The impact of regulatory mechanisms on vulnerability disclosure behavior during crowdsourcing cybersecurity testing

Liurong Zhao; Xiaoxi Yu; Xinyu Zhou; Liurong Zhao; Xiaoxi Yu; Xinyu Zhou

doi:10.3934/mbe.2023841

Mathematical Biosciences and Engineering

2023, Volume 20, Issue 11: 19012-19039. doi: 10.3934/mbe.2023841

Previous Article Next Article

Research article

The impact of regulatory mechanisms on vulnerability disclosure behavior during crowdsourcing cybersecurity testing

School of Economics and Management, Nanjing Tech University, Nanjing 211816, China

Academic Editor: Yang Kuang

Received: 31 July 2023 Revised: 11 September 2023 Accepted: 21 September 2023 Published: 10 October 2023

There are various regulatory mechanisms to coordinate vulnerability disclosure behaviors during crowdsourcing cybersecurity testing. However, in the case of unclear regulatory effectiveness, enterprises cannot obtain sufficient vulnerability information, third-party crowdsourcing cybersecurity testing platforms fail to provide trusted services, and the government lacks strong credibility. We have constructed a tripartite evolutionary game model to analyze the evolutionary process of the equilibrium of {legal disclosure, active operation, strict regulation}, and the paper reveals the impact of three regulatory mechanisms. We find that these participants' positive behaviors are in a stable state. Higher initial willingness accelerates the speed of reaching the evolutionary stability of the system, and this equilibrium is satisfied only if the governmental regulatory benefits are sufficiently high. Regarding the punishment mechanism, increased punishment for enterprises causes them to adopt positive behaviors faster, while the opposite occurs for platforms; increased punishment for platforms drives both participants to adopt positive behaviors faster. Concerning the subsidy mechanism, increased subsidy to enterprises causes them to adopt legal disclosure behaviors faster, while platforms remain unresponsive; increased subsidy to platforms motivates both players to choose their own positive behaviors. In terms of the collaborative disclosure mechanism, excessive collaborative costs reduce the platforms' willingness to operate actively, which decreases the enterprises' incentives to disclose vulnerability legally. These findings guide the government to establish suitable mechanisms to regulate the participants' behavior and promote the healthy development of the cybersecurity crowdsourcing industry.

Keywords:

Citation: Liurong Zhao, Xiaoxi Yu, Xinyu Zhou. The impact of regulatory mechanisms on vulnerability disclosure behavior during crowdsourcing cybersecurity testing[J]. Mathematical Biosciences and Engineering, 2023, 20(11): 19012-19039. doi: 10.3934/mbe.2023841

Related Papers:

[1]	Bo Lan, Lei Zhuang, Qin Zhou . An evolutionary game analysis of digital currency innovation and regulatory coordination. Mathematical Biosciences and Engineering, 2023, 20(5): 9018-9040. doi: 10.3934/mbe.2023396
[2]	Xiaochun Chen, Jie Zhao, Yingying Ma, Bo Lv, Xuanjin Du . Tripartite evolutionary game study on coordination information security in prescription circulation. Mathematical Biosciences and Engineering, 2023, 20(12): 21120-21146. doi: 10.3934/mbe.2023934
[3]	Zhongwei Li, Wenqi Jiang, Xiaosheng Liu, Kai Tan, Xianji Jin, Ming Yang . GAN model using field fuzz mutation for in-vehicle CAN bus intrusion detection. Mathematical Biosciences and Engineering, 2022, 19(7): 6996-7018. doi: 10.3934/mbe.2022330
[4]	Shuang Zhang, Peng Jing, Daibiao Yuan, Chenlu Yang . On parents' choice of the school travel mode during the COVID-19 pandemic. Mathematical Biosciences and Engineering, 2022, 19(9): 9412-9436. doi: 10.3934/mbe.2022438
[5]	Xiao Wang, Jianbiao Zhang, Ai Zhang, Jinchang Ren . TKRD: Trusted kernel rootkit detection for cybersecurity of VMs based on machine learning and memory forensic analysis. Mathematical Biosciences and Engineering, 2019, 16(4): 2650-2667. doi: 10.3934/mbe.2019132
[6]	Zhoukai Wang, Xinhong Hei, Weigang Ma, Yichuan Wang, Kan Wang, Qiao Jia . Parallel anomaly detection algorithm for cybersecurity on the highspeed train control system. Mathematical Biosciences and Engineering, 2022, 19(1): 287-308. doi: 10.3934/mbe.2022015
[7]	Yuanyuan Huang, Yiping Hao, Min Wang, Wen Zhou, Zhijun Wu . Optimality and stability of symmetric evolutionary games with applications in genetic selection. Mathematical Biosciences and Engineering, 2015, 12(3): 503-523. doi: 10.3934/mbe.2015.12.503
[8]	Xiao Dong Yang, Wen Jia Wang, Bin Shu, Mei Juan Li, Rui Xia Liu, Cai Fen Wang . Multi-message multi-receiver signcryption scheme based on blockchain. Mathematical Biosciences and Engineering, 2023, 20(10): 18146-18172. doi: 10.3934/mbe.2023806
[9]	Shiyou Chen, Baohui Li, Lanlan Rui, Jiaxing Wang, Xingyu Chen . A blockchain-based creditable and distributed incentive mechanism for participant mobile crowdsensing in edge computing. Mathematical Biosciences and Engineering, 2022, 19(4): 3285-3312. doi: 10.3934/mbe.2022152
[10]	Jingyu Liu, Weidong Meng, Yuyu Li, Bo Huang, Bixi Zhang . Effective guide for behaviour of farmers in the withdrawal of rural homesteads: An evolutionary game-based study. Mathematical Biosciences and Engineering, 2022, 19(8): 7805-7825. doi: 10.3934/mbe.2022365

Abstract

1. Introduction

CAVs are designed to enhance mobility, safety, comfort and environmental sustainability, and this new technology will reshape the future transportation system ^[1]. Bansal and Kockelman ^[2] forecasted that the proportion of CAVs on the road would reach about 75% by 2050. There will be a transition period of several decades in which HVs and CAVs coexist on the roadway. CAVs inherently improve the characteristics of the mixed (HVs and CAVs) traffic flow, as the reaction delay and following time gap are effectively shortened ^[3,4,5].

