Research Article
A Comparative Study of JASO TP15002-Based Security Risk Assessment Methods for Connected Vehicle System Design
Table 20
: Prioritized Threat List in the RSS-CVSSv3 Case.
| | # | Where | Who | When | Why | What | (At, | Asset) | AV | AC | PR | UI | EX | Im-C | Im-I | Im-A | ISC | SC | Risk Value |
| | 117 | Mobile (Telematics) | Outsider | In regular use | Maliciously | steal information | Telematics | Authentication information | N | L | L | N | 2.8 | H | H | N | 5.2 | U | 8.01 | | 118 | Mobile (Telematics) | Outsider | In regular use | Maliciously | steal information | Telematics | Personal information | N | L | L | N | 2.8 | H | H | N | 5.2 | U | 8.01 | | 63 | Radar/Sensor | Outsider | In regular use | Maliciously | cause malfunction | ADAS | Control function | L | L | N | N | 2.5 | N | H | H | 5.2 | U | 7.69 | | 64 | OBD-II | Outsider | In regular use | Maliciously | cause malfunction | CGW | Control function | L | L | N | N | 2.5 | N | H | H | 5.2 | U | 7.69 | | 65 | OBD-II | Owner/User | In regular use | Maliciously | cause malfunction | CGW | Control function | L | L | N | N | 2.5 | N | H | H | 5.2 | U | 7.69 | | 66 | OBD-II | Maintenance staff | In maintenance | Accidentally | cause malfunction | CGW | Control function | L | L | N | N | 2.5 | N | H | H | 5.2 | U | 7.69 | | 6 | CWC (TPMS) | Outsider | regular use | Maliciously | cause malfunction | Power-train | Control function | A | L | L | N | 2.1 | N | H | H | 5.2 | U | 7.25 | | 7 | CWC (TPMS) | Outsider | regular use | Maliciously | interfere with access | Power-train | Authentication function | A | L | L | N | 2.1 | N | H | H | 5.2 | U | 7.25 | | 8 | CWC (TPMS) | Outsider | regular use | Maliciously | steal information | Power-train | Authentication information | A | L | L | N | 2.1 | H | H | N | 5.2 | U | 7.25 | | 87 | DSRC (ITS) | Outsider | In regular use | Maliciously | steal information | ITS | Authentication information | A | L | L | N | 2.1 | H | H | N | 5.2 | U | 7.25 | | 141 | BT/Wi-Fi/IR (Infotainment) | Outsider | In regular use | Maliciously | interfere with access to | Infotainment | Authentication function | A | L | L | N | 2.1 | N | H | H | 5.2 | U | 7.25 | | 142 | BT/Wi-Fi/IR (Infotainment) | Outsider | In regular use | Maliciously | steal information | Infotainment | Authentication information | A | L | L | N | 2.1 | H | H | N | 5.2 | U | 7.25 | | 72 | Mobile (Telematics) | Outsider | In regular use | Maliciously | cause malfunction | CGW | Control function | N | H | L | N | 1.6 | N | H | H | 5.2 | U | 6.80 | | 14 | Mobile (Telematics) | Outsider | In regular use | Maliciously | cause malfunction | Power-train | Control function | N | H | L | N | 1.6 | N | H | H | 5.2 | U | 6.80 | | 15 | Mobile (Telematics) | Outsider | In regular use | Maliciously | interfere with access to | Power-train | Authentication function | N | H | L | N | 1.6 | N | H | H | 5.2 | U | 6.80 | | 16 | Mobile (Telematics) | Outsider | In regular use | Maliciously | steal information | Power-train | Authentication information | N | H | L | N | 1.6 | H | H | N | 5.2 | U | 6.80 | | 31 | Mobile (Telematics) | Outsider | In regular use | Maliciously | cause malfunction | Chassis | Control function | N | H | L | N | 1.6 | N | H | H | 5.2 | U | 6.80 | | 56 | Mobile (Telematics) | Outsider | In regular use | Maliciously | cause malfunction | ADAS | Control function | N | H | L | N | 1.6 | N | H | H | 5.2 | U | 6.80 | | 90 | Mobile (Telematics) | Outsider | In regular use | Maliciously | steal information | ITS | Authentication information | N | H | L | N | 1.6 | H | H | N | 5.2 | U | 6.80 | | 139 | Mobile (Telematics) | Outsider | In regular use | Maliciously | interfere with access to | Infotainment | Authentication function | N | H | L | N | 1.6 | N | H | H | 5.2 | U | 6.80 | | 140 | Mobile (Telematics) | Outsider | In regular use | Maliciously | steal information | Infotainment | Authentication information | N | H | L | N | 1.6 | H | H | N | 5.2 | U | 6.80 |
|
|
