Systematic Assessment of Cyber-Physical Security of Lane Keeping Control System for Autonomous Vehicles

In this article, a systematic assessment of cyber-physical security is developed for the lane keeping control (LKC) system of autonomous vehicles (AVs), which has not been attempted before. A novel impact analysis methodology for typical cyber-attacks is proposed with new evaluation metrics from the viewpoint of safety and performance and innovative index-based resilience and security criteria. Specifically, a security criterion is investigated by tracking performance, comfort and vehicle stability to evaluate the safety and security of the vehicle LKC system. Hardware-in-the-Loop (HiL) experimental results show that the proposed evaluation metrics is effective to analyze the impact of the cyber-attacks on commercial LKC system of Dongfeng Motor comprehensively. Finally, the conclusion provides guidelines for attack detection, diagnosis, and countermeasures for AVs.


Introduction
With the significant advancements in traffic, road, and environmental information enabled by vehicle-to-X (V2X) communications (which can involve infrastructure, cloud, or vehicle-based systems), autonomous vehicle (AV) technology has the potential to significantly enhance driving safety, comfort, and energy efficiency [1]. However, as a large number of AV control systems are integrated into networks, this inevitably brings up cybersecurity concerns [2]. As demonstrated by recent high-profile cyber-attack cases [3][4][5], AVs are vulnerable to these types of attacks. Such attacks can allow an attacker to circumvent the vehicle control systems, potentially leading to severe consequences such as disabling brakes, turning off headlights, and taking over steering. For instance, [6] designed a malicious attack that aimed to modify the feedback measurements of anti-lock braking systems, potentially causing life-threatening situations. Several spoofing attacks on the global positioning system (GPS) have been proposed by [7] to cause course deviation in AVs. Additionally, some literature [8][9][10] reports cyber-attacks that utilize local access (such as through the onboard diagnostics (OBD-II) port) or remote access (such as through wireless channels like Bluetooth). Furthermore, cyber-attacks in AVs through vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) channels were discussed in [11,12] and have received increased attention in real-life scenarios over the last three years [13,14,46].
Due to the connection with environmental perception modules, higher levels of autonomous driving, and greater networking, the cyber-physical security of the advanced driving assistant system (ADAS) in