CACC is one of the most promising technologies for CAVs ^[6,7], which is an extension of the adaptive cruise control (ACC) concept, sharing and receiving information such as location, velocity and acceleration. In recent years, numerous studies have confirmed that CAVs can stabilize the mixed traffic flow and increase roadway capacity. Back in 2008, Kesting et al. ^[8] proposed an improved ACC strategy and applied it to on-ramp bottleneck simulation, demonstrating that traffic congestion is alleviated when the proportion of ACC vehicles reaches 25%. Ngoduy ^[9] studied the stability diagram of the heterogeneous intelligent traffic flow under different ACC vehicle proportions applying the analytical stability framework ^[10] to the heterogeneous traffic flow of HVs and ACC vehicles. Ntousakis et al. ^[11] designed the traffic simulation experiments on a basic road section and a ring road, which shows that the traffic capacity can be significantly improved when the ACC penetration ratio is more prominent. Talebpour and Mahmassani ^[1] conducted string stability analysis and throughput analysis under different CACC/ACC vehicle ratios, which reveals that CAVs can improve string stability and be more effective in preventing shockwave formation and propagation. Chen et al. ^[12] proposed roadway capacity formulation for the mixed traffic flow, considering the influence factors such as market penetration of CAVs, the headway between CAV and the leading HV, and the driving rules. Liu et al. ^[13] studied the impact of CACC vehicles on the capacity of multi-lane expressways and conducted a case study on a 4-lane expressway with on and off ramps, showing that the traffic capacity increases slowly when the proportion of CACC vehicles ranges from 20% to 60%. Xie et al. ^[14] deduced a linear stability condition of the heterogeneous traffic with the generic car-following framework, demonstrating that the stability is closely related to the penetration rate and the spatial distribution of CAVs, particularly under congested traffic. Proving that the performance of CACC degrades to ACC when the CACC vehicle follows a manual-driven vehicle immediately in front, Wang et al. ^[15] investigated the stability of heterogeneous traffic flow analytically under various CACC market penetration rates. Yao et al. ^[16] developed the stability analysis method and fundamental diagram model of mixed traffic flow and conducted an on-ramp simulation with different CACC penetration rates. Yao et al. ^[17] conducted stability analysis and safety evaluation of mixed traffic flow under different penetration rates of CAVs, demonstrating the improvement of the stability and safety with CAVs application. Shang and Stern ^[18] simulated mixed traffic flow, finding out that bottleneck capacity is mainly affected by string stability and time gap, while downstream throughput is only affected by the time gap. Yao et al. ^[19] and Luo et al. ^[20] analyzed the linear stability of mixed traffic flow based on several influencing factors, including reaction time, the degradations of CAVs, and platoon intensity. Hung and Zhang ^[21] studied the effect of CACC on string stability for heterogeneous traffic with HVs, connected vehicles and autonomous vehicles. Liu et al. ^[22] focused on longitudinal platoon and conducted string stability analysis with numerical simulations, providing a new result about CACC with adaptive disturbance decoupling. Liu et al. ^[23] extended the standard string stability to head-to-tail string stability to explore the interaction of automated and human-driven vehicles in mixed platoons. Yao et al. ^[24] explored the fundamental diagram and linear stability of mixed traffic flow with the consideration of platoon size and intensity of CAVs.

Although various studies have been dedicated to the impact of CAVs on mixed traffic flow, twofold issues are open to discussion. First, most studies investigate HVs behavior with the model parameters from the literature ^{[13,14,15,16,17,19,20,21,24]}, ignoring calibrating the model from the empirical dataset. Second, the open boundary conditions such as single-lane and on-ramp are frequently established scenarios for numerical simulations ^{[1,13,15,16,17,18,20]}, which may not coincide with the platoon of infinite vehicles concept in the analytical stability framework.

To overcome the above limitations, we investigate the car-following models of HVs and CAVs and conduct the string stability and fundamental diagram analysis of mixed traffic flow with analytical and numerical approaches. The contribution of this paper is summarized as follows: (ⅰ) HVs and CAVs are modeled based on the actual trajectory data, as they will interact in the real mixed traffic flow circumstance rather than in a simulation environment. The car-following behavior of HVs is modeled by the IDM and calibrated with the empirical dataset from a US highway. The CACC model from the PATH laboratory is based on the actual measured responses and adopted for CAVs modeling. (ⅱ) The string stability and fundamental diagram are analytically investigated for different CAVs penetration rates, demonstrating that CAVs can effectively improve the stability and capacity of mixed traffic flow. (ⅲ) The periodic boundary condition is introduced for numerical simulation, which is consistent with the assumption in the analytical process. The numerical simulation results agree with the analytical solutions, which proves the validity of the mixed traffic flow analysis framework.

The rest of the paper is structured as follows. In Section 2, the empirical dataset is prepared and used to calibrate HVs car-following model, and the CAVs car-following model is presented. In Section 3, we deduce the analytical solution of string stability and the fundamental diagram of mixed traffic flow. Section 4 establishes the numerical simulation in a ring road scenario and the simulation results are analyzed. Section 5 concludes our findings.

