Data Privacy and Security in Autonomous Connected Vehicles in Smart City Environment

Abstract

A self-driving vehicle can navigate autonomously in smart cities without the need for human intervention. The emergence of Autonomous Connected Vehicles (ACVs) poses a substantial threat to public and passenger safety due to the possibility of cyber-attacks, which encompass remote hacking, manipulation of sensor data, and probable disablement or accidents. The sensors collect data to facilitate the network’s recognition of local landmarks, such as trees, curbs, pedestrians, signs, and traffic lights. ACVs gather vast amounts of data, encompassing the exact geographical coordinates of the vehicle, captured images, and signals received from various sensors. To create a fully autonomous system, it is imperative to intelligently integrate several technologies, such as sensors, communication, computation, machine learning (ML), data analytics, and other technologies. The primary issues in ACVs involve data privacy and security when instantaneously exchanging substantial volumes of data. This study investigates related data security and privacy research in ACVs using the Blockchain-enabled Federated Reinforcement Learning (BFRL) framework. This paper provides a literature review examining data security and privacy in ACVs and the BFRL framework that can be used to protect ACVs. This study presents the integration of FRL and Blockchain (BC) in the context of smart cities. Furthermore, the challenges and opportunities for future research on ACVs utilising BFRL frameworks are discussed.

1. Introduction

The advancement of intelligent vehicles has generated significant interest in autonomous driving. Autonomous driving technology is presently in its emerging stages of study. The adoption of ACVs may bring about several promising opportunities, including decreased pollution, minimised energy usage, and reduced traffic congestions [1]. AVs have recently sparked attention in both academic and business fields. Uber, Apple, Google, Aptiv, BMW, Tesla, and Toshiba are among the numerous automakers that have embraced AV technology [2]. However, there are several challenges to ensuring the vehicle and passenger safety. The observation systems of ACVs convert unprocessed sensory data into significant contexts. It is necessary to identify and recognise road agents, such as automobiles, motorcycles, and pedestrians, along with their locations, speeds, and categories. Also, lanes, drivable zones, and traffic signals must be identified and recognised. Ensuring safety requires the accurate detection and identification of potential hazards on the road. ACVs employ a range of sensors, such as LIDAR and cameras.

The primary objective of this study is to review the data security and privacy aspects of ACVs. The adoption of ACVs has increased, and extensive studies on this topic are flourishing in parallel with the development of smart cities. The advent of ACVs poses a significant threat to future data security and mobility, providing hackers with novel avenues to carry out destructive assaults [3]. Integrating federated reinforcement learning (FRL) with BC can protect ACVs from dangerous threats. Although FRL and BC have distinct characteristics, they can be used together to tackle many privacy and security issues related to ACVs. FRL can enhance BC’s design by enhancing its safety, efficiency, and effectiveness. The unchangeability of data and the trust mechanism offered by BC enhance FRL-driven solutions’ transparency, dependability, and comprehensibility. Figure 1 shows ACVs’ basic data privacy and security models in smart city environments (SCEs). The ACVs can gather personal data in many scenarios.

• ACVs can collect and retain data identifying the driver and passengers. These data serve several purposes, such as verifying allowed usage and personalising comfort, safety, and entertainment preferences. With this information, it should be feasible to determine the owners, passengers, and their actions precisely.
• ACVs necessitate collecting and utilising location data to facilitate navigation. These data encompass the journey’s destination, route, speed, and duration. ACVs continue to utilise location to save their current position, offer supplementary trip details such as traffic conditions and points of interest, and let drivers choose alternative routes, such as bypassing toll roads or highways.
• An integrated data collection system that combines travel and location information (including current position, destination, speed, route, date, and time) with additional details about the owner and passenger can offer numerous benefits. For instance, this dataset possesses the capacity to improve safety, optimise traffic flow, and provide valuable information regarding route planning.

Sensors are utilised in autonomous and human vehicles to gather data regarding the surrounding environment and the vehicle’s internal systems. ACVs use a variety of sensors, including thermal imaging devices, radar, cameras, and LIDAR systems, to gather information about their environment. These data, among other functions, allow ACVs to perceive objects, develop anticipations about their environment, and respond accordingly. Moreover, the data produced by sensors could offer significant insights for insurance companies. Insurers can monitor drivers’ activities and adjust premiums accordingly, similar to the current voluntary initiative undertaken by one auto insurance company. Insurance firms can benefit from utilising external (e.g., LIDAR or cameras) and internal (e.g., sensors that track the vehicle’s direction and speed changes) data for accident investigations.

