Automated city shuttles: Mapping the key challenges in cybersecurity, privacy and standards to future developments

The Automated City Shuttles (ACSs) aim to shape the future public transportation and provide more effi-cient and accessible mobility in smart cities. With the absence of a driver, such mini-busses process the sensors' inputs and exchanged data with other vehicles and intelligent transport systems to achieve a real time assimilation of its surroundings. Consequently, the technologies supporting the driverless function-alities ushered new cybersecurity risks and data privacy breaches. Unfortunately, several studies mostly focus on individual Connected-Automated Vehicles (CAV), though intrinsic underpinnings of the ACS's threat vectors remain unexplored. In the present paper, we considerably extend that investigation by proposing a comprehensive state of the art with farsighted analyses addressing security threats and data privacy concerns from both technical and legal perspectives to thwart potential attacks. Moreover, as ex-isting approaches have not provided yet a clear road map about ACS's security standards, the present work sheds light on recent and up to date standards and standardisation bodies dealing with cyberse-curity and privacy issues in the automated driving ecosystem. This paper presents an analysis debating the trade-off between maximising the ACS benefits and minimising the associated security vulnerabilities and attacks through an overview of technical and legal mitigation strategies. .(c) 2022 The Author(s). Published by Elsevier Ltd. This is an open access article under the CC BY license ( http://creativecommons.org/licenses/by/4.0/ )