2. Microscopic traffic models

2.1. Data preparation

The driving behavior modeling of HVs plays an important role in mixed traffic flow analysis. The study of HVs requires the investigation of empirical data sources besides mathematical modeling. The next-generation simulation (NGSIM) dataset ^[25] is a frequently-used empirical dataset well known for its high-fidelity trajectory data extracted from high-angle shot videos. The data used here is part of the NGSIM dataset, i.e., the I-80 dataset, collected from eastbound/northbound US Interstate 80 (I-80) in Emeryville, California. The sampling area comprises six lanes (one high-occupancy vehicle lane and five regular lanes) and one on-ramp, approximately 500 m. The sampling period ranged from 4:00 p.m. to 4:15 p.m. on June 15, 2005.

First, we pick up trajectory data only collected from the regular inner lanes, Lanes 2–6, to avoid the impact of the on-ramp. Then, as in similar studies for the NGSIM data reconstruction ^[26,27,28], we filtered the trajectories to eliminate the measurement errors. Finally, 1386 car-following events are extracted by applying the three rules below:

● Gap distance less than 120 m, avoiding free-flow traffic conditions.

● Vehicle length less than 5 m, excluding truck.

● Car-following duration of no less than 30 s continuously, eliminating the influence of lane-changing.

The trajectories from Lanes 3–6 (1054 car-following events) are adopted to calibrate the HVs model, and the rest samples are from Lane 2 (332 car-following events) and further utilized for validation. Figure 1 shows a part of the trajectories in Lane 2.

Figure 1. Time-space diagram of some trajectories in Lane 2.

DownLoad: Full-Size Img PowerPoint

2.2. Car-following models

Car-following modeling is a way to explore the driving behavior of HVs and CAVs. In addition to being a microscopic traffic model, the car-following model is a bridge between micro and macro traffic flow analysis. Car-following models have been extensively studied over decades. There are many models developed for HVs incorporating human factors ^[29], which can be mainly divided into two categories: mathematical models (including stimulus-response models, desired measures models, psycho-physical models and Newell's simplified models) and data-driven models. As autonomous driving is a hot topic in recent years, some prevalent car-following models for CAVs are developed, such as the ACC and CACC models ^[30,31] and reinforcement learning-based models ^[32,33]. With a view to solving micromodels analytically, mathematics-based models are investigated in the following.

2.2.1. Human-driven vehicles

The IDM was first proposed in 2000, accurately reproducing phase transitions at road inhomogeneities ^[34]. This model can capture car-following behaviors of HVs, and its parameters have clear physical meanings. The governing equation of IDM is presented in Eq (2.1).

$\begin{equation} \dot{v} = a\left[1-\left(\frac{v}{v_0}\right)^4-\left(\frac{s^*(v, \Delta v)}{h-l}\right)^2\right], \end{equation}$

(2.1)

where $\dot{v}$ is the derivative of speed, which denotes the acceleration of the subject vehicle. $v$ is the speed of the subject vehicle. $\Delta v$ is the relative speed, $\Delta v = v_{n-1} - v_n$ , i.e., it can be calculated by the speed of the preceding vehicle minus the speed of the subject vehicle. $h$ is the space headway between adjacent vehicles. $l$ is the length of the preceding vehicle and set as 5 m. $s^*$ is the desired space headway function, as given in Eq (2.2).

$\begin{equation} s^*(v, \Delta v) = s_0+\max \left(0, Tv-\frac{v\Delta v}{2\sqrt{ab}}\right), \end{equation}$

(2.2)

where the parameters to be calibrated are described as follows. $a$ is the maximum acceleration, and $b$ is the desired deceleration. $v_0$ denotes the desired speed. $T$ is the safe time headway. $s_0$ is the bumper-to-bumper space in standstill traffic, i.e., the minimum safe gap distance.

Since we intend to investigate HVs behavior at the real trajectory level, IDM parameters are calibrated based on a genetic algorithm (GA) ^[35] with prepared data. GA is a stochastic global search optimization algorithm. The optimization with respect to spacing is preferred ^[36], and the vehicle position can be calculated with the improved euler method, as in Eq (2.3). The optimization objective is the error between the simulated and observed trajectory, and the mean squared error (MSE) is used as the objective function in this study, as formulated in Eq (2.4). We conducted GA calibration with Python, and the parameter constraints are displayed in Table 1. The optimum set of calibrated parameters is presented in , and the values of these parameters from previous studies ^[34,37,38] are also listed. The IDM models with different parameters are validated and the average MSE results (i.e., $\overline{\mathrm{MSE}}$ = 33.80, 31.29, 28.72 and 26.89) show that the performance of calibrated parameters is superior to others. Therefore, the car-following behavior of HVs is modeled by IDM with calibrated parameters.

$\begin{equation} x_{t+\Delta t} = x_{t} + v_{t}\Delta t + \frac{1}{2}\dot{v}_{t+\Delta t}\Delta t^2, \end{equation}$

(2.3)

$\begin{equation} \mathrm{MSE} = \frac{1}{M}\sum\limits_{t = 1}^M (x_t^{sim}-x_t^{obs})^2. \end{equation}$

(2.4)

Table 1. Parameter constrains for calibration^[39].

Parameter	Bound
$a\ (m/s^2)$	$[0.1, 4.0]$
$b\ (m/s^2)$	$[0.1, 4.5]$
$v_0\ (km/h)$	$[1, 150]$
$T\ (s)$	$[0.1, 4.0]$
$s_0\ (m)$	$[1.0, 10]$

| Show Table

DownLoad: CSV

Table 2. Parameters and measure of performance.