Literature Review and Challenge of Vehicle Cybersecurity
The growing range of cyber-security risks has highlighted the importance of increasing vehicle cybersecurity techniques for both theoretical and industrial aspects. There are two schemes for improving vehicle cyber-security. The first scheme focuses on increasing the ability of an electronic control unit (ECU) to prevent malicious attacks. Throughout the vehicle development cycle, automakers define core performance requirements of subsystems to automotive parts suppliers and design the subsystems while considering their security within the software. To prevent malicious attacks through direct contact with the OBD-II port, automakers keep the communication protocol of the OBD-II secret to the public. In addition, several critical practices such as secure hardware, secure software updates, penetration testing, and code reviews are widely used by the automotive industry to improve cyber-security [20]. Vehicle engineers also consider approaches to information security during driving, such as message authentication and encryption, and the use of firewalls between external networks and vehicle devices [21,22]. While conventional vehicle cybersecurity and information-security approaches are essential, they alone cannot guarantee the security of the entire system. Therefore, researchers are focusing more on cyber-physical security from the control perspective, risk assessment and resilient control, which aims to improve the resilience of automotive control systems to attacks. This includes risk assessment, attack detection and prevention [26], and resilient control as summarized in Table 1.
While these efforts provide some technical foundations, the challenges of cyber-physical security in AVs remain significant. Firstly, most of the existing works are developed for human-driven vehicles rather than AVs. Secondly, only function-level control algorithms are addressed, while commercial specifications and security assessment of a production-level autonomous driving system, such as LKC, receive little attention. It is essential, particularly for AVs, to have a systematic assessment of cyber-physical security that is developed for real-use electronic control units (ECUs) and real cyber-attacks. In [17], a systematic assessment of cyber-physical security in electric vehicles with four motor drives was presented, where the impact of performance degradation of the motor drive on the vehicle's safety was evaluated, and indexbased evaluation metrics in terms of system performance were developed. In [18], a cyber-attack-resilient controller was designed to enhance the cyber-physical security of in-wheel-motor-driven electric vehicles. A model-based observer was proposed to estimate cyber-attacks, and a robust predictive controller was then designed to generate an assistant yaw moment to recover the LKC system. To comprehensively evaluate complicated control systems in AVs, such as safety systems (electronic stability control, antilock brake, etc.), autonomous driving systems (adaptive cruise control, LKC, etc.), and even energy management systems, more detailed models and metrics should be considered. For example, in [19], it was pointed out that increased driver's neural response delay and muscle action delay during cyber-threats have a significant influence on lateral vehicle stability and recovery time. Therefore, an improved reference generator was proposed to address this issue by considering the driver's neural response delay and muscle action delay during cyber-threats. These performance metrics should be specifically addressed for LKC systems in AVs, as conventional approaches for function-level control algorithms may not be feasible. In summary, it is essential to address the cyber-security challenges of commercial ECUs in AVs, and novel methodologies for vulnerability assessment should be further developed. Risk Assessment [36] 2013 Threat analysis and risk associated with the threat [37] 2014 Likelihoods of threats to connected vehicles (OBD-II, CAN) [38] 2015 Threats on autonomous vehicles [39] 2015 Automotive security evaluation assurance levels (ASEAL) [40] 2016 Risk assessment techniques for automotive [41] 2016 Demonstrate viability use-case and risk assessment framework [42] 2017 Threat scenarios related open charge point protocol (OCPP) [43] 2018 Method of security testing for automotive Bluetooth [44] 2018 Threats of the car and countermeasure strategies [45] 2019 Cybersecurity framework of threat analysis and risk assessment [23] 2020 Impact of jamming attacks on vehicular CACC [24] 2020 Cyber-physical security of energy management system for CAVs [17] 2021 Threat analysis of motion control system for electric vehicles [46] 2022 Conceptual system dynamics model to analyze CAVs cybersecurity [47] 2022 Autonomous vehicle security decay assessment Attack Detection [48] 2019 Detect masquerade and time-based attacks [49] 2019 Detect abnormalities and identify source of attackers [50] 2020 Detect threats via schedulability response time analysis [25]

