Connected vehicles are a cornerstone of today's transportation ecosystem, integrating diverse sensors and communication technologies to enhance efficiency and intelligence. However, this connectivity significantly expands the attack surface, raising cybersecurity concerns and exposing sensitive data to potential misuse. In the context of automotive digital forensics, machine learning (ML)-based intrusion detection systems (IDS) play a vital role in monitoring, detecting and analyzing malicious activity to support both real-time protection and post-incident investigations. However, the adoption of ML-based IDS in the automotive domain is hindered by the opacity of many machine learning models. Explainable artificial intelligence (XAI) provides a pathway to interpretability, fostering trust among stakeholders ranging from cybersecurity analysts to vehicle manufacturers and end-users. In this paper, we benchmark a spectrum of machine learning models used for automotive intrusion detection, spanning from smaller models to more complex architectures tied with post-hoc explanations. Specifically, we compare intrinsic models (e.g., Decision Tree (DT), K-Nearest Neighbors (KNN)), semi-intrinsic models (e.g., Random Forests (RF)), and advanced deep learning models (e.g., Multilayer Perceptrons (MLP) and Transformers). Our evaluation across two benchmark datasets (i.e., Survival analysis dataset and the ORNL dataset) reveals that smaller, intrinsically explainable models (e.g., DT, RF) focus their importance on a limited subset of features, whereas larger models (e.g., MLP, Transformer) tend to distribute importance more broadly across all features. Moreover, the high F1-scores obtained by smaller models (e.g., RF: 0.9988 in Survival and 0.9985 in ORNL) tend to agree more with high performing larger models (e.g., MLP: 0.9984 in Survival and 0.9981 in ORNL) when their explainers are compared for similarity

This paper demonstrates how semantic knowledge graph integration can bridge organizational threat modeling and adversarial frameworks for responsible AI security assessment. We applied ThreatFinder.ai to an AI-based facial anonymization system, identifying 12 assets, 33 instantiated threats (7 unique), and 157 instantiated controls (28 unique). These outputs were transformed into knowledge graphs and semantically linked to MITRE ATLAS using Sentence-BERT embeddings, creating explicit, auditable mappings between organizational threats and adversarial techniques. The linking produced 123 threat→technique, 72 threat→SubTechnique, and 21 control→mitigation alignments (covering 55 unique threats and 15 unique controls), enabling asset-centric reasoning and transparent security decision-making. The methodology satisfies multiple stakeholder needs: organizational usability through familiar workflows, governance compliance through auditable relations, and ethical transparency through accessible visualizations. These results show that interdisciplinary requirements can drive approaches to AI security that are both technically rigorous and practically usable

Shared stand-up e -scooters have been used in Sweden since 2018. Both models in use and policies applied in different cities have evolved rapidly. This study aimed to examine the environmental impacts of shared stand-up e -scooters in Sweden and identify the key factors that impact the resource and energy efficiency of these e -scooters. The findings can help e -scooter providers and cities reduce the environmental impacts of shared e -scooter services. A comparative life cycle assessment was conducted on two main cases: Case 1 corresponds to first -generation shared e -scooter models that dominated the Swedish market from 2018 to 2020, while Case 2 corresponds to a significantly heavier e -scooter model introduced in Sweden from 2020 onwards. The results show that the production of e -scooters is part of the life cycle and has the largest contribution to the environmental impacts for both e -scooter models.

The eSPARK project examines the sustainability profile of the popular shared e-scooters through policy analysis, usage data analysis, surveys, and life cycle assessment. Policies and attempts to regulate e-scooters in Swedish and European cities are studied and discussed with stakeholders. The LCA-results suggest that factors such as how e-scooters are collected and distributed, and the total ridden kilometers have significant impact on their environmental impact. The project also suggests different methods that can support cities to predict the geographical area of the e-scooters and offers insights about how e-scooters are used in the cities. Usage data and the surveys show that they are used by active people in areas with a lot of activities, especially restaurants and clubs. Users are likely to have a driving license, to frequently use a car but also to have a monthly pass for public transport. Thus, escooters have a potential to mitigate congestion on roads and public transport but may lead to more traffic on bike infrastructure instead.

