An official website of the United States government
Testing and verifying the security of connected and autonomous vehicles (CAVs) under cyber-physical attacks is a critical challenge for ensuring their safety and reliability. Proposed in this article is a novel testing framework based on a model of computation that generates scenarios and attacks in a closed-loop manner, while measuring the safety of the unit under testing (UUT), using a verification vector. The framework was applied for testing the performance of two cooperative adaptive cruise control (CACC) controllers under false data injection (FDI) attacks. Serving as the baseline controller is one of a traditional design, while the proposed controller uses a resilient design that combines a model and learning-based algorithm to detect and mitigate FDI attacks in real-time. The simulation results show that the resilient controller outperforms the traditional controller in terms of maintaining a safe distance, staying below the speed limit, and the accuracy of the FDI estimation.
more »
« less
This content will become publicly available on December 31, 2026
A Reinforcement Learning-Based Parameter Tuning Approach for a Secure Cooperative Adaptive Cruise Control System
Connected and autonomous vehicles (CAVs) rely on communication channels to improve safety and efficiency. However, this connectivity leaves them vulnerable to potential cyberattacks, such as false data injection (FDI) attacks. We can mitigate the effect of FDI attacks by designing secure control techniques. However, tuning control parameters is essential for the safety and security of such techniques, and there is no systematic approach to achieving that. In this article, our primary focus is on cooperative adaptive cruise control (CACC), a key component of CAVs. We develop a secure CACC by integrating model-based and learning-based approaches to detect and mitigate FDI attacks in real-time. We analyze the stability of the proposed resilient controller through Lyapunov stability analysis, identifying sufficient conditions for its effectiveness. We use these sufficient conditions and develop a reinforcement learning (RL)-based tuning algorithm to adjust the parameter gains of the controller, observer, and FDI attack estimator, ensuring the safety and security of the developed CACC under varying conditions. We evaluated the performance of the developed controller before and after optimizing parameters, and the results show about a 50% improvement in accuracy of the FDI attack estimation and a 76% enhancement in safe following distance with the optimized controller in each scenario.
more »
« less
- Award ID(s):
- 2241718
- PAR ID:
- 10570301
- Publisher / Repository:
- SAE
- Date Published:
- Journal Name:
- SAE International Journal of Connected and Automated Vehicles
- Volume:
- 8
- Issue:
- 4
- ISSN:
- 2574-0741
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
The combination of connectivity and automation allows connected and autonomous vehicles (CAVs) to operate autonomously using advanced on-board sensors while communicating with each other via vehicle-to-vehicle (V2V) technology to enhance safety, efficiency, and mobility. One of the most promising features of CAVs is cooperative adaptive cruise control (CACC). This system extends the capabilities of conventional adaptive cruise control (ACC) by facilitating the exchange of critical parameters among vehicles to enhance safety, traffic flow, and efficiency. However, increased connectivity introduces new vulnerabilities, making CACC susceptible to cyber-attacks, including false data injection (FDI) attacks, which can compromise vehicle safety. To address this challenge, we propose a secure observer-based control design leveraging Lyapunov stability analysis, which is capable of mitigating the adverse impact of FDI attacks and ensuring system safety. This approach uniquely addresses system security without relying on a known lead vehicle model. The developed approach is validated through simulation results, demonstrating its effectiveness.more » « less
-
Cooperative adaptive cruise control (CACC) is one of the main features of connected and autonomous vehicles (CAVs), which uses connectivity to improve the efficiency of adaptive cruise control (ACC). The addition of reliable communication systems to ACC reduces fuel consumption, maximizes road capacity, and ensures traffic safety. However, the performance, stability, and safety of CACC could be affected by the transmission of outdated data caused by communication delays. This paper proposes a Lyapunov-based nonlinear controller to mitigate the impact of time-varying delays in the communication channel of CACC. This paper uses Lyapunov–Krasovskii functionals in the stability analysis to ensure semi-global uniformly ultimately bounded tracking. The efficaciousness of the proposed CACC algorithm is demonstrated in simulation and through experimental implementation.more » « less
-
In a centralized Networked Control System (NCS), agents share local data with the central processing unit that generates control commands for agents. The control center in an NCS receives information from the agents through a communication network and produces control commands for agents. Despite all of the advantages of an NCS, such as reduced design cost and simplicity, the integration of networked connectivity can expose the NCS to adversarial attacks, such as false data injection (FDI). In this paper, a novel control approach will be developed to mitigate the FDI attack’s effect and guarantee the control objective in a networked system of permanent magnet linear motors. To achieve this, a non-singular terminal sliding mode control will be designed using an observer to ensure the tracking objective. The extended state observer will estimate the state of the system and estimate the FDI attack in real time. The control center will produce a control signal which is robust to the FDI attack and any disturbance. A Lyapunov-based stability analysis will be used to prove the stability of the observer-based controller. A three-agent permanent magnet linear motor network is selected for the simulation to show the effectiveness of the proposed scheme.more » « less
-
The lack of inherent security controls makes traditional Controller Area Network (CAN) buses vulnerable to Machine-In-The-Middle (MitM) cybersecurity attacks. Conventional vehicular MitM attacks involve tampering with the hardware to directly manipulate CAN bus traffic. We show, however, that MitM attacks can be realized without direct tampering of any CAN hardware. Our demonstration leverages how diagnostic applications based on RP1210 are vulnerable to Machine-In-The-Middle attacks. Test results show SAE J1939 communications, including single frame and multi-framed broadcast and on-request messages, are susceptible to data manipulation attacks where a shim DLL is used as a Machine-In-The-Middle. The demonstration shows these attacks can manipulate data that may mislead vehicle operators into taking the wrong actions. A solution is proposed to mitigate these attacks by utilizing machine authentication codes or authenticated encryption with pre-shared keys between the communicating parties. Various tradeoffs, such as communication overhead encryption time and J1939 protocol compliance, are presented while implementing the mitigation strategy. One of our key findings is that the data flowing through RP1210-based diagnostic systems are vulnerable to MitM attacks launched from the host diagnostics computer. Security models should include controls to detect and mitigate these data flows. An example of a cryptographic security control to mitigate the risk of an MitM attack was implemented and demonstrated by using the SAE J1939 DM18 message. This approach, however, utilizes over twice the bandwidth as normal communications. Sensitive data should utilize such a security control.more » « less
