Post-Accident Cyberattack Event Analysis for Connected and Automated Vehicles

Smart mobility is an imperative facet of smart cities, and the transition of conventional automotive systems to connected and automated vehicles (CAVs) is envisioned as one of the emerging technologies on urban roads. The existing AV mobility environment is perhaps centered around road users and infrastructure, but it does not support future CAV implementation due to its proximity with distinct modules nested in the cyber layer. Therefore, this paper conceptualizes a more sustainable CAV-enabled mobility framework that accommodates all cyber-based entities. Further, the key to a thriving autonomous system relies on accurate decision making in real-time, but cyberattacks on these entities can disrupt decision-making capabilities, leading to complicated CAV accidents. Due to the incompetence of the existing accident investigation frameworks to comprehend and handle these accidents, this paper proposes a 5Ws and 1H-based investigation approach to deal with cyberattack-related accidents. Further, this paper develops STRIDE threat modeling to analyze potential threats endured by the cyber-physical system (CPS) of a CAV ecosystem. Also, a stochastic anomaly detection system is proposed to identify the anomalies, abnormal activities, and unusual operations of the automated driving system (ADS) functions during a crash analysis.