# Security and Privacy Issues for Connected Vehicles

**Authors:** Wenjun Xiong, Robert Lagerstr\"om

arXiv: 1812.04967 · 2018-12-19

## TL;DR

This paper addresses privacy concerns in connected vehicles by extending a security analysis framework with formal privacy specifications, using vehicleLang and MAL to evaluate privacy risks.

## Contribution

It introduces a formal privacy specification for connected vehicles based on vehicleLang and MAL, filling a gap in privacy analysis for vehicular data security.

## Key findings

- Formal privacy assessment framework developed
- Test cases demonstrate effectiveness of the approach
- Highlights privacy vulnerabilities in connected vehicle systems

## Abstract

Modern vehicles contain more than a hundred Electronic Control Units (ECUs) that communicate over different in-vehicle networks, and they are often connected to the Internet, which makes them vulnerable to various cyber-attacks. Besides, data collected by the connected vehicles is directly connected to the vehicular network. Thus, big vehicular data are collected, which are valuable and generate insights into driver behavior. Previously, a probabilistic modeling and simulation language named vehicleLang is presented to analyze the security of connected vehicles. However, the privacy issues of vehicular data have not been addressed. To fill in the gap, this work present a privacy specification for vehicles based on vehicleLang, which uses the Meta Attack Language (MAL) to assess the security of connected vehicles in a formal way, with a special focus on the privacy aspect. To evaluate this work, test cases are also presented.

---
Source: https://tomesphere.com/paper/1812.04967