Works and Contributions
In this article, we present a systematic vulnerability assessment of AVs, and our main contributions are as follows: * We propose a framework for impact analysis of cyber-physical security on LKC systems in AVs. This framework includes the environment perception module and the vehicle motion control module, which work together to maintain the vehicle in the middle of a lane. * For the vulnerability assessment of the LKC system in an AV, we design a triple-step (TRI) control method for LKC, which is considered one of the applications in lane-keeping assist. Based on the control system, we develop innovative index-based evaluation metrics in terms of tracking performance, passenger comfort, vehicle stability, security, and resilience. These metrics allow us to assess the impact of cyber-attacks on the LKC system, and if an attack does not impact these metrics, it may be negligible. * We consider three common types of cyber-attacks in our vulnerability assessment: false data injection (FDI) attacks, denial of service (DoS) attacks, and replay attacks. We contaminate the signals in the Hardware-in-the-Loop (HiL) experiments with nine groups of parameters: the confidence for this line, longitudinal start point of the line, heading angle, curvature of the line, lateral acceleration, yaw rate, longitudinal speed, longitudinal acceleration, and steering angle. We perform a total of 128 HiL experimental cases. * We analyze the impact of cyber-attacks under specific and statistical results, and we discuss the vulnerability of the vehicle to each attack type based on the evaluation metrics and security criteria. Our conclusions can serve as guidelines for attack detection and countermeasures.
Overall, our work provides a comprehensive framework and methodology for the systematic vulnerability assessment of AVs, which is essential for ensuring the safety and security of autonomous driving systems.
The paper is organized as follows. In Section 2, we provide an introduction to the system architecture and present the framework for vulnerability impact analysis. Section 3 describes the design of a TRI control-based LKC method and provides the problem formulation. In Section 4, we describe the mathematical modeling of cyber-attacks and their potential impact on the system. Section 5 presents our index-based evaluation metrics, and in Section 6, we present our experimental results and the impact analysis of different cyber-attacks. Finally, we provide our conclusions in Section 7. 2 System Architecture and Framework of Impact Analysis on Vulnerability As illustrated in Fig. 1, the Dongfeng Motor HiL simulation platform for AVs is comprised of a systemlevel ECU, which is divided into three parts: the host computer, NI real-time module, and ECU. The host computer is responsible for running a high-fidelity vehicle under real road scenarios, using a vehicle model built by CarMaker and Simulink, and a sensor model simulated by CarMaker to obtain virtual lane and target information. This information is then sent to the HIL simulation platform via TCP/IP. The management software, NI pxie-8840, and VeriStand 2015 are utilized to support an integrated testing of software and hardware for ECUs, including communication, functional logic, and fault injection. The tested ECU also incorporates algorithms for sensing fusion, decision-making, and control. All signals between the NI real-time module and ECU are transmitted by high-speed Control Area Network (CAN) buses.
The Lane Keeping Control (LKC) system is an advanced driver-assistance system that helps keep a road vehicle centered in the lane, freeing the driver from the task of steering. When combined with Adaptive Cruise Control (ACC), this feature can allow for unassisted driving for a certain period of time. However, since cyber-attacks can significantly impact vehicle safety with dynamic features, attacks on the LKC can result in abnormal driving conditions that the driver may not easily notice. For example, Guo et al. [17] discussed several stealthy attacks that aimed to degrade the steering motor's capabilities.
Therefore, it is essential to assess the cyber-physical security of LKC. The inputs to an LKC are related to vehicle dynamics, traffic and road information from perception sensors, Vehicle-to-Everything (V2X), and local information from onboard sensors. When these signals are attacked, the vehicle can suffer from high lateral offset, transient dynamics, and vehicle instability. To assess the impact of cyber-attacks on the LKC, it is necessary to observe several performance metrics, such as lateral tracking error, vehicle acceleration, and vehicle yaw rate under different drive cycles.
In the following sections, we present a case study of a nonlinear LKC method for AVs, and then systematically analyze the impact of various cyber-attacks on the LKC.
, 0] T and V x and V y are the longitudinal and lateral speeds of the vehicle, respectively. By substituting (1) into (2) and eliminating the intermediate variable s, the control-oriented lateral motion model can be described as follows: where model uncertainties

LKC Design
As one of promising LKC strategies, TRI-based approaches have been extensively studied theoretically [29]. In this subsection, we develop a TRI-based LKC for vulnerability assessment of the vehicle.
First, the information of lanes can be determined based on camera sensors and thus the lateral offset y e in (6) can be calculated by a second-order polynomial function with the look-ahead distance D L , i.e., where the lateral speed V y is assumed to be small such that is φ e is small enough. In addition, the yaw rate Ω z and the longitudinal speed V x can be obtained from on-board sensors such as electronic stability program (ESP).
Based on Ackerman steering, the front steering angle u is given by u = tan −1 L R0 , where L is the distance from the front axle to the rear axle and R 0 is the ideal turning radius that satisfies V x = Ω z R 0 . However, when the tire slip angle is not negligible under high-speed or highway driving, the real turning radius of the steering angle should be modified as Then, the yaw motion of the vehicle is approximated using the modified radius as follows: Built on the above modeling and discussions, the TRI-based control law is designed as where K P and T I are the PI control gains. And the stability of the closed-loop system can be proved by Lyapunov theorem.
As the main focus of this work is on vulnerability assessment rather than control design, the LKC method proposed in this paper only involves the basic control algorithm. This is because introducing more control functions, such as those related to functional safety and intended functional safety, is limited by both space constraints and confidentiality agreements. Instead, the aim of this paper is to systematically analyze the impact of cyber-attacks on the overall performance of an LKC. To measure this impact, we propose a set of innovative performance metrics, which include tracking performance, comfort, stability, safety, and resilience.

