Dynamic Security Resource Allocation for Connected and Automated Vehicles

Abstract

In this study, we address the dynamic security resource allocation for a CAV through sequential decision making under uncertainty and partial information. Specifically, we consider a CAV driving on a planned route and subject to potential cyberattacks. The true status of cyberattacks can only be observed via an attack detection monitor deployed on the CAV or on the cloud. The amount of security resources that can be allocated for monitoring depends on the energy supply of the CAV. At each time epoch, the CAV decides the amount of security resource to be allocated for attack detection. We assume that the detection recall/sensitivity is a function of the amount of allocated security resource. We further associate costs to undetected attacks and an unfinished trip due to energy depletion. As such, there is a trade-off between monitoring the CAV system to improve the detection sensitivity, and the risk of being unable to finish the trip. We develop a partially observable Markov decision process (POMDP) model that captures this trade-off by prescribing a security resource allocation policy to minimize the total discounted cost of a CAV trip over a finite horizon. To the best of our knowledge, it is the first study addressing the aforementioned trade-off and devising a dynamic security resource allocation policy for CAVs.

POMDP diagram for the security resource allocation problem.