Date of Award

5-28-2025

Publication Type

Dissertation

Degree Name

Ph.D.

Department

Industrial and Manufacturing Systems Engineering

Keywords

Automotive System; Cybersecurity; Heavy-Duty Vehicle; Risk assessment; TARA; Threat analysis

Supervisor

Beth-Anne Schuelke-Leech

Supervisor

Mitra Mirhassani

Rights

info:eu-repo/semantics/embargoedAccess

Abstract

The increasing integration of advanced technologies and connectivity in heavy-duty (HD) vehicles has expanded their attack surface, making them highly vulnerable to cyber threats. Unlike light-duty (LD) vehicles, HD vehicles are critical to commercial transportation and logistics, making cybersecurity risks in this sector particularly concerning. Despite these risks, research on HD vehicle cybersecurity remains limited. A successful cyberattack on an HD vehicle could cause severe operational disruptions, financial losses, and safety hazards. This dissertation addresses this gap by systematically analyzing security risks in HD vehicles and developing a tailored risk assessment framework. Chapter 1 provides a comprehensive literature review on cybersecurity vulnerabilities in HD vehicles, comparing them to LD vehicles and identifying key differences in their network architecture, communication protocols, and security challenges. This review highlights the lack of dedicated cybersecurity frameworks for HD vehicles and identifies major research gaps. The findings emphasize the need for a specialized cybersecurity approach that considers the unique characteristics and operational requirements of HD vehicles. Chapter 2 builds on these insights by performing a structured threat analysis (TA) for HD vehicles. A system engineering-based methodology is used to decompose a freight truck into its subsystems, enabling a detailed identification of potential cybersecurity vulnerabilities. The STRIDE framework is applied using the Microsoft Threat Modeling Tool to assess various attack vectors targeting HD vehicle interfaces. This structured approach to threat modeling provides a foundation for developing a more precise risk assessment framework tailored to HD vehicle cybersecurity needs. Chapter 3 introduces a customized Threat Analysis and Risk Assessment (TARA) model designed specifically for HD vehicles. Existing TARA frameworks, such as EVITA, HEAVENS, and ISO/SAE 21434, were primarily developed for LD vehicles and fail to capture the unique cybersecurity challenges of HD vehicles. This research adapts impact and feasibility metrics within the ISO/SAE 21434 framework to better address HD vehicle security concerns. Through a refined analysis of cyber threat vectors and vehicle interfaces, this study ensures a more accurate and relevant risk assessment for HD vehicles, leading to improved threat prioritization and mitigation strategies. Chapter 4 strengthens the proposed risk assessment model by incorporating expert opinions and utilizing the Fuzzy Analytic Hierarchy Process (FAHP). Expert insights are used to refine risk assessment criteria, and FAHP is applied to assign weighted importance to different risk factors. This enhances the reliability and industry relevance of the model, ensuring that cybersecurity evaluations align with real-world challenges faced by HD vehicle manufacturers and operators. This dissertation makes a significant contribution to HD vehicle cybersecurity by presenting a structured approach to threat analysis and risk assessment. By addressing research gaps, refining security frameworks, and validating the model through expert input, this work provides a practical tool for industry stakeholders. The findings support the development of enhanced cybersecurity policies and practices, ultimately improving the safety, reliability, and resilience of HD vehicles in an increasingly connected world.

Download

Available for download on Saturday, May 30, 2026

Share

COinS