Attack Modeling
The LKC system in Fig. 2 displays the most influential signals that may be subject to malicious attacks, which include the lateral offset at the look-ahead point y e , the yaw rate Ω z , and the lateral acceleration a y obtained through on-board sensors. To perform a physics-based impact analysis of the cyber-attacks on these signals, it is essential to establish the mathematical modeling of the cyber-attacks. So far, most published literature categorizes these attacks into three groups: denial of service (DoS)  attacks, replay attacks, and false data injection (FDI) attacks. DoS attacks generally attempt to make the system resources unavailable, resulting in the corresponding signal being considered as a constant value. Assuming that the time horizon under attack is denoted as [t atk , t atk + T atk ], where t atk is the starting time instant of the attack and T atk is the duration time of the attack, then the feedback signal used by the controller is:ȳ For replay attacks, the measurements are either repeated or delayed, leading toȳ e ∈ Y, where Y is the set of past information. In the case of false data injection (FDI) attacks, we define two common expressions as:ȳ e = y e + δ atk ,ȳ e = γ atk y e , where δ atk ∈ ∆ atk and γ atk ∈ Γ atk denote the unknown signals due to the malicious modification of the signals. Normally the extra terms are bounded by compact sets ∆ atk and Γ atk , which are determined by the physical limits. Notice that δ atk can be white noise (δ atk,1 ), periodic attenuating signal (δ atk,2 ), periodic impulse injection δ atk,3 , and constant value δ atk,4 ≡ C, wherein, δ atk,2 and δ atk,3 are expressed as where A, τ 0 , and f represent the oscillation amplitude, decaying coefficient, and oscillation frequency, respectively; k δ is an integer; and D, T s , K are the duty cycle, signal period and attack amplitude, respectively. Using the attack modeling discussed above, we created a visual representation of how these attacks impact the vehicle system, which is illustrated in Fig. 2. In order to comprehensively assess the vulnerability of the designed LKC and the overall performance of the vehicle, we conducted multiple simulations targeting different attacks. The specific expressions for the attacks are provided in Table 2. For δ atk,2 , we set f = 1, τ 0 = 10, A = 1.5 for a y , A = 1 for y e , and A = 3 for Ω z . For δ atk,3 , we set D = 0.3, T s = 1s, K = 0.25 for a y , K = 1 for y e , and K = 0.5 for Ω z . For δ atk,4 , we set C = 1 for a y , C = 0.5 for y e , and C = 1 for Ω z . It's worth noting that all time horizons under attack (marked as T atk = 1s) are the same for comparison between cases. The level of signal modification has a significant influence on the results, despite the same type of cyber-attack. Therefore, to ensure a fair comparison between attack types and cases, we maintained the same intensity of attacks.  Remark 1. The basic attack models currently under consideration are not sufficient to address the complexity and sophistication of attacks on control systems. Note that attackers are constantly evolving their tactics to overcome existing defenses, so the development of more advanced attack models is a constant and ongoing process, such as covert attacks [32], zero dynamic attacks [32] and amplifying attacks [33].

Evaluation Metrics for System Performance
To evaluate the performance of a system, it is essential to consider multiple evaluation metrics simultaneously. This is because improving one performance measure may lead to the degradation of another. For instance, when evaluating the performance of lane tracking and passenger comfort, it's important to develop evaluation metrics from the perspectives of both steady-state and transient performance.
This approach enables us to investigate whether trade-offs between multiple types of performance exist and to identify the performance limits of lane-keeping systems. In order to calculate all quantitative metrics, we use previous measurements, states, and control inputs within a fixed sliding window of time, which is defined as [t 0 − T obv , t 0 ]. Here, t 0 represents the current time.
Tracking Performance As described above, the primary objective of the lane keeping system is to follow the target lane without the need for driver intervention. Therefore, the key indicators that determine the system's performance are the lane tracking error and ripple. These indicators can be defined using the root mean square (RMS) lateral offset at the look-ahead point, denoted as I er , and the integral value I rp over the sliding window.
The expression of this metric is as follows: The use of these metrics has a significant advantage as it enables us to evaluate the integrated value of the lateral offset. Additionally, it reflects the fundamental dynamic performance, and large values can directly impair the system's function, leading to severe consequences, particularly in urban scenarios.

