ABSTRACT The development of autonomous electric vehicles (AEVs) represents the convergence of two simultaneous automotive revolutions: electric vehicles (EVs) and autonomous vehicles (AVs). AVs require sensors, decision‐making systems and actuation systems to achieve autonomous driving, whereas EVs require intelligent management and real‐time communication with the electricity grid and charging facilities. AEVs integrate these domains into a connected, intelligent and energy‐conscious cyber‐physical system. For example, advanced driver assistance systems (ADAS), installed in AEVs, allow the vehicle to operate without human interaction. However, this interconnectedness of AEVs through ADAS and other highly connected systems significantly increases the attack surface. Threats to AEVs include artificial intelligence manipulation and sensor impersonation, whereas vulnerabilities in network communications, charging protocols and remote access can further expand their threat surface. Complex cyber‐physical threat vectors arise from the interaction of the AEV components across external (5G, Wi‐Fi) and internal (Control Area Network CAN, Ethernet) communication networks. Additional entry points arise through the exchange of data and power between charging stations and the network infrastructure. These threats can impact vehicle charging, energy consumption, damage vehicle engines and can even adversely affect the entire grid system. However, current research is often siloed either focussing on charging systems or on vehicles independently lacking unified models that capture common threat paths, attack surfaces and security interconnections particularly for advanced driver assistance systems. AEVs communicate to other vehicles, infrastructure, grid, network through Vehicle‐to‐Vehicle (V2V), Vehicle‐to‐Infrastructure (V2I), Vehicle‐to‐Grid (V2G), Vehicle‐to‐Network (V2N) channels of communication, all of which are grouped into the larger Vehicle‐to‐Everything (V2X) communication. Every connection is thus a potential entry point for cyber attacks. In this paper, we present an early threat landscape model represented as a formal ontology of AEV components, threats, vulnerabilities and mitigations, which are mapped to threat frameworks to provide a detailed view. The semantic representation of the AEV threat landscape provides a machine‐interpretable knowledge model that enables automated reasoning and rich querying to identify hidden risks and trace attack propagation paths unlike static models or flat frameworks. The modular and extensible nature of the ontology is most suited to the ever‐evolving and rapidly changing nature of AEVs and their threats.
Alsadi et al. (Thu,) studied this question.