Source	$a\ (m/s^2)$	$b\ (m/s^2)$	$v_0\ (km/h)$	$T\ (s)$	$s_0\ (m)$	$\overline{\mathrm{MSE}}$
^[34]	0.73	1.67	120	1.6	2	33.80
^[37]	1	1.5	128	1.1	2	31.29
^[38]	1.4	2.0	120	1.5	2	28.72
Calibrated	1.71	2.02	95.36	1.32	2.87	26.89

| Show Table

DownLoad: CSV

2.2.2. Connected autonomous vehicles

PATH laboratory developed control models of ACC and CACC based on real vehicle implementation ^[30,31], showing that the strings of ACC vehicles exhibit an unstable phenomenon, while CACC strings provide smooth and stable following action. In this paper, we focus on CAVs equipped with communication technology, which is conducive to the stability of mixed traffic flow. The CACC model derived from actual trajectories ^[31] is adopted to model CAVs, as formulated in Eq (2.5).

$\begin{equation} \begin{cases} e = h - l - s_0 - t_cv, \\ v = v_p+k_pe+k_d\dot{e}, \end{cases} \end{equation}$

(2.5)

where $e$ is the gap error between the actual and desired gap, this error and its derivative are used to determine the speed of the subject vehicle at each control cycle. $t_c$ is the desired constant time gap, i.e., the expected traveling time for the subject vehicle with the instantaneous speed to the position of the rear end of the preceding vehicle. $v_p$ is the speed of the subject vehicle at the previous control time. The control parameters $k_p$ and $k_d$ are used to adjust the time-gap error.

The control equation of the CACC model is obtained by calculating the derivative of speed in Eq (2.5), and the result is given in Eq (2.6).

$\begin{equation} \dot{v} = \frac{k_p (h-l-s_0) -k_pt_cv+k_d\Delta v}{k_d\ \ t_c+dt}, \end{equation}$

(2.6)

where $dt$ is the updated time interval. The values of $k_p$ , $k_d$ and $dt$ are determined by the experimental tests ^[31], $k_p = 0.45$ , $k_d = 0.25$ , $dt = 0.01 s$ . According to the investigation in ^[40], the acceptance value of $t_c$ are different, and the maximum acceptance rate is 57% with $t_c = 0.6$ .

3. Analytical solution of mixed traffic flow

3.1. String stability

There are two types of linear stability for car-following models, local stability and string stability ^[41,42], and the latter has received extensive attention in recent years, especially for the stability analysis of mixed traffic flow ^[1,14,16]. String stability is defined based on the phenomenon that fluctuations in the motion of one vehicle propagate to upstream traffic ^[43], and string instability gives rise to stop-and-go waves. This section investigates the string stability of mixed traffic flow of HVs and CAVs, guided by the method in previous studies ^[1,10].

The car-following model for either HVs (Eq (2.1)) or CAVs (Eq (2.6)) can be simply expressed by the following differential equation, as in Eq (3.1). Under equilibrium points, the acceleration and relative speed in the above equation are zero ( $\dot{v} = 0$ and $\Delta v = 0$ ), and there is an equilibrium solution for speed and gap distance ( $v = v^e$ and $h = h^e$ ). Thus, Eq (3.2) presents the differential equation in the stable situation.

$\begin{equation} \dot{v} = f(v, \Delta v, h), \end{equation}$

(3.1)

$\begin{equation} f(v^e, 0, h^e) = 0. \end{equation}$

(3.2)

Assuming small perturbations in headway and speed of a vehicle in an infinite-length platoon, Ward ^[10] deduced instability conditions for homogeneous and heterogeneous traffic flow, as shown in Eqs (3.3) and (3.4).

$\begin{equation} \frac{1}{2}(f_v)^2-f_{\Delta v}f_v-f_h < 0, \end{equation}$

(3.3)

$\begin{equation} \sum\limits_{n} \left[ \frac{1}{2}(f^n_v)^2-f^n_{\Delta v}f^n_v-f^n_h \right] \left( \prod\limits_{m \ne n} f^m_h \right)^2 < 0, \end{equation}$

(3.4)

where $n$ and $m$ denote different vehicle types in mixed traffic flow. $f_v, f_{\Delta v}, f_h$ are the partial differential of the car-following equation for speed, relative speed and headway, which are expanded as in Eq (3.5).

$\begin{equation} \begin{cases} f_v^n = \cfrac{\partial f(v, \Delta v, h)}{\partial v} \Big |_{(v^e, 0, h^e)}, \\ f_{\Delta v}^n = \cfrac{\partial f(v, \Delta v, h)}{\partial \Delta v} \Big |_{(v^e, 0, h^e)}, \\ f_h^n = \cfrac{\partial f(v, \Delta v, h)}{\partial h} \Big |_{(v^e, 0, h^e)}. \end{cases} \end{equation}$

(3.5)

Following this, the partial differential equations for car-following models of HVs and CAVs can be calculated, as shown in Eqs (3.6) and (3.7), where $H$ and $C$ denote HVs and CAVs, respectively. The parameters here are calibrated in the above section.

$\begin{equation} \begin{cases} & f_v^H = -2a \left[ \cfrac{2}{v_0} \left(\cfrac{v^e}{v_0} \right)^3 + \cfrac{T(s_0 + Tv^e)}{(h^e-l)^2} \right], \\ & f_{\Delta v}^H = \sqrt{\cfrac{a}{b}} \cfrac{v^e(s_0 + Tv^e)}{(h^e-l)^2}, \\ & f_h^H = 2a \cfrac{(s_0 + Tv^e)^2}{(h^e-l)^3}; \end{cases} \end{equation}$

(3.6)

$\begin{equation} \begin{cases} & f_v^C = -\cfrac{k_p t_c}{k_d t_c + dt}, \\ & f_{\Delta v}^C = \cfrac{k_d}{k_d t_c + dt}, \\ & f_h^C = \cfrac{k_p}{k_d t_c + dt}. \end{cases} \end{equation}$

(3.7)

According to previous studies ^[1,14,44], for the mixed traffic flow of a platoon with infinite length, the judgment equation for string stability (Eq (3.4)) is related to the proportion of different vehicle types but independent of the distribution of vehicles. Therefore, assuming the penetration rate of CAVs in mixed traffic flow is $p$ ( $0 < p < 1$ ), the instability condition of mixed traffic flow can be written as in Eq (3.8). When $p$ is 0 or 1, the traffic flow is homogeneous. If $p = 0$ , the platoon only contains HVs, and if $p = 1$ , there are only CAVs. For these circumstances, the string stability is judged by Eq (3.3) with the corresponding differential equations.

