TARA 2.0 for Connected and Automated Vehicles_supp1-3574638.pdf
DOI: 10.1109/tits.2025.3574638/mm1
archive: archived pipeline: cataloged verified
Get this paper ↗ (DOI — opens at the source; we link to it, we don't host it)
Summary
This paper presents a detailed application of the TARA 2.0 (Threat Analysis and Risk Assessment) methodology for Connected and Automated Vehicles (CAVs), specifically focusing on the Automated Driving System (ADS) decision unit. The study is motivated by the need to define cybersecurity items and their operational environments according to ISO/SAE 21434 standards. The ADS is identified as a critical subsystem responsible for sensor data fusion (radar, camera, LiDAR), vehicle motion decisions, door authorization, and remote driving handovers. The research aims to systematically identify assets, damage scenarios, and threat vectors to evaluate the cybersecurity posture of this complex architecture. The methodology involves defining item boundaries, functions, and preliminary architectures, followed by the creation of Data Flow Diagrams (DFDs). Asset identification was conducted with 100% expert involvement, categorizing assets such as GNSS processing, image capturing, LiDAR point clouds, and various data interfaces (CAN, Ethernet, server connections). The study maps these assets to specific cybersecurity properties, including Confidentiality, Integrity, Availability, Unlinkability, Accountability, and Compliance. Damage scenarios were derived from potential asset compromises, such as GNSS signal loss, blinded vision, unauthorized facial image capturing, and malicious data manipulation. Threat scenarios were then generated using STRIDE and LINDDUN frameworks, linking specific threats (e.g., spoofing, flooding, denial of service) to damage scenarios and DFD elements. The findings detail a comprehensive matrix of 27 damage scenarios and 40 identified threat scenarios. For instance, Damage Scenario D1 (Compromising GNSS signal) is linked to threats involving malicious updates, invalid data flooding, and GPS spoofing. The paper further identifies specific attack paths, such as physically connecting to the GPS receiver to spoof data or remotely spoofing the GNSS antenna. Impact ratings were assigned to these attack paths across four categories: safety, financial, operational, and privacy. For example, physically accessing the CAN bus to manipulate automated driving functions (AP^S2_T3) was rated as having a "Major" impact on safety and operations, resulting in an aggregated impact level of "Major." Conversely, remotely spoofing the GNSS antenna (AP^S3_T3) was assessed as having a "Moderate" impact. The analysis highlights vulnerabilities in data flows, such as unencrypted transmissions allowing for linkability between GPS data and user identity. The significance of this work lies in its rigorous, structured approach to cybersecurity risk assessment for autonomous driving systems. By integrating ISO/SAE 21434 requirements with STRIDE and LINDDUN frameworks, the paper provides a replicable model for identifying and quantifying risks in CAV architectures. The detailed mapping of attack paths to impact levels offers actionable insights for mitigating high-risk scenarios, particularly those involving physical access and sensor spoofing. This contributes to the broader field by demonstrating how TARA 2.0 can be effectively applied to complex, multi-sensor systems to ensure safety, privacy, and operational integrity in connected vehicles.
Provenance
The full processing record for this entry. Every stage of this paper's journey through the pipeline is logged — what ran, with which tool and model, how many attempts it took, and when it last completed.
| Stage | Outcome | Tool | Model | Prompt | Attempts | Completed |
|---|---|---|---|---|---|---|
| discover | success | Crossref | — | — | 1 | 2026-06-25 |
| archive | success | canonical_url | — | — | 1 | 2026-06-26 |
| extract | success | cached | — | — | 2 | 2026-06-26 |
| clean | success | clean | — | — | 1 | 2026-06-26 |
| chunk | success | chunk | — | — | 1 | 2026-06-26 |
| embed | success | embed | Qwen/Qwen3-Embedding-8B | — | 1 | 2026-06-26 |
| enrich | failed | — | — | — | 1 | 2026-06-26 |
| promote | success | — | — | — | 1 | 2026-06-25 |
| summarize | success | llm | qwen3.6-27b-prismaquant | summ-v5 | 1 | 2026-06-26 |
| tag | success | vector_similarity | — | — | 6 | 2026-06-26 |
| verify | success | — | — | — | 1 | 2026-06-26 |
Summary generated by qwen3.6-27b-prismaquant on 2026-06-26; verification: verified.
Topics
Ranked by relevance to this paper. Hover a topic for its definition.