Search Results (58)

The rise of connected and automated vehicles has transformed in-vehicle infotainment (IVI) systems into critical gateways linking user interfaces, vehicular networks, and cloud-based fleet services. A concerning architectural reality is that hardcoded credentials like access point names (APNs) in IVI firmware create a cross-layer attack surface where local exposure can escalate into entire vehicle fleets being remotely compromised. To address this risk, we propose a cross-layer security framework that integrates firmware extraction, symbolic execution, and targeted fuzzing to reconstruct authentic IVI-to-backend interactions and uncover high-impact web vulnerabilities such as server-side request forgery (SSRF) and broken access control. Applied across seven diverse automotive systems, including major original equipment manufacturers (OEMs) (Mercedes-Benz, Tesla, SAIC, FAW-VW, Denza), Tier-1 supplier Bosch, and advanced driver assistance systems (ADAS) vendor Minieye, our approach exposes systemic anti-patterns and demonstrates a fully realized exploit that enables remote control of approximately six million Mercedes-Benz vehicles. All 23 discovered vulnerabilities, including seven CVEs, were patched within one month. In closed automotive ecosystems, we argue that the true measure of efficacy lies not in maximizing code coverage but in discovering actionable, fleet-wide attack paths, which is precisely what our approach delivers. Full article

The paradigm of cellular vehicle-to-everything (C-V2X) communications assisted by unmanned aerial vehicles (UAVs) is poised to revolutionize the future of sixth-generation (6G) intelligent transportation systems, as outlined by the international mobile telecommunication (IMT)-2030 vision. This integration of UAV-assisted C-V2X communications is set to enhance mobility and connectivity, creating a smarter and reliable autonomous transportation landscape. The UAV-assisted C-V2X networks enable hyper-reliable and low-latency vehicular communications for 6G applications including augmented reality, immersive reality and virtual reality, real-time holographic mapping support, and futuristic infotainment services. This paper presents a Markov chain model to study a third-generation partnership project (3GPP)-specified C-V2X network communicating with a flying UAV for task offloading in a Federated Learning (FL) environment. We evaluate the impact of various factors such as model update frequency, queue backlog, and UAV energy consumption on different types of communication latency. Additionally, we examine the end-to-end latency in the FL environment against the latency in conventional data offloading. This is achieved by considering cooperative perception messages (CPMs) that are triggered by random events and basic safety messages (BSMs) that are periodically transmitted. Simulation results demonstrate that optimizing the transmission intervals results in a lower average delay. Also, for both scenarios, the optimal policy aims to optimize the available UAV energy consumption, minimize the cumulative queuing backlog, and maximize the UAV’s available battery power utilization. We also find that the queuing delay can be controlled by adjusting the optimal policy and the value function in the relative value iteration (RVI). Moreover, the communication latency in an FL environment is comparable to that in the gross data offloading environment based on Kullback–Leibler (KL) divergence. Full article

The Vehicular Internet of Things (V-IoT) has emerged as a cornerstone of next-generation intelligent transportation systems (ITSs), enabling applications ranging from safety-critical collision avoidance and cooperative awareness to infotainment and fleet management. These heterogeneous services impose stringent quality-of-service (QoS) demands for latency, reliability, and fairness while competing for limited and dynamically varying spectrum resources. Conventional schedulers, such as round-robin or static priority queues, lack adaptability, whereas deep reinforcement learning (DRL) solutions, though powerful, remain computationally intensive and unsuitable for real-time roadside unit (RSU) deployment. This paper proposes a lightweight and interpretable reinforcement learning (RL)-based spectrum management framework for Vehicular Internet of Things (V-IoT) networks. Two enhanced Q-Learning variants are introduced: a Value-Prioritized Action Double Q-Learning with Constraints (VPADQ-C) algorithm that enforces reliability and blocking constraints through a Constrained Markov Decision Process (CMDP) with online primal–dual optimization, and a contextual Q-Learning with Upper Confidence Bound (Q-UCB) method that integrates uncertainty-aware exploration and a Success-Rate Prior (SRP) to accelerate convergence. A Risk-Aware Heuristic baseline is also designed as a transparent, low-complexity benchmark to illustrate the interpretability–performance trade-off between rule-based and learning-driven approaches. A comprehensive simulation framework incorporating heterogeneous traffic classes, physical-layer fading, and energy-consumption dynamics is developed to evaluate throughput, delay, blocking probability, fairness, and energy efficiency. The results demonstrate that the proposed methods consistently outperform conventional Q-Learning and Double Q-Learning methods. VPADQ-C achieves the highest energy efficiency (≈$8.425\times {10}^7$ bits/J) and reduces interruption probability by over $60\%$, while Q-UCB achieves the fastest convergence (within ≈190 episodes), lowest blocking probability (≈0.0135), and lowest mean delay (≈0.351 ms). Both schemes maintain fairness near $0.364$, preserve throughput around 28 Mbps, and exhibit sublinear training-time scaling with $\mathcal{O}\left(1\right)$ per-update complexity and $\mathcal{O}\left(N^2\right)$ overall runtime growth. Scalability analysis confirms that the proposed frameworks sustain URLLC-grade latency (<0.2 ms) and reliability under dense vehicular loads, validating their suitability for real-time, large-scale V-IoT deployments. Full article

