ABOUT THE COOPERATIVE RESILIENCE AND HEALING SYSTEM (CRHS)

Set of tools to obtain safeguard CCAM environment from cyberattacks and security breaches

The Cooperative Resilience and Healing System is a comprehensive suite of tools designed to safeguard cooperative, connected, and automated mobility (CCAM) environments from cyberattacks and security breaches. Orchestrated by a Vehicle Security Operation Center (VSOC), the Cooperative Resilience and Healing System enhances system resilience, robustness, trust levels, and provides a safe degraded mode for vehicles when necessary.

The Cooperative Resilience and Healing System consists of seven integrated tools deployed across the cloud, infrastructure (RSUs), and vehicles, delivering advanced resilience and self-healing capabilities to the CCAM ecosystem. This macro-tool collaborates closely with the Situational Awareness and Collaborative Perception (SACP) platform and the Trust Data Management System (TDMS) to address continuous assessments of the robustness and resilience of CCAM-enabled mobility solutions versus cyber-attacks, malfunction, misuse or system failure.

Audit box Cooperative Resilience and Healing System

01.

Hardware and software tools eliciting self-protection actions

02.

Methods for the assessment of robustness and auditing the surrounding vehicles

03.

Tools for vehicle’s defense and healing procedures after threats or cyberattacks

The brain of the Cooperative Resilience and Healing System

Dashboard in Kibana represents received vehicle ecosystem data that are enriched with context information for VSOC analysts

Vehicle Security Operation Center (VSOC)

The brain of the CRHS is the Vehicle Security Operations Center (VSOC). The VSOC is the first approach to a holistic monitoring and control of vehicle fleets in CCAM systems, combining decentralized protection tools with centralized control in CCAM systems.

It collects information from all the SELFY tools analyzing possible anomalies, vulnerabilities, jamming situations and assigns trust levels to the related CCAM elements. It can also trigger actions as triggering audits to a specific vehicle or a Secure Over the Air Update. The VSOC offers a series of dashboards providing real time information of what is happening.

SELFY VSOC can help OEMs to meet the current UNECE WP.29 regulation for cybersecurity.

SELFY VSOC is fully built with open-source components and published as an open-source project on GitHub.

Verification and validation of secure CCAM systems

Interaction-based V&V Tool (IVT)

The Interaction-based V&V Tool (IVT) from CEA is designed to model, manipulate, and analyze communication flows within CCAM systems. The tool facilitates the creation of interaction models similar to UML sequence diagrams or Message Sequence Charts, which represent high-level system and Vehicle-to-Everything (V2X) communication behaviors crucial for smarter, more efficient cooperative driving.

IVT integrates interaction models with Runtime Verification (RV) techniques to monitor the security and robustness of CCAM systems during operation. By analyzing system behavior at execution time, the tool ensures that communication and functionality remain within predefined scenarios, enhancing both the safety and reliability of CCAM systems.

Robustness assessment and audit tools

Audit Box

The Audit Box is a device integrated with a Roadside Unit (RSU) that audits and analyzes nearby vehicles in real time. It communicates directly with the Vehicle Security Operations Center (VSOC) and can be configured to scan vehicles using specific parameters. When the tool detects vulnerabilities or security issues in passing vehicles, it immediately informs the VSOC for further investigation. Additionally, it monitors for jamming attempts around the RSU and sends alerts if such interference is detected.

This solution enhances vehicle network security and strengthens the reliability of connected driving environments.

Robustification Tool

The Robustification Tool is a comprehensive tool that offers robust output feedback controllers for cooperative driving in adversarial conditions and anomaly isolation and estimation algorithms that are resistant to false-data injection attacks. It integrates advanced analysis and synthesis algorithms that quantify vehicles’ resilience to various cyber threats and design control and monitoring strategies to enhance their robustness.

By using the Robustification Tool, connected vehicle systems can maintain secure and reliable operations, even when faced with sophisticated cyberattacks.

Defense and healing procedures

Artificial Immune System (AIS)

The SELFY AIS Module is an advanced anomaly detection system designed to protect connected vehicles from cyber threats. This module utilizes an immune algorithm called Negative Selection Algorithm (NSA), to detect deviations or anomalies in V2X communications, particularly by analyzing vehicle sensor signals. By learning the normal behavior of vehicles, the AIS Module can identify attacks or abnormal patterns, improving its detection and response capabilities over time.

The AIS Module provides vehicles with self-learning and self-healing capacities, allowing them to not only detect but also mitigate or handle anomalies and attacks autonomously. This system evolves with every encounter, learning from previous threats to enhance its future defenses.

Deployed across three levels, the SELFY AIS Module optimizes its functions to safeguard the digital infrastructure of autonomous (EGO) vehicles, offering a cutting-edge approach to anomaly detection and security in connected mobility systems.

Safe operational modes

Situational Assessment Module

The Situational Assessment Module is an intelligent system designed to detect anomalies in the traffic environment by analyzing data from multiple sources, including roadside units (RSUs), vehicle sensors, and Controller Area Network (CAN) messages. Using advanced Artificial Intelligence (AI) techniques, the module processes this data to identify abnormal events such as misuse, malfunctions, or hazards, assigning a risk level to the current situation based on its analysis.

This system is particularly focused on two primary types of anomalies: GNSS Loss-Spoofing and RSU-Vehicle Mismatch. By continuously comparing the environment, CAN messages, planned trajectories, and CAM messages, the module offers a comprehensive assessment of the vehicle’s surroundings and ensures the early detection of risks in connected driving systems.

Safety Operation Tool

The Safety Operational Tool is a system designed to evaluate both situational and vehicle-specific risks for the ego-vehicle, adjusting its planned trajectory when necessary to execute a Minimum Risk Maneuver (MRM). In situations where the primary localization method, typically the Global Navigation Satellite System (GNSS), fails, the tool provides an alternative solution by running a degraded position calculation to ensure continued safe operation.

This tool dynamically selects the most appropriate operation mode based on the vehicle’s status and environmental conditions. Its primary objective during fail-safe operations is to guide the vehicle to perform a controlled stop at a suitable location. Additionally, the system can be triggered by the Vehicle Security Operations Center (VSOC) if necessary.

It ensures the vehicle can enter a safe mode based on risk assessments.