1.1. Objective

This study aims to safeguard the personal data collected by ACVs, including location, travel patterns, and user preferences, from illegal access and misuse; ensure the accuracy and uniformity of data transmitted among vehicles, infrastructure, and central systems; enforce robust authentication and permission protocols to deter unauthorised individuals from accessing or tampering with vehicle systems, infrastructure, or data; and ensure the security of communication channels connecting automobiles, infrastructure, and central systems by implementing measures to prevent eavesdropping, interference, and other cyber assaults. This involves the implementation of secure communication protocols and encryption. Implementing self-driving interconnected vehicles in a smart urban environment can be groundbreaking and reliable, safeguarding user information and ensuring the durability of essential systems.

1.1.1. Main Objective

To ascertain the existing knowledge about data privacy and security in ACVs in SCEs and identify areas such as BFRL that necessitate further research and development.

1.1.2. Problem

There is a lack of review papers specifically targeting ACVs’ data security and privacy aspects in SCEs.

1.1.3. Research Questions

Based on the main objective, the three research questions are formed.

Table 1. Research Questions.

Research Questions	Definition
RQ1	What specific novel contributions have been presented in the past scholarly literature?
RQ2	What procedures guarantee end-to-end data security and privacy among ACVs and smart city infrastructures?
RQ3	What is a knowledge gap in the current literature that might help in better comprehending the data privacy and security problems in ACVs?

represents the list of research questions.

RQ1 provides a novel contribution to current research on ACVs’ data privacy and security, specifically assessing and suggesting contemporary solutions.

RQ2 provides a procedure that ensures data privacy and security among ACVs and smart city infrastructure.

RQ3 examines the current literature’s knowledge gaps to comprehend better data privacy and security problems in ACVs in SCEs.

1.2. Research Gap

Significant research gaps remain in terms of data privacy and security in ACVs in SCEs despite notable developments. There is a significant gap in the absence of standard protocols and procedures to guarantee end-to-end data security and privacy among ACVs and smart city infrastructures.

Table 2. Comparative analysis of the most relevant scholarly articles.

Ref.	Authors and Year	Focused	Technology Used	Used in SCE	Limitations	Novel Contributions
[4]	Aurangzeb et al.	Cybersecurity measures to protect AVs from viral threats.	ML and Artificial Intelligence (AI)	Yes.	Data privacy is not evaluated.	A combined hybrid analyser (CHA) Algorithm is implemented to measure the security of AVs.
[5]	Khan et al.	This work validates real-time micro-mobility data utilising NYC data and implements BC for privacy-aware and secure multi-party computing.	BC	Yes.	Local training on the device and updating the global model.	A simulation model was developed for a portion of New York City’s transportation network, achieving lower delays and overhead.
[6]	Chen et al.	Employ automobiles to establish intelligent urban service networks and capabilities through the vehicle as a service (VaaS).	BC, FL	Yes.	Security and Privacy are not examined in VaaS.	VaaS is defined as developing service networks and capabilities for smart cities.
[7]	Ahmad et al.	Enhanced safeguarding for networked and AVs through the utilisation of pairing and ML.	ML	Yes.	Data privacy is not measured.	Improved the security of AVs.
	PROPOSED	Data privacy and security of AVs are measured in the SCEs.	BFRL	Yes.	No limitation of this study has been found yet.	BC, FL and RL integrated solution.

shows a comparative analysis of the most relevant scholarly articles.

According to Table 2, the author has identified a research gap in the current literature. The author discovered no prior research that uses BFRL to improve ACV security and privacy.

1.3. Contributions

ACVs generate and transmit vast amounts of data to enhance navigation, safety, and efficiency, ensuring robust data security. However, there is a gap in ensuring data security and privacy while transmitting huge amounts of data among ACVs and SCEs. There is a need for comprehensive encryption protocols, secure communication channels, and stringent access controls to safeguard sensitive information from cyber threats. A BFRL algorithm is proposed to mitigate the data security and privacy in ACVs. Furthermore, the review discusses BFRL frameworks challenges and opportunities that are essential for maintaining data privacy and security. This paper reviews the process of building BFRL models for SCEs. The main contributions of this research are as follows:

• To the best of the author’s knowledge, this is one of the earliest review papers that looks at the prospect of integrating BC, FL, and RL for data security and privacy in SCEs.
• This work reviews the BFRL model while considering FRL’s present problems and how BC might help address them.
• The research investigates in-depth architecture to include BFRL in SCEs. Moreover, the most current advancements in BFRL are discussed.
• The opportunities and challenges are discussed.

