Subtle Anomaly Detection in the Global Dynamics of Connected Vehicle Systems, 10-R8571
Paul A. Avery
Adam K. Van Horn
Brian K. Anderson
Michael A. Brown
Inclusive Dates: 07/01/15 – Current
Background — Increasing connectivity among vehicles, roadside devices, and traffic management systems under the United States Department of Transportation (USDOT) Connected Vehicle (CV) program creates the potential for both novel benefits to society as well as novel risks. The vulnerability of individual vehicles for targeted disruption has increased as their control systems, and even their entertainment systems, have shifted towards computer control. This is compounded as vehicles begin receiving and acting upon messages within a CV system. The USDOT is actively funding research into the security algorithms, protocols, and procedures needed for the unique aspects of emerging vehicle and highway system technologies.
The concept of security for automated vehicles, especially ones that are connected to other information sources via over-the-air (OTA) messages, must go beyond message authentication to consider the broader issue of message trust by using a multi-factored approach. The global dynamics of a system comprised of individual and independent entities emerge as a result of the interaction of the individuals over time. The current project is investigating the algorithms and methods required to detect subtle anomalies in the behavior of a connected vehicle system at the system level.
Approach — The project team will utilize traffic data collected in District 5 (D5) of the Florida Department of Transportation (FDOT) to develop data-analytic methods for characterizing nominal traffic system behavior (behavior in the absence of anomalous CV messages). The team will then use a commercially available traffic modeling and simulation software product (TransModeler) to simulate and analyze the collective dynamics of traffic systems under various conditions where CVs are present. A classifier will be developed to detect subtle shifts in the global traffic behavior due to the presence of an anomaly.
Accomplishments — The project team identified specific and relevant CV operational scenarios and the requirements for implementation, in which the global dynamics of the system can be disturbed by OTA messages. A risk matrix was generated to score each of the identified threat scenarios according to their severity (S), probability (P), and ease of implementation (Ei) within the TransModeler software, according to the relationship of S*P/Ei. This exercise also helped the project team to determine an appropriate roadway to model within the FDOT D5. An approximately 17-mile segment of Interstate 4 in Florida, just north of Orlando was selected.
The project team also began work on the CV interface with TransModeler, which includes development of a socket communication layer between simulated vehicles based on dedicated short range communication (DSRC) standards. The team began testing this capability in TransModeler by injecting a "ghost vehicle" using an SwRI-developed graphical user interface (GUI). Basic safety message (BSM) data generated by the simulated vehicles was then analyzed using an SwRI-developed tool, which enables the rapid analysis of BSM data to determine the location and geometry of lanes. The errant BSM data from the ghost vehicle is visible using this tool and is an example of the type of data available from CV systems that may indicate anomalous behavior.