A modern vehicle contains a large number of electronic components communicating over a large in-vehicle network. While the operation of this network is crucial, some implementations are vulnerable to a number of security attacks while lacking sufficient security measures. Intrusion detection systems have been proposed as a possible solution to this, with those using machine learning receiving much attention. However, such systems may be hard to interpret and understand. In this work, we propose an automotive intrusion detection system that utilizes Random Forest with a dynamic voting technique to provide a robust solution with interpretability through feature and model exploration. The proposed solution is evaluated using two publicly available datasets and demonstrates stable performance when compared to similar solutions.

A modern vehicle contains a large number of electronic components communicating over a large in-vehicle network. While the operation of this network is crucial, some implementations are vulnerable to a number of security attacks while lacking sufficient security measures. Intrusion detection systems have been proposed as a possible solution to this, with those using machine learning receiving much attention. However, such systems may be hard to interpret and understand. In this work, we propose an automotive intrusion detection system that utilizes Random Forest with a dynamic voting technique to provide a robust solution with interpretability through feature and model exploration. The proposed solution is evaluated using two publicly available datasets and demonstrates stable performance when compared to similar solutions.

Modern vehicles have numerous electronic control units (ECUs) that constantly communicate over embedded in-vehicle networks (IVNs) comprised of controlled area network (CAN) segments. The simplicity and size-constrained 8-byte payload of the CAN bus technology makes it infeasible to integrate authenticity and integrity-based protection mechanisms. Thus, a malicious component will be able to inject malicious data into the network with minimal risk for detection. Such vulnerabilities have been demonstrated with various security attacks such as the flooding, fuzzing, and malfunction attacks. A practical approach to improve security in modern vehicles is to monitor the CAN bus traffic to detect anomalies. However, to administer such an intrusion detection system (IDS) with a general approach faces some challenges. First, the proprietary encodings of the CAN data fields need to be omitted as they are intellectual property of the original equipment manufacturers (OEMs) and differ across vehicle manufacturers and their models. Secondly, such general and practical IDS approach must also be computationally efficient in terms of speed and accuracy. Traditional IDSs for computer networks generally utilize a rule or signature-based approach. More recently, the approach of using machine learning (ML) with efficient feature representation has shown significant success because of faster detection and lower development and maintenance costs. Therefore, an efficient data aggregation technique with enhanced frequency-based feature representation to improve the performance of MLbased IDS for the IVNs is proposed. The performance gain was verified with the Survival Analysis Dataset for automobile IDS.

Modern vehicles have numerous electronic control units (ECUs) that constantly communicate over embedded in-vehicle networks (IVNs) comprised of controlled area network (CAN) segments. The simplicity and size-constrained 8-byte payload of the CAN bus technology makes it infeasible to integrate authenticity and integrity-based protection mechanisms. Thus, a malicious component will be able to inject malicious data into the network with minimal risk for detection. Such vulnerabilities have been demonstrated with various security attacks such as the flooding, fuzzing, and malfunction attacks. A practical approach to improve security in modern vehicles is to monitor the CAN bus traffic to detect anomalies. However, to administer such an intrusion detection system (IDS) with a general approach faces some challenges. First, the proprietary encodings of the CAN data fields need to be omitted as they are intellectual property of the original equipment manufacturers (OEMs) and differ across vehicle manufacturers and their models. Secondly, such general and practical IDS approach must also be computationally efficient in terms of speed and accuracy. Traditional IDSs for computer networks generally utilize a rule or signature-based approach. More recently, the approach of using machine learning (ML) with efficient feature representation has shown significant success because of faster detection and lower development and maintenance costs. Therefore, an efficient data aggregation technique with enhanced frequency-based feature representation to improve the performance of MLbased IDS for the IVNs is proposed. The performance gain was verified with the Survival Analysis Dataset for automobile IDS.