e automotive industry has used emerging technological concepts to transform automobiles into sophisticated cyber platforms. However, this extended technological evolution hides multiple security risks capable of a ecting both the intelligent transportation domain and human life itself.E very government takes advantage of cooperation between industrial and technological domains to achieve social and economic prosperity. e automotive industry's use of information and communications technology (ICT), for example, has triggered the evolution of the global phenomenon known today as intelligent transport systems (ITSs; h p://sites.ieee .org/itss). Any disruption or disconnection in modern transport operations makes the entire ITS structure vulnerable at every level architectural, national, regional, global, physical, cyber, and human. Unfortunately, cyberthreats and a acks are a spreading menace for all critical infrastructure (CI), including the ITS domain. 1 us, ITS safety and security are major concerns when selecting security management (SM) frameworks to apply in the delicate yet complex cyber environment, in which robustness against a acks must be ensured. However, SM and critical infrastructure protection (CIP) standards and frameworks don't adequately address the various cascading e ects associated with modern ITS security incidents. More speci cally, existing security standards, methodologies, and tools don't explicitly cover the rapidly developed ITS environment or address its speci c large-scale requirements. Consequently, cyberthreats and a acks can't be fully identied, which means malicious actions can't be prevented, thereby creating critical ITS security gaps. We seek to raise awareness of cybersecurity issues and concerns in the ITS arena by presenting an extensive threat analysis of the ITS environment.
Vulnerabilities and the E orts to Counter eme ITS environment consists of multiple heterogeneous and complex layers of physical infrastructures (highways, roads, platforms, vehicles, and buildings), IT infrastructures (hardware equipment, ITS stations, onboard/roadside units, and nomadic devices), communication systems (networks and transmissions), ITS services and applications (cooperative and safety), and users (drivers, passengers, administrators, and security o cers or managers).To provide intelligent and real-time services in such a highly mobile environment, the ITS domain collects, processes, and returns data from all participating entities, forcing the in-vehicle network architecture used for data exchange among the electronic control units (ECUs) to evolve accordingly. Until recently, there was no need to secure automotive buses: they weren't connected to the user domain or the vehicle's exterior, so the ITS domain wasn't fully connected (and therefore vulnerable). But as technology evolves, so do threats and vulnerabilities, in spite of the countermeasures applied by ITS architects, security experts, manufacturers, and vendors. Consequently, in less than a decade, numerous security breaches ha...