Go to DBLP homepageOn Security Vulnerabilities in Transportation IoT Devices
Abstract: This paper presents an empirical investigation of security vulnerabilities in four categories of transportation IoT devices: Electric Vehicle (EV) Chargers, EVs, non-EVs, and Other Traffic Devices. The results are based on data extracted from the Common Vulnerabilities and Exposures (CVEs) reported in the National Vulnerability Database (NVD). We analyzed 159 CVEs and explored the CWE (Common Weakness Enumeration) and CVSS (Common Vulnerability Scoring System) information associated with them. Our results showed that the security vulnerabilities were distributed unevenly across the 23 vulnerability classes, with the top six most common classes accounting for 74% to 89% of all vulnerabilities in each category of IoT devices. EV Chargers had the highest mean and median CVSS severity score, followed by Other Traffic Devices and EVs. Non-EVs had the lowest CVSS, which were statistically significantly different than the other categories of transportation IoT devices. The paper also presents the lessons learned and the practical implications of our empirical findings.
External IDs:dblp:conf/dsn/YihGC25
Loading