A Comprehensive Security Orchestration, Automation, and Response System (SOAR) for Connected and Autonomous Vehicles (CAVs)

Connected and autonomous vehicles (CAVs) rely heavily on software, connectivity, and automation—expanding the cyber-attack surface and creating new safety and reliability risks. Key threats include distributed denial of service (DDoS) attacks that can trigger operational failures, man-in-the-middle attacks that can intercept or compromise communications, and malware infections that can undermine system integrity and disrupt vehicle functions. These risks can target multiple V2X service layers, including sensors/actuators, software/firmware, network interfaces, human-machine interfaces, electronic control units (ECUs), and cloud services/data storage.

Invention Description

Researchers at the University of Toledo have developed a comprehensive security orchestration, automation, and response (SOAR) system for connected and autonomous vehicles (CAVs) that proactively detects and responds to cyber threats in real time. The system uses an orchestration layer that integrates and coordinates a broad set of security technologies to produce a unified, system-wide security view and drive response actions. Outputs from multiple security tools/feeds are analyzed and combined to identify, contextualize, and act on security events. After orchestration, the system advances to an automation phase to execute response actions rapidly and consistently, improving resilience and helping maintain safety and public trust in CAV operations.

Applications

• In-vehicle cyber defense for autonomous driving stacks and safety-critical ECUs
• V2X communications protection (vehicle-to-vehicle, vehicle-to-infrastructure, vehicle-to-cloud)

Advantages

• Proactive, real-time detection and response to common CAV threats (e.g., DDoS, MITM, malware)
• Unified security perspective by combining outputs from multiple security technologies
• Faster, more consistent incident handling through automated response workflows
• Broad coverage across multiple V2X attack surfaces (vehicle, network, HMI, ECUs, cloud)
• Improved operational resilience that supports safety, uptime, and user trust

Lead Inventor: Niyomdi Magani

Further Information: 

Seth Smith, Patent Agent

Licensing Associate

seth.smith3@utoledo.edu

Office:  419.530.6229

Keywords: CAV security, autonomous vehicle cybersecurity, SOAR, V2X security, intrusion detection, threat intelligence, EDR, NDR, incident response, machine learning security analytics, real-time response, vehicle networks