CPS: Breakthrough: Collaborative Research: Track and Fallback: Intrusion Detection to Counteract Carjack Hacks with Fail-Operational Feedback

NSF Support

This research has been supported by the National Science Foundation, grants CNS-1646317 and CNS-1645987. .

Project Description

Automotive vehicle cybersecurity becomes more important as automobiles become more connected and intelligent. The security of every vehicle on the road is necessary to ensure the safety of every person on or near roadways, whether a motorist, bicyclist, or pedestrian. Features such as infotainment, telematics, and driver assistance disrupt the automotive market and greatly increase the complexity of vehicles: top-of-the-line cars contain over 200 computers and 100 million lines of software code. With rising complexity comes rising costs to ensure safety and security. A live demonstration has shown that a stock commercial vehicle can be remotely carjacked by hacking its infotainment system and propagating commands through to the control system. Thus, the objective of this project is to protect in-vehicle networks from remote cyber attacks. The method of protection is a distributed in-vehicle network intrusion detection system (IDS) using information flow tracking and sensor data provenance in the cyber domain with novel approaches to address the physical uncertainty and time constraints of an automotive control system. When an intrusion is detected, the IDS triggers a fail-operational mode change to provide graceful degradation of service and initiate recovery without compromising human safety.

The proposed approach differentiates from the state-of-the-art in general-purpose IDSs, as it considers other factors that are heavily influenced by the physical world: real-time latency, spatial sensitivity, mixed-criticality, operational mode changes, fail-safe and fail-operational security countermeasures, and the probabilistic nature of intrusion detection classifiers especially with respect to false positives. These factors lead to novel IDS designs and algorithms that could transform the field of CPS security. The proposed research will be validated with actual vehicle test beds, greatly enhancing the ability to detect, mitigate, and recover from remote carjacking cyber attacks.

Project Participants


Joseph Zambreno, Professor of Electrical Computer and Engineering, PI for this research at Iowa State University.

Gedare Bloom, Assistant Professor of Computer Science, PI for this research at the University of Colorado, Colorado Springs.

Graduate Researchers

Clinton Young, Habeeb Olufowobi, Ebelechukwu Nwafor, Eric Muhati, and Mark Stidd have contributed to this research as graduate Research Assistants.

Undergraduate Researchers

Bijan Choobineh, Spencer Goodwin, Jordan Svoboda, Kyung-Tae Kim, Saurav Aryal, David Hill Jr., Andre Campbell, Gaylon Robinson, Seamus Downey, and John Henry Clark have contributed as a undergraduate Research Assistants.



  • G. Bloom, “Automotive Cybersecurity in the Connected World”, Keynote address at the ISACA Greater Washington DC Annual General Meeting, June, 2018.
  • G. Bloom, “Resilience in Automotive Intrusion Detection Systems”, Presentation at the Critical Infrastructure Resilience Institute (CIRI) of the University of Illinois at Urbana-Champaign (UIUC), August, 2018.