Vehicle-to-Vehicle communication can improve traffic safety and efficiency. This technology, however, increases the attack surface, making new attacks possible. To cope with these threats, researchers have made a great effort to identify and explore the potential of cyberattacks and also proposed various intrusion or misbehaviour detection systems, in particular machine learning-based solutions. Simulations have become essential to design and evaluate such detection systems as there are no real publicly available Vehicular Ad-Hoc Network (VANET) datasets containing a variety of attacks. The drawback is that simulations require a significant amount of computational resources and time for configuration. In this paper, we present an attack simulation and generation framework that allows training the attack generator with either simulated or real VANET attacks. We outline the structure of our proposed framework and describe the setup of a standard-compliant attack simulator that generates valid standardised CAM and DENM messages specified by ETSI in the Cooperative Intelligent Transport Systems (C-ITS) standards. Based on the introduced framework, we demonstrate the feasibility of using deep learning for the generation of VANET attacks, which ultimately allows us to test and verify prototypes without running resource-demanding simulations.

Context: Container-based virtualization is gaining popularity in different domains, as it supports continuous development and improves the efficiency and reliability of run-time environments. Problem: Different techniques are proposed for monitoring the security of containers. However, there are no guidelines supporting the selection of suitable techniques for the tasks at hand. Objective: We aim to support the selection and design of techniques for monitoring container-based virtualization environments. Approach:: First, we review the literature and identify techniques for monitoring containerized environments. Second, we classify these techniques according to a set of categories, such as technical characteristic, applicability, effectiveness, and evaluation. We further detail the pros and cons that are associated with each of the identified techniques. Result: As a result, we present CONSERVE, a multi-dimensional decision support framework for an informed and optimal selection of a suitable set of container monitoring techniques to be implemented in different application domains. Evaluation: A mix of eighteen researchers and practitioners evaluated the ease of use, understandability, usefulness, efficiency, applicability, and completeness of the framework. The evaluation shows a high level of interest, and points out to potential benefits. © 2021 The Authors

The automotive domain has got its own share of advancements in information and communication technology, providing more services and leading to more connectivity. However, more connectivity and openness raise cyber security and safety concerns. Indeed, services that depend on online connectivity can serve as entry points for attacks on different assets of the vehicle. This study explores collaborative ways of selecting response techniques to counter real-time cyber attacks on automotive systems. The aim is to mitigate the attacks more quickly than a single vehicle would be able to do, and increase the survivability chances of the collaborating vehicles. To achieve that, the design science research methodology is employed. As a result, we present RIPOSTE, a framework for collaborative real-time evaluation and selection of suitable response techniques when an attack is in progress. We evaluate the framework from a safety perspective by conducting a qualitative study involving domain experts. The proposed framework is deemed slightly unsafe, and insights into how to improve the overall safety of the framework are provided.

Some current and next generation security solutions employ machine learning and related technologies. Due to the nature of these applications, correct use of machine learning can be critical. One area that is of particular interest in this regard is the use of appropriate data for training and evaluation. In this work, we investigate different characteristics of datasets for security applications and propose a number of qualitative and quantitative metrics which can be evaluated with limited domain knowledge. We illustrate the need for such metrics by analyzing a number of datasets for anomaly and intrusion detection in automotive systems, covering both internal vehicle network and vehicle-to-vehicle (V2V) communication. We demonstrate how the proposed metrics can be used to learn the strengths and weaknesses in these datasets.

Vehicle-to-vehicle communication is a key technology for achieving increased perception for automated vehicles, where the communication enables virtual sensing by means of sensors in other vehicles. In addition, this technology also allows detection and recognition of objects that are out-of-sight. This paper presents a trust system that allows a cooperative and automated vehicle to make more reliable and safe decisions. The system evaluates the current situation and generates a trust index indicating the level of trust in the environment, the ego vehicle, and the surrounding vehicles. This research goes beyond secure communication and concerns the verification of the received data on a system level. The results show that the proposed method is capable of correctly identifying various traffic situations and how the trust index is used while manoeuvring in a platoon merge scenario.

This paper is an experience report of team Halmstad from the participation in a competition organised by the i-GAME project, the Grand Cooperative Driving Challenge 2016. The competition was held in Helmond, The Netherlands, during the last weekend of May 2016. We give an overview of our car's control and communication system that was developed for the competition following the requirements and specifications of the i-GAME project. In particular, we describe our implementation of cooperative adaptive cruise control, our solution to the communication and logging requirements, as well as the high level decision making support. For the actual competition we did not manage to completely reach all of the goals set out by the organizers as well as ourselves. However, this did not prevent us from outperforming the competition. Moreover, the competition allowed us to collect data for further evaluation of our solutions to cooperative driving. Thus, we discuss what we believe were the strong points of our system, and discuss post-competition evaluation of the developments that were not fully integrated into our system during competition time.