Vehicle-to-vehicle (V2V) and vehicle-to-network (V2N) communications are two key components of intelligent transport systems (ITSs) that can share spectrum resources through in-band overlay. V2V communication primarily supports traffic safety, whereas V2N primarily focuses on infotainment and information exchange. Achieving reliable V2V transmission alongside high-rate V2N services in resource-constrained, dynamically changing traffic environments poses a significant challenge for resource allocation. To address this, we propose a novel reinforcement learning (RL) framework, termed Graph Attention Network (GAT)-Advantage Actor–Critic (GAT-A2C). In this framework, we construct a graph based on V2V links and their potential interference relationships. Each V2V link is represented as a node, and edges connect nodes that may interfere. The GAT captures key interference patterns among neighboring vehicles while accounting for real-time mobility and channel variations. The features generated by the GAT, combined with individual link characteristics, form the environment state, which is then processed by the RL agent to jointly optimize the resource blocks allocation and the transmission power for both V2V and V2N communications. Simulation results demonstrate that the proposed method substantially improves V2N rates and V2V communication success ratios under various vehicle densities. Furthermore, the approach exhibits strong scalability, making it a promising solution for future large-scale intelligent vehicular networks operating in dynamic traffic scenarios. Full article

The growing demand for bandwidth-intensive vehicular applications—particularly ultra-high-definition streaming and immersive panoramic video—is pushing current network infrastructures beyond their limits, especially in urban areas with severe congestion and degraded user experience. To address these challenges, we propose an aerial-assisted vehicular network architecture that integrates 6G base stations, distributed massive MIMO networks, visible light communication (VLC), and a heterogeneous aerial network of high-altitude platforms (HAPs) and drones. At its core is a context-aware dynamic bandwidth allocation algorithm that intelligently routes infotainment data through optimal aerial relays, bridging connectivity gaps in coverage-challenged areas. Simulation results show a 47% increase in average available bandwidth over conventional first-come-first-served schemes. Our system also satisfies the stringent latency and reliability requirements of emergency and live infotainment services, creating a sustainable ecosystem that enhances user experience, service delivery, and network efficiency. This work marks a key step toward enabling high-bandwidth, low-latency smart mobility in next-generation urban networks. Full article

The integration of 5G technology with existing LTE architectures has facilitated the widespread adoption of firmware over-the-air (FOTA) updates across Android-based devices, including mobile and automotive infotainment systems. While 5G enhances communication speed and convenience, vulnerabilities related to firmware tampering and Man-in-the-Middle (MitM) attacks still present considerable risks. This study analyzes the security of the FOTA update process for six Android-based mobile manufacturers and one vehicle model, all of which utilize LTE architectures within 5G networks. Through comprehensive security testing, we explore the potential threats of certificate bypass, firmware tampering, and communication interception. Our proposed framework identifies critical security flaws in the FOTA implementation, recommending improvements in encryption protocols and integrity verification mechanisms to secure the firmware update process. Our findings underscore the urgent requirement for enhanced security measures in the deployment of FOTA updates to address vulnerabilities in Android-based IoT devices and automotive systems. Full article

The ability to automate and personalize the recommendation of multimedia contents to consumers has been gaining significant attention recently. The burgeoning demand for digitization and automation of formerly analog communication processes has caught the attention of researchers and professionals alike. In light of the recent interest and anticipated transition to fully autonomous vehicles, this study proposes a text–image embedding method recommender system for the optimization of personalized multimedia content for in-vehicle infotainment. This study leverages existing pre-trained text embedding models and pre-trained image feature extraction methods. Previous research to date has focused mainly on textual-only or image-only analyses. By employing similarity measurements, this study demonstrates how recommendation of the most relevant multimedia content to consumers is enhanced through text–image embedding. Full article

