Abstract: Teleoperated driving technology enables human operators to control vehicles remotely, thereby reducing the need for the driver’s physical presence within the vehicle. Although this innovation enhances operational flexibility, it introduces security challenges that, if unaddressed, could undermine the reliability and safety of Teleoperated Driving Systems (TDS). This paper presents a comprehensive security risk analysis and architectural framework for TDS, emphasizing the system architecture. Our study combines an in-depth review of the existing literature with a structured risk management assessment to analyze TDS assets and data flows. By detailing the system and business assets, their interconnections, and the unique vulnerabilities inherent to TDS, we define critical security threats – ranging from unauthorized control and data manipulation to vulnerabilities in session management protocols and network configurations. The selected security risk management approach guides our risk analysis, maps security threats and vulnerabilities to the corresponding security requirements and controls, and provides a prioritized strategy for risk treatment. Validation results show that our risk analysis achieves strong coverage, with a third-party threat analysis tool confirming eighteen (18) of the thirty-two (32) identified security threats and highlighting three (3) additional scenarios, while missing fourteen (14) threats mainly due to tool limitations. Our results offer practitioners a practical blueprint for identifying and managing security risks in TDS.
Authors: Abasi-Amefon O. Affia-Jomants; Raimundas Matulevičius; Nataliia Pabat; Lukaš Malina