$\begin{equation} (1-p) \left[ \frac{1}{2} (f_v^H)^2 - f_{\Delta v}^H f_v^H - f_h^H \right] \times (f_h^C)^2 + p \left[ \frac{1}{2} (f_v^C)^2 - f_{\Delta v}^C f_v^C - f_h^C \right] \times (f_h^H)^2 < 0. \end{equation}$

(3.8)

depicts the string stability discrimination values in terms of different CAVs penetration rates ( $p$ ). The result reveals that a higher penetration rate of CAVs improves the string stability of mixed traffic flow and increases the space headway threshold in which traffic becomes unstable. The red line in Figure 2 suggests that when the market penetration rate of CAVs is above 60%, the mixed traffic flow with any space headway stays stable. In particular, the discriminate values for 100% CAVs are constantly equal to 1.25, which indicates that the CAVs traffic flow is inherently stable in any circumstance.

Figure 2. String stability for different CAVs penetration rates.

DownLoad: Full-Size Img PowerPoint

3.2. Fundamental diagram

Fundamental diagram can be obtained by analyzing microscopic traffic model. At the equilibrium state, the acceleration of vehicles and the relative speed between vehicles are both zeros. By substituting them into Eqs (2.1) and (2.6), the steady space headway can be expressed by vehicle speed, as follows:

$\begin{equation} h^{eH} = \cfrac{s_0 + v^e T}{\sqrt{1-(\frac{v^e}{v_0})^4}}+l, \end{equation}$

(3.9)

$\begin{equation} h^{eC} = t_c v^e + l + s_0, \end{equation}$

(3.10)

where $h^{eH}$ and $h^{eC}$ denote steady space headway of HVs platoon and CAVs platoon, respectively.

We assume that a platoon of $N$ vehicles travels at an equilibrium speed $v^e$ , $v^e \in [0, v_0)$ . With respect to CAVs penetration rate $p$ , N(1-p) HVs and Np CAVs comprise the mixed traffic flow, which have different equilibrium space headway, $h^{eH}$ and $h^{eC}$ , respectively. The number of vehicles $N$ is large enough to ignore the influence of the space headway of the first vehicle and the vehicle length of the last one. Hence, the mixed traffic flow covered road length $L$ is the sum of the space headway of all vehicles at the equilibrium state, as formulated in Eq (3.11).

$\begin{equation} L = N(1-p)h^{eH}+Nph^{eC}. \end{equation}$

(3.11)

According to the reciprocal relationship between density and space headway at an equilibrium state, the density of mixed traffic flow at the macroscopic level can be calculated by combining Eqs (3.9)–(3.11). Then, the flow at the macroscopic level is obtained based on the relationship between flow, density, and speed. Equation (3.12) presents the flow-density equation. provides the flow-density analytical curves of the fundamental diagram at different CAVs penetration rates $p$ , $p\in\{0, 0.2, 0.4, 0.6, 0.8, 1\}$ . A comparison of the analytical curves reveals that, for the same density, the traffic capacity is more significant when the penetration rate is higher. Moreover, when the penetration rate of CAVs is 100%, the maximum flow is 3935 veh/h, which is more than 2 times the maximum capacity of 100% HVs traffic flow. The results confirm that the growth of CAVs' market penetration rate is conducive to the efficiency of mixed traffic flow.

$\begin{equation} \begin{cases} k = \bigg[ (1-p) \bigg( \cfrac{s_0+v^e T}{\sqrt{1-(\frac{v^e}{v_0})}} + l \bigg) + p (t_c v^e + l + s_0) \bigg]^{-1}, \\ q = kv^e. \end{cases} \end{equation}$

(3.12)

Figure 3. Fundamental diagram for different CAVs penetration rates.

DownLoad: Full-Size Img PowerPoint

4. Numerical simulation of mixed traffic flow

4.1. Simulation design

Numerical simulation is conducted to validate the analytical investigation for the stability and capacity of mixed traffic flow. The periodic boundary condition is an important experimental method in studying traffic flow stability ^[45]. The simulated vehicles run on a ring road without ramps, which can display the propagation course of disturbance in the platoon. This ring road condition is consistent with the infinite length platoon concept for the analytical solution, and it is supported by ^[46] that the policy studied in a closed network can be successfully applied to open networks.

The schematic of ring road is shown in . There are 20 vehicles in the platoon, and the penetration rates of CAVs are set as 0, 20, 40, 60, 80 and 100%, which present the gradual commercialization of CAVs and the transition of mixed traffic flow. The positions of CAVs are randomly arranged in the platoon, as the schematic of 20% CAVs is shown in . In the initial state, the vehicle travels at a steady-state speed and spacing, with a speed of 15.3 m/s. The steady spacing of HVs and CAVs can be calculated by Eqs (3.9) and (3.10), as 29.47 m and 17.05 m, respectively. Thus, for different CAVs penetration rates, the length of the ring road is variable, ranging from 341.0 m to 589.4 m. At 50 s, a perturbation is imposed on the first vehicle. This vehicle decelerates at a rate of 0.65 $\mathrm{m/s^2}$ until its speed equals 14.0 m/s. Then it follows the vehicle immediately in front of it based on the car-following strategy. The entire simulation time is 200 s.

