Connected vehicles hold tremendous potential for improving road safety while simultaneously reducing energy consumption and road congestion through data sharing over the next decade. In general terms, a connected car is a road vehicle equipped with three sets of communications systems: Internet access, an internal network, which enables the car to route its connection access (sometimes known as vehicle-to-internet, or V2I) to other devices that are installed inside—and possibly outside—of the vehicle. Alongside these typically there is the CAN bus (or similar) used to interconnect the gamut of ECUs, sensors and actuators that now form part of a vehicle's inner electronic workings. Increasingly, such cars are fitted with specific technologies that link into the Internet access or internal network to provide additional driver benefits: automatic notification of collisions, notification of excessive speeding, and other safety alerts, for example. There are three additional communications types that supplement these: a vehicle-to-vehicle (V2V) technology that enables cars to communicate wirelessly and even maintain temporary networks between vehicles that can inform accident prevention, road hazards, and other driving intelligence; a vehicle-to-passenger that enables cars to communicate with the passengers present in the vehicle; and Internet of Things (Vehicle-to-IoT or V2IoT), as a connected entity receiving data from external sources, and sharing data that it captures with remote third-parties for specific applications (traffic flow updates, for example). However, connected vehicles represent a security concern, due to the multiple potential attack vectors exploiting the communication to the vehicle and from it. The concern is growing rapidly as vehicles are becoming increasingly more connected whether to devices and the Internet of Things or to other connected vehicles. It further intensifies with the continuing development of autonomous vehicles.
One of the main concerns is the real time identification of the origin of a threat in the area of the attack. If one vehicle is attacked, and is in communication with additional vehicles in the area, it is possible to establish a network where metadata associated with the attack is collected in the detecting area. After the information is collected, it is then can be dispersed to other vehicles while establishing a certain pattern of the attack and ways to prevent it from affecting other vehicles.
An article ‘Experimental Security Analysis of a Modern Automobile’ (2010) experimentally demonstrated that an informed attacker who is able to infiltrate ECUs can circumvent a broad array of safety critical systems. ‘Comprehensive Experimental Analyses of Automotive Attack Surfaces’ (2011) proposed that remote exploitation of connected vehicles is feasible via a broad range of ‘attack vectors’ (including mechanics tools, compact disc players, Bluetooth links, and cellular radio); and further, that wireless communications channels can allow remote vehicle control, location tracking, in-cabin audio ‘exfiltratrion’, and vehicle theft. The foreseeable exploits of the vehicle data integrity might lead to data theft, such as: online automotive apps and services that contain banking/credit records; congestion charge or toll payment information; general personal identification data; insurance and tax data—useful for identity theft; license plates and other vehicle registration data; vehicle location information; vehicle physical security data; extortion/denial-of-service threat; fraud and deception (altering or deleting schedule logs and records); freight and goods theft (activating false alarms that cause goods to be left unattended); immobilization; premises security and burglary—vehicle data that reveals businesses and homes are unoccupied and many others.
U.S. Patent Application 20120254960, Connecting mobile devices, internet-connected vehicles, and cloud services, discloses a three-way trust relationship that is established between a mobile device, Internet-connected vehicle system, and a cloud-based service. Access rights are granted to the mobile device from the vehicle system, such that the mobile device can securely connect to, and obtain status information and/or control the Internet-connected vehicle system, through the cloud-based service.
U.S. Patent Application 20120284790, Providing cyber protection for the electric grid, discloses a method of improving security in an electrical grid network. The method includes configuring a lifecycle map associated with an operation in the electrical grid network, the lifecycle map including at least a start configuration, a final configuration, and a plurality of valid events arranged to link the start configuration and the final configuration, the start configuration and the final configuration corresponding to particular states of the electrical grid network. The method also includes monitoring at least one of messages and device configurations in the electrical grid network to detect one or more live events associated with the operation and comparing the plurality of live events to the lifecycle map to identify an anomaly in the live events.
U.S. Patent Application 20130227648, On board vehicle network security, discloses a microprocessor executable network controller operable to at least one of (a) isolate at least one other on board computational component in a vehicular wireless network not affected by a security breach event from a computational component affected by the security breach event and (b) isolate an on board computational component in the vehicular wireless network and affected by the security breach event from the at least one other on board computational component not affected by the security breach event.
U.S. Patent Application 20030236652, System and method for anomaly detection, discloses a system and method for detecting one or more anomalies in a plurality of observations. In one illustrative embodiment, the observations are real-time network observations collected from a plurality of network traffic. The method includes selecting a perspective for analysis of the observations. The perspective is configured to distinguish between a local data set and a remote data set. The method applies the perspective to select a plurality of extracted data from the observations. A first mathematical model is generated with the extracted data. The extracted data and the first mathematical model is then used to generate scored data. The scored data is then analyzed to detect anomalies.
U.S. Patent Application 20130141247, Method and system for maintaining and reporting vehicle occupant information, discloses an occupant information module that reports, to a third party, occupant information regarding a vehicle occupant.
U.S. Patent Application 20130158821, Method and system for vehicle data collection, discloses roadway map updating using vehicle performance and location information from plural vehicles.
U.S. Pat. No. 8,781,798, Systems and methods for exploring and utilizing solutions to cyber-physical issues in a sandbox, discloses methods and arrangements for accommodating and synthesizing data for seeking broad-based solutions to complex problems. Logical models with respect to infrastructure in a first location are created. System-level models are created with respect to the logical models, and simulations are performed on the system-level models to verify expected behavior. Feedback is employed from the performed simulations to forecast changes in the system-level models.
The prior art however does not address vehicle correlation system for detection of at least one cyber-attack on one or more vehicles comprising a plurality of on-board communication agent modules communicating with one another.
Therefore, there is a long felt and unmet need for a system and method that overcomes the problems associated with the prior art. The system and method will provide vehicle correlation calculation for detection of cyber-attacks on one or more vehicles communicating with one another via on-board communication agent modules.