Research Article
A Comparative Study of JASO TP15002-Based Security Risk Assessment Methods for Connected Vehicle System Design
Table 20
: Prioritized Threat List in the RSS-CVSSv3 Case.
| # | Where | Who | When | Why | What | (At, | Asset) | AV | AC | PR | UI | EX | Im-C | Im-I | Im-A | ISC | SC | Risk Value |
| 117 | Mobile (Telematics) | Outsider | In regular use | Maliciously | steal information | Telematics | Authentication information | N | L | L | N | 2.8 | H | H | N | 5.2 | U | 8.01 | 118 | Mobile (Telematics) | Outsider | In regular use | Maliciously | steal information | Telematics | Personal information | N | L | L | N | 2.8 | H | H | N | 5.2 | U | 8.01 | 63 | Radar/Sensor | Outsider | In regular use | Maliciously | cause malfunction | ADAS | Control function | L | L | N | N | 2.5 | N | H | H | 5.2 | U | 7.69 | 64 | OBD-II | Outsider | In regular use | Maliciously | cause malfunction | CGW | Control function | L | L | N | N | 2.5 | N | H | H | 5.2 | U | 7.69 | 65 | OBD-II | Owner/User | In regular use | Maliciously | cause malfunction | CGW | Control function | L | L | N | N | 2.5 | N | H | H | 5.2 | U | 7.69 | 66 | OBD-II | Maintenance staff | In maintenance | Accidentally | cause malfunction | CGW | Control function | L | L | N | N | 2.5 | N | H | H | 5.2 | U | 7.69 | 6 | CWC (TPMS) | Outsider | regular use | Maliciously | cause malfunction | Power-train | Control function | A | L | L | N | 2.1 | N | H | H | 5.2 | U | 7.25 | 7 | CWC (TPMS) | Outsider | regular use | Maliciously | interfere with access | Power-train | Authentication function | A | L | L | N | 2.1 | N | H | H | 5.2 | U | 7.25 | 8 | CWC (TPMS) | Outsider | regular use | Maliciously | steal information | Power-train | Authentication information | A | L | L | N | 2.1 | H | H | N | 5.2 | U | 7.25 | 87 | DSRC (ITS) | Outsider | In regular use | Maliciously | steal information | ITS | Authentication information | A | L | L | N | 2.1 | H | H | N | 5.2 | U | 7.25 | 141 | BT/Wi-Fi/IR (Infotainment) | Outsider | In regular use | Maliciously | interfere with access to | Infotainment | Authentication function | A | L | L | N | 2.1 | N | H | H | 5.2 | U | 7.25 | 142 | BT/Wi-Fi/IR (Infotainment) | Outsider | In regular use | Maliciously | steal information | Infotainment | Authentication information | A | L | L | N | 2.1 | H | H | N | 5.2 | U | 7.25 | 72 | Mobile (Telematics) | Outsider | In regular use | Maliciously | cause malfunction | CGW | Control function | N | H | L | N | 1.6 | N | H | H | 5.2 | U | 6.80 | 14 | Mobile (Telematics) | Outsider | In regular use | Maliciously | cause malfunction | Power-train | Control function | N | H | L | N | 1.6 | N | H | H | 5.2 | U | 6.80 | 15 | Mobile (Telematics) | Outsider | In regular use | Maliciously | interfere with access to | Power-train | Authentication function | N | H | L | N | 1.6 | N | H | H | 5.2 | U | 6.80 | 16 | Mobile (Telematics) | Outsider | In regular use | Maliciously | steal information | Power-train | Authentication information | N | H | L | N | 1.6 | H | H | N | 5.2 | U | 6.80 | 31 | Mobile (Telematics) | Outsider | In regular use | Maliciously | cause malfunction | Chassis | Control function | N | H | L | N | 1.6 | N | H | H | 5.2 | U | 6.80 | 56 | Mobile (Telematics) | Outsider | In regular use | Maliciously | cause malfunction | ADAS | Control function | N | H | L | N | 1.6 | N | H | H | 5.2 | U | 6.80 | 90 | Mobile (Telematics) | Outsider | In regular use | Maliciously | steal information | ITS | Authentication information | N | H | L | N | 1.6 | H | H | N | 5.2 | U | 6.80 | 139 | Mobile (Telematics) | Outsider | In regular use | Maliciously | interfere with access to | Infotainment | Authentication function | N | H | L | N | 1.6 | N | H | H | 5.2 | U | 6.80 | 140 | Mobile (Telematics) | Outsider | In regular use | Maliciously | steal information | Infotainment | Authentication information | N | H | L | N | 1.6 | H | H | N | 5.2 | U | 6.80 |
|
|