Human-Centric Impacts of Cyberattacks on Autonomous Vehicle User Interactions: A Simulation-Based Study

Abstract

Connected and Autonomous Vehicles (CAVs) are rapidly advancing toward SAE Levels 4 and 5, fundamentally reshaping human–vehicle interaction. As these systems become increasingly automated and connected, cybersecurity incidents introduce risks that extend beyond technical failure, affecting user trust, perceived safety, and acceptance. This study investigates how passengers respond when cyberattacks occur during an autonomous ride-hailing service. A driving simulator study was conducted with 50 participants, replicating a robo-taxi experience along a 5-mile urban route. Participants experienced three scenarios: a control scenario, a passive attack scenario and an active attack scenario. Following each scenario, participants evaluated their trust in the system, perceived safety, perception of risk, privacy assurance, and service intention (intention to use). The results demonstrated statistically significant differences across the three scenarios. Passive attacks were associated with reduced trust and increased uncertainty, whereas active attacks produced stronger negative responses, including higher perception of risk and lower perceived safety. Participants also expressed concern about the reliability of the automated vehicle and their personal safety when abnormal behaviour occurred. Overall, the findings underscore that cyberattacks meaningfully influence how passengers evaluate the safety, reliability, and future adoption of autonomous mobility services. These results highlight the importance of integrating human-centric impact evaluation within cybersecurity risk assessment framework and the design of secure and trustworthy autonomous transport systems.

Keywords: Connected and Autonomous Vehicles (CAVs), Human–Vehicle Interaction, Cybersecurity, Human-centric factors, ISO/SAE 21434

DOI: 10.54941/ahfe1007203