Passenger Comfort
It's evident that lane keeping systems with poor passenger comfort are not suitable for real-world vehicle applications, even if they exhibit high tracking performance. Generally, the smoothness of the vehicle's acceleration is one of the primary factors that affect passenger comfort, and a non-smooth profile can make passengers feel uncomfortable. In this study, we assume that longitudinal and vertical accelerations are zero, and only lateral acceleration is considered.
To evaluate passenger comfort, two metrics are designed: the RMS lateral acceleration and the lateral acceleration ripple. These metrics are used to quantify the smoothness of the vehicle's lateral acceleration. The expressions for these metrics are given below:

Vehicle Stability
Vehicle stability refers to the vehicle's ability to regain its original driving state and direction as quickly as possible after encountering external interference while driving without losing control, sideslip, or rolling over. In this study, we use the yaw rate to measure vehicle stability, as a high yaw rate can cause the vehicle to lose control.
To evaluate vehicle stability, we have designed one metric, which is the maximum deviation. The expression for this metric is given below: Remark 2. The concept of a vehicle stability metric is a measure of a vehicle's ability to maintain stability under different driving conditions [34]. This is an important consideration in vehicle design, as stability is essential for safe and efficient operation. Using a stability margin indicator as an evaluator of stability may be developed in future.

Evaluation Metrics for System Security and Resilience
Next, we consider the security and resilience of the system and propose innovative index-based criteria.

Security of the System
Unlike the theoretical concepts of stability and robustness against uncertainties or disturbances, security refers to whether the damage caused by malicious behaviors or attacks is acceptable in terms of system performance and requirements. To define the boundaries of security, we have proposed index-based criteria, which are as follows: Proposition 3. Based on the defined evaluation metrics I κ (κ = {er, rp, pc1, pc2, vs}), if a boundary B κ could be found, which has the following properties: 1) the boundary B κ is finite; 2) if I κ ∈ B κ , the damage caused by the attacks are acceptable. Then, the system is secure.
It is important to note that the boundary is generally defined based on physical significance and is a heuristic conclusion drawn from extensive simulations and experiments. To derive this boundary, we reformulate the metrics from three aspects: dynamic performance, comfort, and stability, as M dnm = p 1 I er + p 2 I rp ⩾ 0, M cf = p 3 I pc1 + p 4 I pc2 ⩾ 0, and M sta = p 5 I vs . Here, p j ≥ 0 (j = 1, 2, 3, 4, 5) is the weighting factor to match different physical meanings and units. We can then obtain a 3-D (M dnm − M cf − M sta ) phase portrait of the system over the sliding window [t0 − T obv , t 0 ], in which the boundary is defined as a tetrahedron B 1 or a part of a spheroid B 2 limited by M dnm,max , M cf,max , and M sta,max . The security can then be defined qualitatively as follows: Suppose a boundaryB ∈ R 3 determined by M dnm,max , M cf,max , and M sta,max is given. If the operating point belongs toB, then the system is considered secure, and inversely, if it lies outside the boundary, it is considered insecure. As shown in Fig. 3, under normal conditions, the region of operating points is close to the origin. As the scale of the attack increases, the operating points gradually spread out until they exceed the defined boundary. Therefore, the index can reflect the security of the system and can also be one of the criteria for detecting cyber-threats.  To enable quantitative analysis of system security, we define a metric that reflects the security level of the system under different cyber-physical threats and attack targets, based on the previously defined boundaryB ∈ R 3 as follows: Proposition 4. Assume the security boundaryB ∈ R 3 is defined as a tetrahedron in the three dimensional coordinate system (M dnm − M cf − M sta ), whose vertexes are (M dnm,max , 0, 0), (0, M cf,max , 0), (0, 0, M sta,max ), and the coordinate origin (0, 0, 0). At the current time t 0 , the operating point in the three dimensional coordinate system is (M dnm (t 0 ), M cf (t 0 ), M sta (t 0 )). Then, the metric that quantitatively reflects the system security can be defined as which represents the security factor of the system.
According to the aforementioned definition, a higher value of I se indicates a greater level of damage to the system caused by cyber-physical threats or attacks.