1.4. Motivation

The motivation for this study stems from the rapid integration of BC, FL, and RL technologies and their profound implications for urban living. ACVs promise enhanced mobility, reduced traffic congestion, and improved safety, but these benefits come with significant privacy and security challenges. As ACVs constantly collect, share, and analyse data to navigate and interact with city infrastructures, the risk of data breaches and cyber-attacks increases, potentially compromising personal information and public safety. Ensuring robust data protection is essential for safeguarding individual privacy and maintaining public trust in these innovative systems. Moreover, a security breach in ACVs could happen as smart cities become more interconnected. Therefore, a comprehensive review of existing data privacy and security measures, identification of vulnerabilities, and development of advanced security frameworks are crucial in the successful and safe deployment of ACVs in smart cities.

1.5. Organisation

The remainder of the paper is organised in the following manner: Section 2 describes the materials and methods. Section 3 describes data security and privacy measures in ACVs using the BFRL framework. Section 4 provides a study of the FRL framework’s performance analysis. Section 5 explains the discussion, and Section 6 concludes the study. Figure 2 represents the organisation of the paper. The list of abbreviations is represented in Abbreviations.

2. Materials and Methods

ACVs are wireless-enabled vehicles capable of communicating and exchanging data with other vehicles, external networks, and infrastructures. The technologies referred to are vehicle-to-infrastructure (V2I), vehicle-to-network (V2N), and vehicle-to-everything (V2X). ACVs would benefit from services integrating communication, infrastructure, and information technology. This integration would enhance autonomous vehicle (AV) security, efficiency, and mobility. An AV is a vehicle capable of operating without a human operator. A Connected AV is a vehicle capable of operating and navigating without human input. It also has advanced communication capabilities to anticipate, collaborate, gather information, and synchronise its actions. More precisely, the ongoing endeavour focuses on significant privacy and data security.

2.1. Literature Review

2.1.1. Search Strategy

The following process is used to find the most relevant papers. Figure 3 represents the search strategy.

I.

Define the scope and objectives.

• The scope is focused on data privacy and security challenges, notably those related to ACVs in smart cities.
• The goal is to identify significant issues, existing solutions, emerging trends, regulatory frameworks, and research needs.

II.

Identify Key Topics and Keywords

The primary topic is to break down and identify relevant keywords for each.

• Keywords include data privacy, security, cybersecurity, information protection, data breaches, encryption, and anonymisation.
• Keywords for ACVs include self-driving vehicles, connected vehicles, vehicle-to-everything (V2X), vehicle communication, and telematics.
• Smart city environment keywords include smart cities, urban mobility, IoT in smart cities, smart infrastructure, and smart transportation systems.

III.

Select Databases and Sources

• Academic databases include IEEE Xplore, ACM Digital Library, Springer, ScienceDirect, and Google Scholar.
• Sources include websites, thesis, and patents.

IV.

Conduct the search:

• Boolean operators: The author combines the terms using AND, OR, and NOT operators to filter search results. The author obtained 146,000 research papers by using the search term “data privacy AND Data security AND autonomous vehicles AND smart cities”.
• Apply filters:

  a.

  Limit search results to the past 10 years; the author obtained 19,600 documents.

  b.

  Limit search results to peer-reviewed articles and reviews. The author obtained 1098 documents.

  c.

  Use advanced search features such as database-specific features like citation search, subject-specific filters, and full-text search resources. The author chose the most suitable 101 articles.

V.

Review and select the relevant literature.

• Abstract Screening: The author quickly reviews abstracts for relevance and reviews selected papers in-depth.
• Citation Tracking: The author follows citations in significant works to find more related literature.