As modern vehicles continue to evolve, advanced technologies are integrated to enhance the driving experience. A key enabler of this advancement is the Controller Area Network (CAN) bus, which facilitates seamless communication between vehicle components. Despite its widespread adoption, the CAN bus was not designed with security as a priority, making it vulnerable to various attacks. In this paper, we propose CANGuard, an Intrusion Detection System (IDS) designed to detect attacks on the CAN network and identify the originating node in real time. Using a simulated CAN-enabled system with four nodes representing diverse vehicle components, we generated a dataset featuring Denial-of-Service (DoS) attacks by exploiting the arbitration feature of the CAN bus, which prioritizes high-criticality messages (e.g., engine control) over lower-criticality ones (e.g., infotainment). We trained and evaluated several machine learning models for their ability to detect attacks and pinpoint the responsible node. Results indicate that Gradient Boosting outperformed other models, achieving high accuracy in both attack detection and node identification. While the Multi-Layer Perceptron (MLP) model demonstrated strong attack detection performance, it struggled with node identification, achieving less than 50% accuracy. These findings underscore the potential of tree-based models for real-time IDS applications in CAN-enabled vehicles. Full article

Car cabin noise generated by heating, ventilation, and air-conditioning (HVAC) systems significantly impacts passengers’ acoustic comfort. In fact, with the reduction in engine noise due to the passage from internal combustion to electric or hybrid-electric engines, interior background noise has dramatically reduced, especially at 25% and 50% HVAC airflow rates. While previous research has focused on the effect of HVAC noise in car cabins, this paper investigates the possibility of using car infotainment-system audio cues to moderate onboard sound quality perception. A laboratory experiment combining the factors of infotainment-system audio (ISA) cues, signal-to-noise ratios (SNRs), and airflow rates (AFRs) at different levels was performed in two university laboratories in Italy and Japan involving groups of local individuals. The results indicate that introducing ISA cues in car cabins fosters improvements in the perceived aesthetic dimension of sound quality, making it more functioning, natural, and pleasant. For the Italian group, adding ISA cues also moderated the loudness dimension by reducing noise perception. The moderating effects of ISA cues differed between the Italian and Japanese groups, depending on the AFR. All these effects were more evident at the SNR level of −4 dB when the ISA cues competed with existing background noise. Full article

Recently, with a crucial role in developing smart transportation systems, the Internet of Vehicles (IoV), with all kinds of in-vehicle devices, has undergone significant advancement for autonomous driving, in-vehicle infotainment, etc. With the development of these IoV devices, the complexity and volume of in-vehicle data flows within information communication have increased dramatically. To adapt these changes to secure and smart transportation, encrypted communication realization, real-time decision-making, traffic management enhancement, and overall transportation efficiency improvement are essential. However, the security of a traffic system under encrypted communication is still inadequate, as attackers can identify in-vehicle devices through fingerprinting attacks, causing potential privacy breaches. Nevertheless, existing IoV traffic application models for encrypted traffic identification are weak and often exhibit poor generalization in some dynamic scenarios, where route switching and TCP congestion occur frequently. In this paper, we propose LineGraph-GraphSAGE (L-GraphSAGE), a graph neural network (GNN) model designed to improve the generalization ability of the IoV application of traffic identification in these dynamic scenarios. L-GraphSAGE utilizes node features, including text attributes, node context information, and node degree, to learn hyperparameters that can be transferred to unknown nodes. Our model demonstrates promising results in both UNSW Sydney public datasets and real-world environments. In public IoV datasets, we achieve an accuracy of 94.23%(↑0.23%). Furthermore, our model achieves an F1 change rate of 0.20%(↑96.92%) in $\alpha$ train, $\beta$ infer, and 0.60%(↑75.00%) in $\beta$ train, $\alpha$ infer when evaluated on a dataset consisting of five classes of data collected from real-world environments. These results highlight the effectiveness of our proposed approach in enhancing IoV application identification in dynamic network scenarios. Full article

Recently, various emerging technologies have been introduced to host IoT applications. Edge computing, utilizing volunteer devices, could be a feasible solution due to the significant and underutilized resources at the edge. However, cloud providers are still reluctant to offer it as an edge infrastructure service because of the unpredictable nature of volunteer resources. Volunteer edge computing introduces challenges such as reliability, trust, and availability. Testing this infrastructure is prohibitively expensive and not feasible in real-world scenarios. This emerging technology will not be fully realized until dedicated research and development efforts have substantiated its potential for running reliable services. Therefore, this paper proposes VonEdgeSim, a simulation of volunteer edge computing. To the best of our knowledge, it is the first and only simulation capable of mimicking volunteer behavior at the edge. Researchers and developers can utilize this simulation to test and develop resource management models. We conduct experiments with various IoT applications, including Augmented Reality, Infotainment, and Health Monitoring. Our results show that incorporating volunteer devices at the edge can significantly enhance system performance by reducing total task delay, and improving task execution time. This emphasizes the potential of volunteers to provide reliable services in an edge computing environment. The simulation code is publicly available for further development and testing. Full article