Resilience of the System
The resilience of a system refers to its ability to recover from malicious attacks. Therefore, based on the above definition of security, we can define another boundary in the 3-D phase portrait as follows: Proposition 5. If a boundary B res could be found, which has the following properties: 1) the boundary B res is finite; 2) if the operating point {M dnm , M cf , M sta } belongs to B res , the system can restore to its reasonable condition when the attack is withdrawn. Then, the system is resilient.
When considering real-life applications, the ability to recover from malicious attacks is important, but so is the recovery time, which reflects the transient performance of the system. Therefore, we define the recovery time T res,σ , where σ = M dnm , M cf b , M eng , to indicate how quickly the σ-th metric returns to its normal condition after the attack is removed. Then, the index reflecting the resilience of the system is defined as the average of these three recovery times, given by:

Experiments and Cyber-attack Impact Analysis
In this section, we aim to evaluate the vulnerabilities of AVs equipped with the designed LKC to cyber-attacks. To this end, we build the AV in the HiL simulation platform, as illustrated in Fig. 4 and define the attacks as shown in Table 2. All 25 measurement and attacked signals are shown in Table 3. The experimental setup includes an AC power management, a battery simulation, a power switchboard and fault injection, an ECU, a CAN, a multi-I/O board, a host computer and a NI real-time module, which can ensure that the results obtained are accurate and reliable, and can be used to inform the development of effective security measures Our assessment comprises three main works: First, we evaluate the TRI-based LKC as the basis for vulnerability assessment by observing its dynamic performance without any cyber-attacks. This evaluation includes assessing the LKC's stability, lane tracking ability, and passenger comfort. Second, based on the defined evaluation metrics, we propose innovative index-based resilience and security criteria that can be utilized for cyber-attack detection. Third, we analyze the impact of cyber-attacks on the AV under specific and statistical results, which can provide valuable insights for attack detection and countermeasures.
The implementation of fault injection testing is achieved by interrupting the data interface between the simulation environment and the real-time machine. It involves intercepting and replacing the real signals that need to be simulated with faulty data. This simulation causes a scenario where a certain node on the bus sends a faulty signal due to an attack while the real-time machine acts as a gateway, transmitting the real bus signals (specifically, some signals on the chassis CAN and the front radar and camera private CAN) to the controller. Throughout this process, the controller, CAN board, physical CAN lines, and channels are consistent with those of the actual vehicle. The output module of the realtime machine simulates the role of the vehicle gateway, and it can be assumed that the simulation test environment is consistent with the actual vehicle within the scope of fault injection.

Observation of Specific Cases
For the purpose of a more detailed discussion and observation, the results of Cases 1, 7, and 22 are presented in Fig. 5, Cases 2, 8, and 23 are given in Fig. 6, and Cases 3, 9, and 24 are given in Fig. 7.  From these results, it is evident that FDI attacks can severely damage the system, and all of the metrics can reflect the impact. Although the system can recover after the attacks are withdrawn, the recovery time is also considerably long when considering real-life damage to physical devices. On the one hand, by comparing the results with the same attack, it is clear that the lateral offset y e is more crucial than the others, for both tracking performance and vehicle stability. Therefore, when designing an LKC, it is essential to pay close attention to ensuring an accurate lateral offset signal. The impact of attacks on lateral acceleration mainly focuses on passenger comfort, as lateral acceleration is the most important metric to evaluate passenger comfort. On the other hand, through comparisons between different attacks on the same signal, it can be seen that the system dynamics vary with attack types.

