The deployment of connected and automated vehicles (CAVs) may enhance operations and safety with little human feedback. Automation requires the use of communication and smart devices, thus introducing potential access points for adversaries. This paper develops a prototype real-time monitoring system for a vehicle to infrastructure (V2I) based CAV system that generates cyberattack data for CAV operations under realistic traffic conditions. The monitoring system detects any deviations from the normal operation of CAVs using a long-short term memory (LSTM) neural network proposed by the authors and reverts the system back to a safe state of operation using a set of countermeasures. The proposed algorithm was also compared to convolutional neural network (CNN) and other classical algorithms. The monitoring system detected three different emulated cyberattacks with high accuracy. The LSTM showed the highest accuracy of 98% and outperformed the other algorithms. Further, the performance of the monitoring systems was assessed in terms of the impact on traffic stream stability and safety. The results reveal that a fake basic safety message (BSM) attack on even a single CAV causes the traffic stream to become significantly unstable and increase safety risk without the monitoring system. The monitoring system, however, reverts the system to a safe state of operation and reduces the negative impacts of cyberattacks. The monitoring system improves flow stability by an average of 38% as quantified through acceleration variation and volatility. This is comparable to the base case without attacks. The findings have implications for the design of future resilient systems.
INDEX TERMS -Cybersecurity; monitoring system; volatility; cooperative game; connected and automated vehicles; intelligent transportation I. INTRODUCTION Cooperative intelligent transportation technologies including connected and automated vehicles (CAVs) offer the potential to revolutionize transportation systems by improving efficiency and safety [1]. Since driver error is estimated to be a contributing factor in 93% of crashes [2], CAVs may reduce these crashes by reducing the effect of operator errors. CAVs utilize communication between vehicles (V2V) and infrastructure (V2I) to communicate location, position, etc., to surrounding vehicles and roadside units (RSUs). This communication is vital for the wider deployment of CAVs. The operation of multiple CAVs on the road network will require resilient communications between vehicles and infrastructure. This communication dependence provides access points to hackers, however. While vulnerability to cyberattacks also exists in traditional transportation systems [3], the additional reliance and interdependency on communication and automation may exacerbate the situation for CAVs and result in severe crashes and traffic instability. This makes it imperative to analyze the cyber risks of the CAV environment before reaching a mass deployment stage so that the design of these applications can be enhanced to perform...