Cyber-Security Risk Assessment Framework for Blockchains in Smart Mobility

Use of distributed ledger technologies like blockchain is becoming more common in transportation/mobility ecosystems. However, cyber-security failures may occur at places where the blockchain system connects with the real world. In this paper, we propose a novel risk assessment framework for blockchain applications in smart mobility. We aim at systematically quantifying the risk by presenting ordinal values because although vulnerabilities exist in a system, it's the probability that they can be exploited and the impact of this exploitation that determine if in fact, the vulnerability corresponds to a significant risk. As a case study, we carry out an analysis in terms of quantifying the risk associated to a multi-layered Blockchain framework for Smart Mobility Data-markets (BSMD). We first construct an actor-based analysis to determine the impact of the attacks. Then, a scenario-based analysis determines the probability of occurrence of each threat. Finally, a combined analysis is developed to determine which attack outcomes have the highest risk. In the case study of the public permissioned BSMD, the outcomes of the risk analysis highlight the highest risk factors according to their impact on the victims in terms of monetary, privacy, integrity and trust. The analysis uncovers specific blockchain technology security vulnerabilities in the transportation ecosystem by exposing new attack vectors.