F-Secure UK completes study on intelligent transport system security
May 2020 by F-Secure
Cyber security provider F-Secure has completed a study that maps out current and future security challenges facing connected autonomous vehicles (CAV) and intelligent transport systems (ITS) in the UK. F-Secure Consulting conducted the research as part of the Cyber Feasibility projects funded by the Centre for Connected Autonomous Vehicles and delivered by Zenzic and Innovate UK.
F-Secure Consulting’s study, which is available for download along with Zenzic’s Cyber Feasibility Report and the other 6 project studies, takes a holistic view in its examination of the various security challenges involved in the design and maintenance of the UK’s ITS networks. These networks represent a vast ecosystem of technologies and organizations that will collect and process large amounts of data to ensure the systems function safely and properly. F-Secure Consulting’s research highlights the tremendous amount of data collected by CAV and ITS systems, as well as the value of the systems themselves, making them attractive targets for a variety of attackers. According to James Loureiro, F-Secure Consulting’s UK Director of Research, this gives CAV/ITS testing sites (testbeds) set up across the UK an important role in helping secure new technologies as they’re developed for use in CAV/ITS systems – something he says is a significant opportunity for the country.
“The role of the UK’s testbeds in making sure emerging CAV/ITS technologies work together as part of a safe, secure, reliable system cannot be overstated. These sites give security and tech development an opportunity to intersect and inform one another. And with the right governance, support, and expertise, these projects can produce insights that establish the UK as an innovator in securing the technologies and infrastructure that will shape nations across the globe for years to come,” said Loureiro.
F-Secure Consulting’s report also emphasizes that the testbeds’ use of new technologies make them likely targets for attackers interested in gaining access to these technologies, and require special security considerations.
Additional topics addressed by F-Secure Consulting’s research include:
• Proposed ITS networks and the types of threats they are likely to face
• Considerations for testing ITS infrastructure (including testbeds) at scale
• Proposed technical components of ITS networks and descriptions of their security postures
• Recommendations for threat mitigations (at scale), with a specific emphasis on ITS testbeds
• Threat mapping scenarios that explain how attackers can move from an initial point of compromise to other parts of the network
All research produced for the Cyber Feasibility projects is now available for download via Zenzic’s website. F-Secure Consulting’s Vic Harkness, the lead author of F-Secure’s report, will present findings from the research in a Zenzic-hosted webinar on May 13 at 10:30am (BST). Registration info is available here. F-Secure Consulting operates on four continents from 11 different countries. It provides cyber security services tailored to fit the needs of banking, financial services, aviation, shipping, retail, insurance, and other organizations working in highly targeted sectors.