Ασφάλεια υπηρεσιών ευφυών μεταφορών : μοντελοποίηση και αξιολόγηση

Security of intelligent transportation services: modelling and assessment

Thumbnail
Doctoral Thesis
Author
Γαροφαλάκη, Ζαχαρένια
Date
2023-10
Advisor
Δουληγέρης, Χρήστος
View/Open
Keywords
Ασφάλεια ; Ευφυή συστήματα μεταφοράς ; Μοντελοποίηση ; Αυτόνομα οχήματα ; Αξιολόγηση ασφάλειας ; Διαδίκτυο των Αντικειμένων ; Φόρτιση ηλεκτρικών οχημάτων ; Petri net 
Abstract
In the Internet of Things (IoT) era, intelligent transport services are suitable for addressing transport issues within an urban environment, while limiting carbon dioxide emissions and energy consumption. Intelligent transport services can be a useful solution for passengers who are located far from public transport nodes. This problem is referred to as the first/last mile problem, which is often encountered in urban or peri-urban environments as well as on restricted/private road networks. An intelligent IoT transport service leverages technological and functional IoT features, such as the secure data sharing with third-party services. However, these IoT features may change the original form of the individual functions and affect core processes, such as the fleet management. By extension, the security of the service which depends on the individual weaknesses of each hardware or software component within the service, depends additionally on the relative weaknesses and vulnerabilities of the third-party service. The core process of the fleet management of an IoT transport service includes the important sub-process of fleet parking and charging. This sub-process affects the availability of the service. Electric Vehicles (EVs) are an important part of smart transport and operate within the smart electric infrastructures and participate to the Plug-in Electric Vehicle (PEV) charging network. In these PEV charging networks, a multitude of protocols and standards defines the communication of the participating elements. Open Charge Point Protocol (OCPP) stands out as the most used protocol. However, it wasn’t until 2015 that OCPP incorporated some security-related features. This thesis studies the feasibility of assessing and maintaining the security level of a transport service, despite the challenges associated with the IoT characteristics of the service and the introduced vulnerabilities of the vehicles charging process. A prototype IoT transport service is presented, the intelligent Bus on Campus (iBuC), which operates on the private road network of a university campus. The IoT features that make the iBuC service a part of the IoT ecosystem are studied these features shape the service’s nature and architecture. The SAPnet modeling platform is then presented, which includes the Stochastic Petri net (SPN) modeling ontology toolbox enriched with the appropriate tools to allow and facilitate the security assessment of an IoT service. SAPnet is used to highlight the changes of the behavior and the security level of the iBuC service. The extent to which SAPnet facilitates and accelerates the security assessment process is noted. Finally, a typical architecture of an OCPP charging system is proposed. The security issues, the threats, and the related countermeasures of an EV charging system are presented. The security of the iBuC service is, then, reassessed considering the vulnerabilities and weaknesses of the EV charging system. The iBuC service emerges as an interesting solution to the first/last mile problem and incorporates enough IoT features, such as transparency, multiple utilization and innovation of its operations and data. Regarding the security evaluation problem of an IoT-based transport service, a security modeling and evaluation method using the SPN formalism is presented and applied for the first time to an IoT service, the iBuC. The above evaluation highlights the change in the behavior and the security level of the iBuC service, due to the change of an IoT feature of the service, that is, the third-party service. Also, the proposed SAPnet modeling platform allows the valid assessment of the security level of any service in real time and the quick feasibility to reassess after any change to the service model. Finally, the assessment of the service incorporating the vulnerabilities of the PEV charging network highlights that solving the open security issues in the PEV charging network will also significantly affect the security level of the transport service.
Department
Σχολή Τεχνολογιών Πληροφορικής και Επικοινωνιών. Τμήμα Πληροφορικής
Number of pages
153
Language
Greek
URI
https://dione.lib.unipi.gr/xmlui/handle/unipi/16206
http://dx.doi.org/10.26267/unipi_dione/3628
Collections
Show full item record
Αναφορά Δημιουργού-Μη Εμπορική Χρήση-Όχι Παράγωγα Έργα 3.0 Ελλάδα
Except where otherwise noted, this item's license is described as
Αναφορά Δημιουργού-Μη Εμπορική Χρήση-Όχι Παράγωγα Έργα 3.0 Ελλάδα
Βιβλιοθήκη Πανεπιστημίου Πειραιώς
Contact Us
Send Feedback
Created by ELiDOC
Η δημιουργία κι ο εμπλουτισμός του Ιδρυματικού Αποθετηρίου "Διώνη", έγιναν στο πλαίσιο του Έργου «Υπηρεσία Ιδρυματικού Αποθετηρίου και Ψηφιακής Βιβλιοθήκης» της πράξης «Ψηφιακές υπηρεσίες ανοιχτής πρόσβασης της βιβλιοθήκης του Πανεπιστημίου Πειραιώς»