智能网联汽车信息安全威胁识别和防护方法研究

Research on methods of information security threat identification and protection for intelligent connected vehicles

为了充分了解智能网联汽车面临的信息安全风险、提升智能网联汽车信息安全防护水平,需要从智能网联汽车架构特点出发,以全面分析其面临的威胁挑战和潜在风险。因此文中提出智能网联汽车架构分层模型,将智能网联汽车分为收集信号的感知设备层、用于车辆内部和各类异构网络交换信息的网络通信层、执行计算决策的控制服务层以及通过物理或者无线接入的外部连接层。提出基于STRIDE威胁分析方法的针对智能网联架构四层模型的威胁识别系统方法,以分析每个层级面临的不同信息安全问题。实验结果表明,该方法有效地提高了智能网联汽车威胁分析的正确率和覆盖率。最后,基于智能网联汽车威胁识别的结果,从信息安全纵深防御的角度出发,通过对车载网络架构进行细化分层,按照信息安全的风险以及安全等级的高低,划分不同的智能网联汽车车内通信域,以降低网络通信层的安全风险。

In order to fully comprehend the information security risks that the ICVs may be confronted with,and enhance the level of information security protection of the ICVs,it is necessary to comprehensively analyze the threats,challenges and potential risks faced by the ICVs proceeding from its architecture characteristics.Therefore,an architecture hierarchical model is proposed to divide the ICV architecture into four layers,which are the sensing device layer for collecting signals,the network communication layer for exchanging information among vehicles and various heterogeneous networks,the control service layer for executing computational decisions and the external connection layer accessed in a physical or wireless manner.A threat identification system based on STRIDE,analysis method directing at the four-layer model of intelligent network architecture is proposed to analyze different information security problems faced by each layer.The experimental results show that the method can effectively improve the accuracy and coverage rate of the threat analysis about the ICVs.Finally,on the basis of the threat identification results of the ICVs,different in-vehicle communication domains are divided for ICVs according to the information security risks and security levels by detailed layering of architecture of vehicle-mounted network in the perspective of defense-in-depth of information security,so as to reduce the security risks of the network communication layer.