2.1.2. Inclusion and Exclusion Criteria

Primary studies are selected using a range of inclusion and exclusion criteria. These criteria determine whether to include or exclude an article. The inclusion criteria are studies published from 2014 to 2024 in peer-reviewed journals, conference papers, and authoritative reports focusing on data privacy and security challenges, solutions, and frameworks specific to ACVs. Studies must discuss the impact of smart city infrastructure on ACV data privacy and security, including technical, regulatory, and ethical considerations. Studies should employ empirical research methods, such as case studies, experiments, or surveys, and be published in English. Exclusion criteria encompass studies that do not specifically address ACVs or smart city contexts, theoretical papers without empirical data, articles published in non-peer-reviewed sources, studies focusing solely on traditional vehicles or unrelated technologies, dissertations, unrelated studies, articles written in languages other than English and books. Moreover, studies that do not address privacy or security in ACVs are excluded to maintain the review’s relevance and focus. A total of 282 papers were discovered during the initial search. Overall, 164 documents were identified based on the specified inclusion and exclusion criteria. Subsequently, three identical documents were eliminated, and 161 pertinent documents were chosen. Once again, we conducted an analysis and picked the most pertinent 101 documents for this review study.

2.1.3. Summarize the Relevant Literature

In 2014, Elmaghraby and Losavio highlighted the importance of cybersecurity in smart cities, emphasising its potential impact on privacy, safety, and security [8]. In 2015, a study was conducted by Othmane et al. on the privacy and security aspects of networked autos [9]. In 2017, Zhang et al. explored a potential application of smart cities to address privacy and security concerns [10]. In 2018, Sathyan Rayanan et al. worked on implementing a cutting-edge vehicle security system that utilises the Internet of Things [11]. Braun et al. (2018) assert that smart cities face substantial challenges in terms of privacy and security [12]. Lim and Taeihagh et al. (2018) conducted a comprehensive study on the strategies communities can adopt to address AVs’ cybersecurity and privacy concerns [13]. Farahat et al. (2019) have highlighted the many difficulties the smart city information security field encounters [14].

Yaqoob et al. analysed the current status of AVs in smart cities in 2019, focusing on their characteristics and the obstacles they face [15]. In 2020, Seuwou et al. predicted that implementing networks and AVs would significantly impact the transportation infrastructure of smart cities [16]. Curran and Woodrow (2020) evaluated the potential risks that smart city drivers may pose to public safety [17]. Fang et al. (2020) developed a data collection strategy for smart cities, emphasising trust’s importance [18]. The research conducted by De La et al. in 2020 centred on the progress and anticipated improvements in the security of driverless vehicles [19]. In 2020, Paiva et al. emphasise the privacy and security challenges in smart and sustainable mobility [20]. In 2021, Balachander and Venkatesan presented an autonomous vehicle that emphasised safety using intelligent urban planning and the IoT [21]. Janeera et al. (2021) argued that advancements in AI and the IoT have opened possibilities for developing secure self-driving vehicles that can be effectively used in smart cities [22]. Figure 4 represents the papers selected year-wise from 2014–2024.

Wang et al. (2022) provide a comprehensive analysis of the safety considerations and possible preparations associated with creating eco-friendly urban environments, using autonomous and networked vehicles as a focal point of their study [23]. In 2022, Sharma et al. studied the potential advantages of collaborative learning for improving the security and privacy of V2X communications [24]. Fabrègue and Bogoni, in the year 2023, studied how smart cities face significant challenges when it comes to ensuring privacy and security [25]. The study conducted by Alam et al. in 2024 presents a method called B-FRL that utilises BC to safeguard privacy in the IoT [26]. Elassy et al. (2024) present sustainable and intelligent urban transit systems [27]. In the study conducted by Gheisari et al. in 2024, a CAPPAD system utilising cutting-edge technologies such as software-defined networking, differential privacy, and data aggregation to ensure the utmost privacy and security in AVs [28] was presented. In 2024, Syamal et al. developed a cutting-edge traffic control system that harnesses the power of cloud computing and deep learning [29]. Pali et al. (2024) present autonomous vehicle security, current survey and future research challenges [30]. In 2024, Gupta and Alam were presented an efficient intrusion detection system utilises FL, LS²DNN, and PBKA to ensure privacy in cloud-based environments [31]. In 2024, Yadav and Alhabib thoroughly analysed AVs’ data permission and verification techniques [32]. Ramalakshmi et al. raise a significant concern regarding the implications for self-driving vehicles and AI [33]. Khattak (2024) highlights the importance of cooperative driving automation in improving smart cities’ energy efficiency and traffic stability by addressing cybersecurity vulnerabilities [34]. Asaju has uncovered that the primary objective of cybersecurity is to guarantee the highest level of data security in smart city ecosystems, communication networks, and onboard systems [35]. Ujjain and Ansari had the foresight to integrate advanced technology to tackle the complex security issues associated with efficient transportation [36]. Ullah et al. (2024) employ ML and the Internet of Things to convert cities into smart communities, promoting a data-centric environment [37]. In 2024, Kong et al. introduce the concept of 6G networks based on the fundamental ideas of smart cities and mobility. These networks use sophisticated ML algorithms to assess and improve cybersecurity measures and facilitate smooth vehicle communication [38]. In 2024, Xiong et al. analysed the prospects and viewpoints on privacy-preserving learning outsourcing for ACVs [39].

