Use of distributed ledger technologies like blockchain is becoming more common in transportation/mobility ecosystems. However, cyber-security failures may occur at places where the blockchain system connects with the real world. In this paper, we propose a novel risk assessment framework for blockchain applications in smart mobility. We aim at systematically quantifying the risk by presenting ordinal values because although vulnerabilities exist in a system, it’s the probability that they can be exploited and the impact of this exploitation that determine if in fact, the vulnerability corresponds to a significant risk. As a case study, we carry out an analysis in terms of quantifying the risk associated to a multi-layered Blockchain framework for Smart Mobility Data-markets (BSMD). We first construct an actor-based analysis to determine the impact of the attacks. Then, a scenario-based analysis determines the probability of occurrence of each threat. Finally, a combined analysis is developed to determine which attack outcomes have the highest risk. In the case study of the public permissioned BSMD, the outcomes of the risk analysis highlight the highest risk factors according to their impact on the victims in terms of monetary, privacy, integrity and trust. The analysis uncovers specific blockchain technology security vulnerabilities in the transportation ecosystem by exposing new attack vectors.

中文翻译：

---

智能移动区块链的网络安全风险评估框架


区块链等分布式账本技术的使用在交通/移动生态系统中变得越来越普遍。然而，在区块链系统与现实世界连接的地方，可能会出现网络安全故障。在本文中，我们为智能移动中的区块链应用提出了一种新颖的风险评估框架。我们的目标是通过呈现顺序值来系统地量化风险，因为尽管系统中存在漏洞，但它们被利用的概率以及这种利用的影响决定了该漏洞实际上是否对应于重大风险。作为案例研究，我们对智能移动数据市场（BSMD）多层区块链框架相关风险进行了量化分析。我们首先构建基于参与者的分析来确定攻击的影响。然后，基于场景的分析确定每个威胁发生的概率。最后，进行综合分析以确定哪些攻击结果风险最高。在公众许可的 BSMD 案例研究中，风险分析的结果根据对受害者在金钱、隐私、诚信和信任方面的影响突出了最高风险因素。该分析通过暴露新的攻击向量，揭示了交通生态系统中特定的区块链技术安全漏洞。