Threat and Mitigation Analysis The Threats and Mitigations identified in this paper may be used by parties engaged in introducing, designing or modifying products or services which are part of the vehicle ecosystem. They should be used as a basis for ensuring risks are adequately mitigated. They can be used to help determine vulnerabilities to potential cyber threats and ensure that appropriate measures are in place how to mitigate these risks.
This section provides details of threats and vulnerabilities that may exist and a list of security outcomes or mitigations that would reduce or counter these threats and vulnerabilities. A more detailed list of possible threat examples and security controls that could be used to mitigate them are provided in annexes 1 and 2.
Threat Assessment
The following provides a high level description of possible threats and vulnerabilities which the reader would be expected to consider and address in their design of a new or modified product or service:
Threats regarding back-end servers:
Back-end servers used as a means to attack a vehicle or extract data;
Messages received by the vehicle (for example X2V or diagnostic messages), or transmitted within it, contain malicious content;
Information can be readily disclosed. For example through eavesdropping on communications or through allowing unauthorized access to sensitive files or folders;
Legitimate actors are able to take actions that would unwittingly facilitate a cyber-attack;
Manipulation of the connectivity of vehicle functions enables a cyber-attack, this can include telematics; systems that permit remote operations; and systems using short range wireless communications;