Figure 4. Schematic 20% CAVs penetration.

DownLoad: Full-Size Img PowerPoint

4.2. String stability

String stability of the traffic flow can be observed from the trajectory of vehicles. Based on the numerical simulation, the trajectories with different CAVs penetration rates are obtained, as shown in the time-space diagrams in Figure 5. It shows that when the penetration rate of CAVs transits from 0% to 100%, the steady-state speed of vehicles increases and steady-state spacing decreases. In other words, the traffic flow becomes more efficient. From Figure 5(a), when there is no CAV in the platoon, the perturbation has a negative effect on string stability and results in oscillations (stop-and-go waves) in the upstream traffic flow. Further introducing CAVs into the platoon will improve the string stability of traffic flow. As shown in Figure 5(b)–(e), the trajectories become smooth over time, and the oscillations mitigate. When the platoon consists entirely of CAVs, the impact of the perturbation is short-lived, as presented in Figure 5(f). Therefore, increasing the market penetration rate of CAVs dampens the impact of perturbation on traffic flow and enhances string stability, which agrees with the analytical solution.

Figure 5. Time-space diagrams with different CAVs penetration rates.

DownLoad: Full-Size Img PowerPoint

4.3. Fundamental diagram

In the numerical simulation, two virtual detectors are arranged on the ring road, and their interval is 100 m. The detectors can count the flow-density values during traffic simulation, i.e., generate the scatter points for the fundamental diagram. For different CAVs penetration rates, the simulated fundamental diagrams are compared with the analytical ones, as shown in Figure 6. It shows that the simulated density-flow values distribute around the analytical curves. Although the scatters are not accurately dropping on the curves, they are fluctuating in reasonable ranges around the curves. Due to the speed disturbance in the simulation test, it is difficult for the traffic flow to reach an absolute equilibrium state, so there are non-equilibrium scatter points in the scatter simulation results. Moreover, the maximum capacity in the scatter plots gradually grows with the increase in CAVs penetration rate. Therefore, the simulation results are consistent with the analytical results, which proves the validity of the fundamental diagram analysis in mixed traffic flow.

Figure 6. Simulated fundamental diagrams with different CAVs penetration rates.

DownLoad: Full-Size Img PowerPoint

5. Conclusions

CAVs will shape the future of the roadway transport system. As the only route to the completely CAVs environment, mixed traffic flow is composed of HVs and CAVs and is vital to research. The main purpose of this paper is to study the stability and efficiency of mixed traffic flow. The car-following behaviors of HV and CAV are modeled by real-trajectory-based IDM and PATH laboratory's CACC, respectively. By adopting the mathematical analysis framework, the analytical investigation of string stability and fundamental diagram of mixed traffic flow with different CAVs percentages is conducted. The periodic boundary condition for numerical simulation is established according to the infinite length platoon assumption in the analytical approach. The results show that CAVs can improve the string stability of mixed traffic flow and alleviate the formation and propagation of stop-and-go waves. The capacity increases gradually with the increase of CAVs penetration rate, indicating that CAVs can effectively improve traffic efficiency. From the numerical simulation analysis, the simulation results are consistent with the analytical solutions, which proves the rationality and effectiveness of the string stability and fundamental diagram analysis of mixed traffic flow.

Acknowledgments

The authors would like to thank the editors and reviewers for their time and valuable insights.

Conflict of interest

All authors declare that there is no conflicts of interest in this paper.

