Understanding the Autonomous Electric Vehicle Cyber Threat Landscape: A Focus on Infrastructure, Threats and Ontology-Based Modelling

Autonomous electric vehicles are not just cars with batteries and sensors. They are complex cyber-physical systems that connect vehicles, charging stations, communications networks, AI models, energy infrastructure, and the electric grid. That complexity creates a new security challenge: risk is no longer isolated inside a single component. It propagates across systems.

A recent research article, “Understanding the Autonomous Electric Vehicle Cyber Threat Landscape: A Focus on Infrastructure, Threats and Ontology-Based Modelling,” highlights this challenge directly. The authors argue that autonomous electric vehicles combine the attack surfaces of electric vehicles, autonomous driving systems, advanced driver assistance systems, charging infrastructure, vehicle communications, and grid connectivity. Threats can include sensor impersonation, AI manipulation, network vulnerabilities, remote access attacks, charging protocol risks, and attacks that may affect not only vehicle performance but also energy consumption and grid stability.

The most important insight from the article is not simply that autonomous electric vehicles face many threats. It is that these threats are interconnected. A vulnerability in a charging station, a communication channel, a vehicle control system, or an AI decision component may become part of a larger attack path. Static spreadsheets, flat taxonomies, and disconnected threat lists are not enough to model this kind of risk.

From Threat Lists to Machine-Interpretable Risk Models

The researchers propose an ontology-based model for representing autonomous electric vehicle components, threats, vulnerabilities, mitigations, and their relationships. This semantic approach makes the threat landscape machine-interpretable, enabling automated reasoning, richer querying, hidden-risk discovery, and attack-path tracing.

That is exactly where Knowledge Graphs become essential.

A Knowledge Graph does more than store cybersecurity terms. It connects entities and relationships in a form that both humans and machines can understand. In this case, the graph can represent vehicles, sensors, charging stations, communication networks, control systems, vulnerabilities, threat actors, mitigations, policies, and operational dependencies. Once these relationships are modeled, security teams can ask more powerful questions:

• Which vulnerabilities affect both vehicle safety and grid stability?
• Which charging infrastructure components are connected to high-risk communication paths?
• What mitigations apply to a threat that propagates from V2G communications into vehicle control systems?
• Which attack paths cross organizational, physical, and software boundaries?
• What new risks emerge when AI-based decision systems are connected to external infrastructure?

These are not simple keyword-search questions. They require reasoning across relationships.

Why AllegroGraph Matters

AllegroGraph is designed for exactly this class of enterprise problem: complex, connected, governed, and evolving knowledge. As a Graph, Vector, and Document Database Platform, AllegroGraph provides a foundation for building enterprise-scale Knowledge Graphs and AI-ready data architectures.

For cybersecurity, infrastructure, transportation, energy, and defense applications, this matters because the knowledge model must evolve as new assets, vulnerabilities, attack techniques, mitigations, and regulatory requirements emerge. An ontology-based approach allows organizations to extend their models without rebuilding the entire system.

AllegroGraph also supports the neuro-symbolic AI pattern that is becoming increasingly important for critical infrastructure: combining symbolic knowledge, semantic models, graph reasoning, documents, vectors, and LLMs. AllegroGraph introduced native vector storage and vector-generation features to enhance graph integration with LLMs for Retrieval Augmented Generation, while also supporting graph, document, and symbolic AI capabilities.

GraphTalker: Making Threat Models Usable

One of the biggest barriers to ontology-based security modeling is usability. Security analysts, infrastructure planners, compliance teams, and executives may all need answers from the model, but not all of them write SPARQL.

With AllegroGraph 9.0, GraphTalker enables users to ask natural-language questions of Knowledge Graphs and receive verified answers, analysis, and reusable query workflows. Instead of relying on a one-shot text-to-query translation, GraphTalker uses an iterative, agent-driven approach that explores schema, tests queries, learns from errors, and refines results until it produces a working answer.

For an ontology-based threat model, that means users could ask questions such as:

“Show me the attack paths that connect charging infrastructure vulnerabilities to autonomous driving safety risks.”

“Which mitigations reduce risk across both V2G communications and ADAS components?”

“What systems are affected if a sensor impersonation attack compromises vehicle perception?”

GraphTalker can help make complex semantic models accessible to the people who need the answers, not just the people who built the ontology.

The Bigger Lesson: Cybersecurity Needs Context

The article’s focus on autonomous electric vehicles is a strong example of a broader enterprise reality. Modern systems are no longer isolated applications. They are networks of networks: physical assets, software systems, AI models, APIs, documents, policies, users, devices, and external infrastructure.

Security teams need more than alerts. They need context.

They need to understand how assets are connected, what each system means, which dependencies matter, where vulnerabilities exist, how threats propagate, what mitigations apply, and which business or safety outcomes are at risk. That is the role of the Knowledge Graph.

Ontology-based modeling turns cybersecurity knowledge into an active reasoning layer. AllegroGraph provides the enterprise Knowledge Graph platform to build, govern, query, and extend that layer. And with GraphTalker, organizations can make that intelligence accessible through natural language.

As autonomous vehicles, energy systems, smart infrastructure, and AI-driven operations continue to converge, the organizations that understand their connected risk landscape will be better prepared to defend it.

Knowledge Graphs are becoming a critical foundation for cybersecurity because threats do not occur in isolation. They move through relationships.