graduate student from 01.01.2023 until now
Moscow, Russian Federation
656.9
The article presents the results of an analysis of autonomous and connected vehicle systems and their vulnerabilities, which may have consequences for the provision of transport services. It has been revealed that in addition to human physical security, which manufacturers of all vehicles strive for, autonomous vehicles must also provide protection against hacking and other cyber attacks and confidentiality of personal data. A STRIDE analysis was conducted to identify potential threats and commercial risks, for example for a transportation company. This methodology includes an assessment of information security risks in the following categories: spoofing, modification, denial of authorship, disclosure, denial of service, and privilege escalation. This article is devoted to the decomposition of the concept of an autonomous vehicle control system into the main elements and the application of STRIDE analysis to these components. The analysis revealed that there is a high risk of remote hacking of the on-board computer and/or disruption of the algorithms of one of the servers of an autonomous vehicle. In addition to the STRIDE analysis, a Data Flow Diagram was constructed to confirm the results. As a result of the research, the author concluded that working on security threats for autonomous and connected vehicles will allow a smooth modernization of the freight transportation industry in road transport and reaching a new level of customer service.
autonomous and connected vehicles, fleets of vehicles, cybersecurity, risks, security requirements, system components, on-time delivery, customer service
1. Ukaz Prezidenta Rossiyskoy Federacii ot 07.05.2024 № 309 "O nacional'nyh celyah razvitiya Rossiyskoy Federacii na period do 2030 goda i na perspektivu do 2036 goda" // Oficial'noe opublikovanie pravovyh aktov 2024, 7 maya. URL: http://publication.pravo.gov.ru/document/0001202405070015
2. Pare D., Rebeyn H. Avtonomnye i podklyuchennye avtomobili. Ustroystvo, standarty i perspektivy razvitiya / per. s angl. V.S. Yacenkova. – M.: DMK Press, 2023. – 454 s.
3. Rytov, M. Yu. Primenenie metodologii stride dlya opredeleniya aktual'nyh ugroz bezopasnosti programmno-opredelyaemyh setey / M. Yu. Rytov, R. Yu. Kalashnikov // Avtomatizaciya i modelirovanie v proektirovanii i upravlenii. – 2019. – № 3(5). – S. 19-24. – DOIhttps://doi.org/10.30987/article_5d8d113d968333.98732766. – EDN NLSDLD.
4. Metodologiya STRIDE v modelirovanii ugroz [Elektronnyy resurs] // ThreatScope 2025. URL: https://threatscope.ru/about-stride/ (data obrascheniya: 10.03.2025)
5. What sensors are installed on autonomous driving cars? [Elektronnyy resurs] // SIC ELECTRONICS LIMITED 2024, 19 sentbrya. URL: https://www.sic-chip.com/info-detail/what-sensors-are-installed-on-autonomous-driving-cars (data obrascheniya: 10.03.2025)
6. Blog kompanii Yandeks: Vstrechaem avtonomnye gruzoviki Yandeksa [Elektronnyy resurs] // Habr 2024, 10 dekabrya. URL: https://habr.com/ru/companies/yandex/articles/864464/ (data obrascheniya: 19.03.2025)
7. How to STRIDE [Elektronnyy resurs] // Threat-Modeling 2022, 11 sentyabrya. URL: https://threat-modeling.com/how-to-stride-threat-model/ (data obrascheniya: 16.03.2025)
8. What is a data flow diagram (DFD)? [Elektronnyy resurs] // IBM 2024, 22 noyabrya. URL: https://www.ibm.com/think/topics/data-flow-diagram (data obrascheniya: 19.03.2025)
9. Rosstat: Transport v Rossii 2024 [Elektronnyy resurs]. — URL: https://rosstat.gov.ru/storage/mediabank/Transport_2024.pdf