References

[1]	Y. S. Pil, The Way Forward for Security Vulnerability Disclosure Policy: Comparative Analysis of US, EU, and Netherlands, (2013), 119–131, https://doi.org/10.1007/978-3-031-19608-9_10
[2]	M. Zhao, A. Laszka, T. Maillart, J. Grossklags, Crowdsourced security vulnerability discovery: Modeling and organizing bug-bounty programs, in The HCOMP Workshop on Mathematical Foundations of Human Computation, Austin, TX, USA, 2016.
[3]	T. Maillart, M. Zhao, J. Grossklags, J. Chuang, Given enough eyeballs, all bugs are shallow? revisiting eric raymond with bug bounty programs, J. Cybersecur., 3 (2017), 81–90. https://doi.org/10.1093/cybsec/tyx008 doi: 10.1093/cybsec/tyx008
[4]	X. Liu, Y. Zhang, H. Zhang, X. Cheng, The practice, achievements, and enlightenment of bug bounty programs of the U.S. department of defense, Natl. Defense Technol., 40 (2019).
[5]	M. Zhao, A. Laszka and J. Grossklags, Devising effective policies for bug-bounty platforms and security vulnerability discovery, J. Inf. Policy, 7 (2017), 372–418. http://doi.org/10.5325/jinfopoli.7.2017.0372 doi: 10.5325/jinfopoli.7.2017.0372
[6]	U. Ķinis, From responsible disclosure policy (rdp) towards state regulated responsible vulnerability disclosure procedure (hereinafter–rvdp): The latvian approach, Comput. Law Secur. Rev., 34 (2018), 508–522. https://doi.org/10.1016/j.clsr.2017.11.003 doi: 10.1016/j.clsr.2017.11.003
[7]	A. Arora, R. Telang, H. Xu, Optimal policy for software vulnerability disclosure, Manage. Sci., 54 (2008), 642–656. https://doi.org/10.1287/mnsc.1070.0771 doi: 10.1287/mnsc.1070.0771
[8]	A. M. Algarni, Y. K. Malaiya, Software vulnerability markets: Discoverers and buyers, Int. J. Comput. Inf. Eng., 8 (2014), 480–490. https://doi.org/10.5281/zenodo.1091516 doi: 10.5281/zenodo.1091516
[9]	A. Arora, R. Krishnan, R. Telang, Y. Yang, An empirical analysis of software vendors' patch release behavior: impact of vulnerability disclosure, Inf. Syst. Res., 21 (2010), 115–132. https://doi.org/10.1287/isre.1080.0226 doi: 10.1287/isre.1080.0226
[10]	J. Ruohonen, L. Allodi, A bug bounty perspective on the disclosure of web vulnerabilities, preprint, arXiv: 1805.09850.
[11]	M. Al-Banna, B. Benatallah, D. Schlagwein, E. Bertino, M. C. Barukh, Friendly hackers to the rescue: How organizations perceive crowdsourced vulnerability discovery, in PACIS, (2018), 230. https://doi.org/https://aisel.aisnet.org/pacis2018
[12]	A. M. Jo, Hackers' self-selection in crowdsourced bug bounty programs, Rev. Econ. Ind., 172 (2020), 83–132.
[13]	E. Rudenko, A. Gnatenko, A. Milich, K. Hedgecock, Z. M. Smith, Leveraging ethical hacking in russia: Exploring the design and potential of bug bounty programs, in Stanford US-Russia Forum Journal, 12 (2020).
[14]	A. Dingman, G. Russo, Risk-based vulnerability disclosure: Towards optimal policy, SSRN, 2015 (2015). https://doi.org/10.2139/ssrn.2601191 doi: 10.2139/ssrn.2601191
[15]	A. Arora, R. Krishnan, A. Nandkumar, R. Telang, Y. Yang, Impact of vulnerability disclosure and patch availability-an empirical analysis, in Third Workshop on the Economics of Information Security, 24 (2004), 1268–1287.
[16]	J. Radianti, Eliciting information on the vulnerability black market from interviews, in 2010 Fourth International Conference on Emerging Security Information, Systems and Technologies, (2010), 154–159. https://doi.org/10.1109/SECURWARE.2010.33
[17]	A. Arora, R. Telang, Economics of software vulnerability disclosure, IEEE Secur. Privacy, 3 (2005), 20–25. https://doi.org/10.1109/MSP.2005.12 doi: 10.1109/MSP.2005.12
[18]	A. Ahmed, B. Lee, Organizational learning on bug bounty platforms, in 26th Americas Conference on Information Systems, AMCIS, 2020.
[19]	H. Cavusoglu, H. Cavusoglu, J. Zhang, Security patch management: Share the burden or share the damage?, Manage. Sci., 54 (2008), 657–670. https://doi.org/10.1287/mnsc.1070.0794 doi: 10.1287/mnsc.1070.0794
[20]	S. Parker, Z. Wu, P. D. Christofides, Cybersecurity in process control, operations, and supply chain, Comput. Chem. Eng., 171 (2023), 108169. https://doi.org/10.1016/j.compchemeng.2023.108169. doi: 10.1016/j.compchemeng.2023.108169
[21]	A. Arora, A. Nandkumar, R. Telang, Does information security attack frequency increase with vulnerability disclosure? An empirical analysis, Inf. Syst. Front., 8 (2006), 350–362. https://doi.org/10.1007/s10796-006-9012-5 doi: 10.1007/s10796-006-9012-5
[22]	S. Ransbotham, S. Mitra, J. Ramsey, Are markets for vulnerabilities effective?, MIS Q., 36 (2012), 43–64. https://doi.org/10.2307/41410405 doi: 10.2307/41410405
[23]	E. Rescorla, Is finding security holes a good idea?, IEEE Secur. Privacy, 3 (2005), 14–19. https://doi.org/10.1109/MSP.2005.17 doi: 10.1109/MSP.2005.17
[24]	H. Cavusoglu, B. Mishra, S. Raghunathan, The effect of internet security breach announcements on market value: Capital market reactions for breached firms and internet security developers, Int. J. Electr. Commer., 9 (2004), 70–104. https://doi.org/10.1080/10864415.2004.11044320 doi: 10.1080/10864415.2004.11044320
[25]	R. Telang, S. Wattal, An empirical analysis of the impact of software vulnerability announcements on firm stock price, IEEE Trans. Software Eng., 33 (2007), 544–557. https://doi.org/10.1109/TSE.2007.70712 doi: 10.1109/TSE.2007.70712
[26]	S. Mitra, S. Ransbotham, Information disclosure and the diffusion of information security attacks, Inf. Syst. Res., 26 (2015), 565–584. https://doi.org/10.1287/isre.2015.0587 doi: 10.1287/isre.2015.0587
[27]	R. Böhme, L. Eckey, T. Moore, N. Narula, T. Ruffing, A. Zohar, Responsible vulnerability disclosure in cryptocurrencies, Commun. ACM, 63 (2020), 62–71. https://doi.org/10.1145/3372115 doi: 10.1145/3372115