Statistical Results and Impact Analysis
Based on the extensive results, statistical graphs are presented in Figs. [8][9][10][11]. Assuming that the time horizon under attacks is [t atk , t atk + T atk ] = [15,25]s and the system can recover to its normal conditions within two seconds, as demonstrated in Figs. 5-7, we set the time horizon [t 0 − T obv , t 0 ] as t 0 = 27s, T obv = 12s to cover the entire time horizon of attack and system recovery. It is important to note that if the chosen time horizon is wider, such as t 0 = 30s and T obv = 15s, then the proportion of normal conditions is larger, which may weaken the impact of cyber-attacks for integrated metrics due to the After comparing the results of these metrics, we can conclude that they adequately reflect the performance variation due to cyber-attacks, and can be used to develop a cyber-threat detector. Fig. 8 displays the statistical results of attacks on lateral acceleration, showing that the impact on I er , I rp , and I vs is small, while the impact on I pc1 and I pc2 is more significant, indicating that attacks on lateral acceleration have a greater impact on passenger comfort and a minor impact on stability and tracking performance. In Fig. 9, all five metrics are affected by attacks on lateral offset signal, indicating that attacking lateral offset will heavily impact the tracking performance, comfort of occupants, and vehicle stability. This is because the lateral offset (y e ) is the feedback signal of the control system, which is crucial for the overall  performance of the LKC system. In Fig. 10, all five metrics have been affected, but the attack types that have a considerable impact are mainly Types 3-6, indicating that the yaw rate is more sensitive to this type of FDI attack, but has stronger resistance to other types of attacks. Fig. 11 presents a comparison of the impacts of different attacks on different signals, providing us with several important insights. Firstly, attacking lateral acceleration has minimal impact on tracking performance metrics, while other attacks on lateral offset and yaw rate have a more pronounced effect on the system's tracking performance, except for the replay attack (Type 8). Secondly, among all attacks, DoS attack (Type 7) on the lateral offset has the most substantial impact on the tracking performance, as it prevents the control system from receiving the genuine feedback signal, significantly reducing the control performance. It is noteworthy that DoS Attack (7) and Replay Attack (8) have negligible impact on passenger comfort, regardless of the attacked signal. Thirdly, among the remaining attacks, attacking lateral acceleration has a significantly greater impact on passenger comfort than attacking the other two signals. Fourthly, attacking lateral acceleration hardly affects vehicle stability, whereas attacking lateral offset and yaw rate may have an impact on vehicle stability, but the types of attacks are different. Specifically, adding white noise or attenuating sine wave signals to lateral offset has a significant impact on the vehicle's stability, while adding a constant value has little effect on it, which is opposite to the attacks on the yaw rate.
Based on the recovery time shown in Fig. 12, we can observe that once the cyber-attack is withdrawn, the LKC system can recover to its normal condition within three seconds. However, Types 4 and 7 attacks may result in longer recovery times, which corresponds to the results of other metrics. Additionally, it is important to note that although the impact of Ω z and a y may appear to be lower than that of y e in the reported graphs, it does not imply that these cyber-attacks have little influence on the LKC system. These attacks were designed under the same intensity, and once the attack intensity is increased, the impact of these attacks would become more noticeable.

Conclusion
This paper presents a comprehensive approach for vulnerability assessment of LKC systems for AVs, which can be used to analyze the impact of cyber-attacks on different signals. The proposed approach includes a case study of a TRI-based LKC for AVs and the establishment of innovative index-based evaluation metrics for critical performance evaluation. The results of the vulnerability assessment show that an attacker can significantly degrade the overall performance of the vehicle through FDI attacks, and the proposed metrics can effectively reflect the impact of various cyber-attacks.
In practical applications, these metrics can be used to develop data-based or model-based detection and diagnosis approaches to enhance the security and resilience of LKC systems for AVs. In future work, further investigation can be conducted on the impact of different types of cyber-attacks and the development of more advanced detection and diagnosis methods. Additionally, the proposed approach can be extended to other types of control systems in AVs for comprehensive cyber-security assessments.
In addition to providing a comprehensive analysis of the impact of cyber-threats on LKC systems, this paper presents a general framework for vulnerability assessment of control systems in the ECU from a control perspective. For other systems, such as safety systems and energy management systems, a similar approach can be used to conduct a detailed impact analysis using the potential signal inputs and objectives outlined in Section II, under a variety of cyber-physical attacks specific to each system. However, for learning-based systems, such as deep learning approaches for pedestrian detection in rough weather, vulnerability assessment can be more challenging due to their unique algorithm structure compared to traditional control methodologies. Further research is needed to develop appropriate cyber-physical attacks, evaluation metrics and security frameworks [35] and more in-depth assessment analysis on real vehicles.