The integration of connected autonomous vehicles (CAVs) has significantly enhanced driving convenience, but it has also raised serious privacy concerns, particularly regarding the personal identifiable information (PII) stored on infotainment systems. Recent advances in connected and autonomous vehicle control, such as multi-agent system (MAS)-based hierarchical architectures and privacy-preserving strategies for mixed-autonomy platoon control, underscore the increasing complexity of privacy management within these environments. Rental cars with infotainment systems pose substantial challenges, as renters often fail to delete their data, leaving it accessible to subsequent renters. This study investigates the risks associated with PII in connected vehicles and emphasizes the necessity of automated solutions to ensure data privacy. We introduce the Vehicle Inactive Profile Remover (VIPR), an innovative automated solution designed to identify and delete PII left on infotainment systems. The efficacy of VIPR is evaluated through surveys, hands-on experiments with rental vehicles, and a controlled laboratory environment. VIPR achieved a 99.5% success rate in removing user profiles, with an average deletion time of 4.8 s or less, demonstrating its effectiveness in mitigating privacy risks. This solution highlights VIPR as a critical tool for enhancing privacy in connected vehicle environments, promoting a safer, more responsible use of connected vehicle technology in society. Full article

The V-Cockpit platform aims to transform the design, testing, and validation of car infotainment systems from the physical realm to virtual reality. It uniquely integrates various aspects of the creative phases—from conceptualization to evaluation—streamlining the process and reducing time and costs compared to traditional methods that focus on individual activities and rely heavily on physical prototyping. This technical note provides a comprehensive overview of the main platform’s aspects, highlighting the integration of hardware and behavioral analysis algorithms to improve user experience and detect potential design flaws early on. The V-Cockpit platform, composed of six key components, leverages virtual reality and digital twins, promising significant cost savings and enhanced design efficiency. This work details the system architecture, implementation, and first benefits of this innovative approach through the analysis of three use cases. Full article

Highly integrated information sharing among people, vehicles, roads, and cloud systems, along with the rapid development of autonomous driving technologies, has spurred the evolution of automobiles from simple “transportation tools” to interconnected “intelligent systems”. The intelligent cockpit is a comprehensive application space for various new technologies in intelligent vehicles, encompassing the domains of driving control, riding comfort, and infotainment. It provides drivers and passengers with safety, comfort, and pleasant driving experiences, serving as the gateway for traditional automobile manufacturing to upgrade towards an intelligent automotive industry ecosystem. This is the optimal convergence point for the intelligence, connectivity, electrification, and sharing of automobiles. Currently, the form, functions, and interaction methods of the intelligent cockpit are gradually changing, transitioning from the traditional “human adapts to the vehicle” viewpoint to the “vehicle adapts to human”, and evolving towards a future of natural interactive services where “humans and vehicles mutually adapt”. This article reviews the definitions, intelligence levels, functional domains, and technical frameworks of intelligent automotive cockpits. Additionally, combining the core mechanisms of human–machine interactions in intelligent cockpits, this article proposes an intelligent-cockpit human–machine interaction process and summarizes the current state of key technologies in intelligent-cockpit human–machine interactions. Lastly, this article analyzes the current challenges faced in the field of intelligent cockpits and forecasts future trends in intelligent cockpit technologies. Full article

In modern automobiles, the infotainment system is crucial for enhancing driver and passenger capabilities, offering advanced features such as music, navigation, communication, and entertainment. Leveraging Wi-Fi, cellular networks, NFC, and Bluetooth, the system ensures continuous internet connectivity, providing seamless access to information. However, the increasing complexity of IT connectivity in vehicles raises significant cybersecurity concerns, including potential data breaches and exposure of sensitive information. To enhance security in infotainment systems, this study applied component-level threat modeling to a proposed infotainment system using the Microsoft STRIDE model. This approach illustrates potential component-level security issues impacting privacy and security concerns. The study also assessed these impacts using SAHARA and DREAD risk assessment methodologies. The threat modeling process identified 34 potential security threats, each accompanied by detailed information. Moreover, a comparative analysis is performed to compute risk values for prioritizing treatment, followed by recommending mitigation strategies for each identified threat. These identified threats and associated risks require careful consideration to prevent potential cyberattacks before deploying the infotainment system in automotive vehicles. Full article