[28]	S. P. Gayialis, E. P. Kechagias, G. A. Papadopoulos, E. Kanakis, A smart-contract enabled blockchain traceability system against wine supply chain counterfeiting, in Advances in Production Management Systems. Smart Manufacturing and Logistics Systems: Turning Ideas into Action, (2022), 477–484. https://doi.org/10.1007/978-3-031-16407-1_56
[29]	S. P. Gayialis, E. P. Kechagias, G. A. Papadopoulos, N. A. Panayiotou, A business process reference model for the development of a wine traceability system, Sustainability, 14 (2022), 11687. https://doi.org/10.3390/su141811687 doi: 10.3390/su141811687
[30]	E. P. Kechagias, S. P. Gayialis, G. A. Papadopoulos, G. Papoutsis, An ethereum-based distributed application for enhancing food supply chain traceability, Foods, 12 (2023), 1220. https://doi.org/10.3390/foods12061220 doi: 10.3390/foods12061220
[31]	M. Mijwil, M. Aljanabi, ChatGPT, Towards artificial intelligence-based cybersecurity: The practices and chatgpt generated ways to combat cybercrime, Iraqi J. Comput. Sci. Math., 4 (2023), 65–70. https://doi.org/10.52866/ijcsm.2023.01.01.0019 doi: 10.52866/ijcsm.2023.01.01.0019
[32]	A. T. Chatfield, C. G. Reddick, Crowdsourced cybersecurity innovation: The case of the pentagon's vulnerability reward program, Inf. Polity, 23 (2018), 177–194. https://doi.org/https://doi.org/10.3233/IP-170058 doi: 10.3233/IP-170058
[33]	K. Kannan, R. Telang, Market for software vulnerabilities? think again, Manage. Sci., 51 (2005), 726–740. https://doi.org/10.1287/mnsc.1040.0357 doi: 10.1287/mnsc.1040.0357
[34]	C. Pascariu, Getting started with vulnerability disclosure and bug bounty programs, Int. J. Inf. Secur. Cyber., 11 (2022), 25–30. https://www.ceeol.com/search/article-detail?id=1096780
[35]	M. Zhao, J. Grossklags, K. Chen, An exploratory study of white hat behaviors in a web vulnerability disclosure program, in Proceedings of the 2014 ACM workshop on security information workers, (2014), 51–58. https://doi.org/10.1145/2663887.2663906
[36]	T. L. Huber, T. A. Fischer, J. Dibbern, R. Hirschheim, A process model of complementarity and substitution of contractual and relational governance in is outsourcing, J. Manage. Inf. Syst., 30 (2013), 81–114. https://doi.org/10.2753/MIS0742-1222300304 doi: 10.2753/MIS0742-1222300304
[37]	J. T. Lind, H. Mehlum, With or without u? the appropriate test for a u-shaped relationship, Oxford Bull. Econ. Stat.*, 72 (2010), 109–118. https://doi.org/10.1111/j.1468-0084.2009.00569.x doi: 10.1111/j.1468-0084.2009.00569.x
[38]	D. Luna, L. Allodi, M. Cremonini, Productivity and patterns of activity in bug bounty programs: Analysis of hackerone and google vulnerability research, in Proceedings of the 14th International Conference on Availability, Reliability and Security, (2019), 1–10. https://doi.org/10.1145/3339252.3341495
[39]	M. Finifter, D. Akhawe, D. A. Wagner, An empirical study of vulnerability rewards programs, in Proceedings of the 22nd USENIX Conference on Security, (2013), 273–288.
[40]	J. Zhou, S. Wang, C. P. Bezemer, Y. Zou, A. E. Hassan, Studying the association between bountysource bounties and the issue-addressing likelihood of github issue reports, IEEE Trans. Software Eng., 47 (2021), 2919–2933. http://doi.org/10.1109/TSE.2020.2974469 doi: 10.1109/TSE.2020.2974469
[41]	D. Votipka, R. Stevens, E. Redmiles, J. Hu, M. Mazurek, Hackers vs. testers: A comparison of software vulnerability discovery processes, in 2018 IEEE Symposium on Security and Privacy (SP), (2018), 374–391. http://doi.org/10.1109/SP.2018.00003
[42]	A. Ahmed, B. Lee, A. V. Deokar, The role of vulnerability disclosure on hacker participation in bug bounty programs, in ICIS 2021 Proceedings, (2021), 14.
[43]	Q. Xiong, Y. Zhu, Z. Zeng, X. Yang, Signal game analysis between software vendors and third-party platforms in collaborative disclosure of network security vulnerabilities, Complexity, 2023 (2023), 1027215. http://doi.org/10.1155/2023/1027215 doi: 10.1155/2023/1027215
[44]	L. Xu, Y. Li, Q. Yao, Information security investment and purchase decision for personalized products, Managerial Decis. Econ., 43 (2022), 2619–2635. https://doi.org/10.1002/mde.3551 doi: 10.1002/mde.3551
[45]	T. Walshe, A. Simpson, Coordinated vulnerability disclosure programme effectiveness: Issues and recommendations, Comput. Secur., 123 (2022), 102936 https://doi.org/10.1016/j.cose.2022.102936 doi: 10.1016/j.cose.2022.102936
[46]	Q. Xiong, S. Lian, Z. Zeng, An empirical analysis of vulnerability information disclosure impact on patch r & d of software vendors, J. Intell. Fuzzy Syst., 44 (2023), 839–853. https://doi.org/10.3233/JIFS-221316 doi: 10.3233/JIFS-221316
[47]	S. Atefi, A. Sivagnanam, A. Ayman, J. Grossklags, A. Laszka, The benefits of vulnerability discovery and bug bounty programs: Case studies of chromium and firefox, in Proceedings of the ACM Web Conference 2023, (2023), 2209–2219. https://doi.org/10.1145/3543507.3583352
[48]	S. A. McCartney, A Framework to Assess Bug-Bounty Platforms Based on Potential Attack Vectors, PhD thesis, Montana State University-Bozeman, College of Engineering, 2022.

This article has been cited by:

Liurong Zhao, Xiaoxi Yu, Xinyu Zhou, Xingwei Li, Regulatory mechanism of vulnerability disclosure behavior considering security crowd-testing: An evolutionary game analysis, 2024, 19, 1932-6203, e0304467, 10.1371/journal.pone.0304467

Reader Comments

Your name:*

Email:*
© 2023 the Author(s), licensee AIMS Press. This is an open access article distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/4.0)