Vehicle platooning, with vehicles traveling in close formation coordinated through Vehicle-to-Everything (V2X) communications, offers significant benefits in fuel efficiency and road utilization. However, it is vulnerable to sophisticated falsification attacks by authenticated insiders that can destabilize the formation and potentially cause catastrophic collisions. This paper addresses this challenge: misbehavior detection in vehicle platooning systems. We present AttentionGuard, a transformer-based framework for misbehavior detection that leverages the self-attention mechanism to identify anomalous patterns in mobility data. Our proposal employs a multi-head transformer-encoder to process sequential kinematic information, enabling effective differentiation between normal mobility patterns and falsification attacks across diverse platooning scenarios, including steady-state (no-maneuver) operation, join, and exit maneuvers. Our evaluation uses an extensive simulation dataset featuring various attack vectors (constant, gradual, and combined falsifications) and operational parameters (controller types, vehicle speeds, and attacker positions). Experimental results demonstrate that AttentionGuard achieves up to 0.95 F1-score in attack detection, with robust performance maintained during complex maneuvers. Notably, our system performs effectively with minimal latency (100ms decision intervals), making it suitable for real-time transportation safety applications. Comparative analysis reveals superior detection capabilities and establishes the transformer-encoder as a promising approach for securing Cooperative Intelligent Transport Systems (C-ITS) against sophisticated insider threats.

Platooning has shown promising results in improving transportation safety and decreasing fuel consumption. Vehicles enter these formations, to form convoys, while traveling to similar destinations. However, this implies trust in the information received by the other platoon members. Insider attackers performing falsification attacks can destabilize the platoon or cause catastrophic vehicle collisions. Detecting this type of misbehavior is not without shortcomings: benign mobility deviations can be, erroneously, flagged as misbehavior. Further, even when an attack is detected, the vehicles remain affected until the attacker is excluded from the formation. Thus, in this work, we address the need for a reliable mitigation approach. We propose a platoon restructuring scheme aiming to mitigate attacks and reduce the attacker's potential for further misbehavior. Our results, and analysis, show the feasibility of our approach, which manages to restore the formation's stability even when an attack is ongoing.

Intelligent Transport Systems (ITS) latest standardization efforts focus on a Maneuver Coordination Service (MCS), for automated vehicles to cooperatively perform maneuvers. The goal is to avoid degrading to lower levels of automation, i.e., human input for maneuvering, e.g., when an obstacle ahead needs to be avoided. MCS-equipped vehicles communicate with nearby vehicles that are possibly affected by the impending maneuver, to establish that a maneuver can safely take place. An MCS-equipped vehicle that misbehaves can be catastrophic: transmitting falsified MCS messages or preventing their reception can mislead victim vehicles into aborting a maneuver, being delayed and, worse even, collide. In this work, we investigate the robustness of existing Maneuver Coordination Protocols (MCPs) and analyze the effect of falsification and jamming attacks. Our analysis shows an increased probability for neck injuries,i.e., whiplash, and potentially more severe injuries. As a first step towards thwarting attacks targeting MCPs, we extendMCPs to take into account on-board vehicle sensors, along with MCP messaging, before committing to a maneuver. Our results demonstrate the MCP vulnerability, the improvement thanks to the sensors, and the need to further improve MCP security. We conclude with a road-map towards a resilient MCS.

Cooperative Adaptive Cruise Control (CACC), a promising Vehicular Ad-hoc Network (VANET) application, automates transportation and improves efficiency. Vehicles form a platoon, following a leader, with their controllers automatically adjusting velocity, based on messages by other vehicles, to keep appropriate distances for safety. Towards deploying secure CACC, several proposals in academia and standardization leave significant questions unanswered. Thwarting adversaries is hard: cryptographic protection ensures access control (authentication and authorization) but falsified kinematic information by faulty insiders (platoon members with credentials, even the platoon leader) can cause platoon instability or vehicle crashes. Filtering out such adversarial data is challenging (computational cost and high false positive rates) but, most important, state-of-the-art misbehavior detection algorithms completely fail during platoon maneuvering. In this paper, we systematically investigate how and to what extent controllers for existing platooning applications are vulnerable, mounting a gamut of attacks, ranging from falsification attacks to jamming and collusion;  including two novel attacks during maneuvering. We show how the existing middle-join and leave processes are vulnerable to falsification or 'privilege escalation' attacks. We mitigate such vulnerabilities and enable vehicles joining and exiting from any position (middle-join and middle-exit). We propose a misbehavior detection system that achieves an F₁ score of ≈87 on identifying attacks throughout the lifetime of the platoon formation, including maneuvers. Our cyberphysical simulation framework can be extended to assess any other driving automation functionality in the presence of attackers.