Research Article

A Comparative Study of JASO TP15002-Based Security Risk Assessment Methods for Connected Vehicle System Design

Table 18

: Risk Analysis with respect to CGW.

# Where Who When Why What ( At, Asset ) AE EF Risk Value

64 OBD-II Outsider In regular use Maliciously cause malfunction ( CGW, Control function) 3.9 9.2 6.6
65 OBD-II Owner/User In regular use Maliciously cause malfunction ( CGW, Control function) 3.9 9.2 6.6
66 OBD-II Maintenance staff In maintenance Accidentally cause malfunction ( CGW, Control function) 3.9 9.2 6.6
67 OBD-II Maintenance staff In maintenance Accidentally write wrong data ( CGW, Flow/Storage data) 3.9 6.9 4.9
68 CWC (TPMS) Outsider In regular use Maliciously cause malfunction ( CGW, Control function) 4.4 9.2 6.8
69 CWC (TPMS) Outsider In regular use Maliciously write wrong data ( CGW, Flow/Storage data) 4.4 6.9 5.2
70 DSRC (ITS) Outsider In regular use Maliciously cause malfunction ( CGW, Control function) 4.4 9.2 6.8
71 DSRC (ITS) Outsider In regular use Maliciously write wrong data ( CGW, Flow/Storage data) 4.4 6.9 5.2
72 Mobile (Telematics) Outsider In regular use Maliciously cause malfunction ( CGW, Control function) 6.8 9.2 7.9
73 Mobile (Telematics) Outsider In regular use Maliciously write wrong data ( CGW, Flow/Storage data) 6.8 6.9 6.3
74 BT/Wi-Fi/IR (Infotainment) Outsider In regular use Maliciously cause malfunction ( CGW, Control function) 4.4 9.2 6.8
75 BT/Wi-Fi/IR (Infotainment) Outsider In regular use Maliciously write wrong data ( CGW, Flow/Storage data) 4.4 6.9 5.2
76 SD/USB (Infotainment) Outsider In regular use Maliciously cause malfunction ( CGW, Control function) 2.7 9.2 6.0
77 SD/USB (Infotainment) Owner/User In regular use Accidentally infect with malware ( CGW, Control function) 2.7 9.2 6.0
78 SD/USB (Infotainment) Outsider In regular use Maliciously write wrong data ( CGW, Flow/Storage data) 2.7 6.9 4.4