Autonomous vehicles (AV) are becoming a part of humans' everyday life. There are numerous pilot projects of driverless public buses; some car manufacturers deliver their premium-level automobiles with advanced self-driving features. Thus, assuring the security of a Passenger-Autonomous Vehicle interaction arises as an important research topic, as along with opportunities, new cybersecurity risks and challenges occur that potentially may threaten Passenger's privacy and safety on the roads. This study proposes an approach of the security requirements elicitation based on the developed threat model. Thus, information security risk management helps to fulfil one of the principles needed to protect data privacy - information security. We demonstrate the process of security requirements elicitation to mitigate arising security risks. The findings of the paper are case-oriented and are based on the literature review. They are applicable for AV system implementation used by ride-hailing service providers that enable supervisory AV control.
翻译:自主车辆正在成为人类日常生活的一部分,有许多无人驾驶的公交公共汽车试点项目;一些汽车制造商以先进的自行驾驶功能提供其高价汽车,因此,确保乘客自驾车辆互动的安全是一个重要的研究课题,与机会、新的网络安全风险和挑战一起产生,有可能威胁乘客在公路上的隐私和安全;本研究报告根据已开发的威胁模式提出了安全要求的处理办法;因此,信息安全风险管理有助于履行保护数据隐私所需的原则之一——信息安全;我们展示了安全要求的征求过程,以减轻新出现的安全风险;该文件的结论面向个案,以文献审查为基础;适用于乘车服务提供者使用的AV系统实施,使AV控制得以监督。