017). Cyber threats facing autonomous and connected vehicles: Future challenges. IEEE Transactions on Intelligent Transportation Systems, 18(11), 2898–2915.
Peterson, R. W. (2012). New technology-old law: Autonomous vehicles and California’s insurance framework. Santa Clara L. Rev., 52, 1341.
Pinto, C. (2012). How autonomous vehicle policy in California and Nevada addresses technological and non-technological liabilities. Intersect: The Stanford Journal of Science, Technology and Society, 5.
Porikli, F., & Van Gool, L. (2014). Special issue on car navigation and vehicle systems. Springer.
Priddle, A., & Woodyard, C. (2012). Google discloses costs of its driverless car tests. USA Today, 14.
Reimer, B. (2014). Driver assistance systems and the transition to automated vehicles: A path to increase older adult safety and mobility? Public Policy & Aging Report, 24(1), 27–31.
Richtel, M., & Dougherty, C. (2015). Google’s driverless cars run into problem: Cars with drivers. New York Times, 1.
Rimmer, M. (2017). Intellectual property and self-driving cars: Waymo vs Uber: Supplementary submission to the House of Representatives Standing Committee on Industry, Innovation, Science and Resources’ inquiry into the social issues relating to land-based driverless vehicles in Australia.
Ring, T. (2015). Connected cars–the next targe tfor hackers. Network Security, 2015(11), 11–16.
Schoettle, B., & Sivak, M. (2014). A survey of public opinion about autonomous and self-driving vehicles in the US, the UK, and Australia.
Simon, S., Ignaczak, B., & Lyons, R. (2009). Method for determining an accident risk between a first object with at least one second object.
Singh, J. P., Grann, M., & Fazel, S. (2011). A comparative study of violence risk assessment tools: A systematic review and metaregression analysis of 68 studies involving 25,980 participants. Clinical Psychology Review, 31(3), 499–513.
Stayton, E. L. (2015). Driverless dreams: technological narratives and the shape of the automated car (PhD Thesis). Massachusetts Institute of Technology.
Thomopoulos, N., & Givoni, M. (2015). The autonomous car—a blessing or a curse for the future of low carbon mobility? An exploration of likely vs. desirable outcomes. European Journal of Futures Research, 3(1), 14.
Tirone, B. S., Glenn, D. L., Casey, E. P., & Collins, D. M. (2015). Insurance applications for autonomous vehicles.
Trepagnier, P. G., Nagel, J. E., Kinney, P. M., Dooner, M. T., Wilson, B. M., Schneider Jr, C. R., & Goeller, K. B. (2011). Navigation and control system for autonomous vehicles. Google Patents.
Ya?dereli, E., Gemci, C., & Akta?, A. Z. (2015). A study on cyber-security of autonomous and unmanned vehicles. The Journal of Defense Modeling and Simulation, 12(4), 369–381.
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