Table 3. Literature Reviews.

Reference	Authors	Year	Focus Areas	Key Contributions
[8]	Elmaghraby and Losavio	2014	Privacy, Security, Smart Cities	Cybersecurity is a significant concern in smart cities, impacting privacy, safety, and security.
[9]	Othmane et al.	2015	Security, Privacy, AVs	A review of the safety and confidentiality of connected vehicles.
[10]	Zhang et al.	2017	Security, Privacy, AVs, Smart Cities	Potential applications of smart cities include addressing concerns related to privacy and security, as well as exploring possible solutions to these issues.
[11]	Sathiyanarayanan et al.	2018	Security, Privacy, AVs, IoT	Intelligent automobile security system utilising the IoT.
[12]	Braun et al.	2018	Security, Privacy	Smart cities encounter privacy and security obstacles.
[13]	Lim and Taeihagh	2018	Security, Privacy, AVs, Smart Cities	An extensive examination of how intelligent and environmentally friendly communities could tackle the privacy and cybersecurity challenges presented by AVs.
[14]	Farahat et al.	2019	Security, Smart Cities	Obstacles are faced in ensuring the security of information in smart cities.
[15]	Yaqoob et al.	2019	Security, AVs, Smart Cities	Current progress, requirements, and obstacles of AVs in intelligent urban areas.
[16]	Seuwou et al.	2020	AVs, Smart Cities	Self-driving and connected vehicles will be crucial in shaping future transportation inside smart cities.
[17]	Woodrow and Curran.	2020	Security, Privacy, AVs, Smart Cities	A security risk assessment of robotic vehicles in smart cities.
[18]	Fang et al.	2020	Trust, Smart Cities	Implementing a trust-based methodology for gathering data in smart cities.
[19]	De La et al.	2020	Security, Privacy, AVs	Issues regarding the security of AVs: current research findings and future advancements.
[20]	Paiva et al.	2020	Security, Privacy, AVs	Issues about privacy and security in sustainable and intelligent transportation systems.
[21]	Balachander and Venkatesan	2021	Security, IoT, AVs, Smart Cities	This self-driving vehicle prioritises safety by incorporating the IoT and intelligent urban planning.
[22]	Janeera et al.	2021	AI, IoT, AVs, Smart Cities	The progress in AI and the Internet of Things is enabling the development of secure self-driving vehicles for intelligent urban areas.
[23]	Wang et al.	2022	Security, Privacy, AVs, Smart Cities	A comprehensive analysis of safety issues and possible remedies in sustainable urban areas, focusing on utilising interconnected and self-driving vehicles.
[24]	Sharma et al.	2022	Security, Privacy, AVs, Smart Cities	How might collaborative learning enhance cybersecurity in V2X communication about privacy and security?
[25]	Fabrègue and Bogoni.	2023	Security, Privacy, Smart Cities	Smart cities encounter security and privacy obstacles.
[26]	Alam et al.	2024	Privacy, IoT, Smart Cities, BFRL	A model for preserving privacy on the IoT utilising BT.
[27]	Elassy et al.	2024	Security, Smart Cities	Smart and eco-friendly transit systems for urban areas.
[28]	Gheisari et al.	2024	Security, Privacy, AVs	CAPPAD is a technology that combines data aggregation, software-defined networking, and differential privacy to safeguard privacy in self-driving automobiles.
[29]	Syamal et al.	2024	Traffic Management, AVs, Smart Cities	A traffic management system utilising cloud computing and deep learning algorithms to enable autonomous driving in smart cities.
[30]	Pali et al.	2024	Security, AVs	An inquiry is being conducted to examine the prospects of research and the level of security for AVs.
[31]	Gupta and Alam	2024	Security, Privacy, AVs, Cloud Computing	An effective intrusion detection system uses FL, LS2DNN, and PBKA to ensure lightweight privacy protection in cloud-based environments.
[32]	Alhabib and Yadav	2024	Security, Privacy, AVs	An in-depth analysis of data authorisation and verification in self-driving vehicles.
[33]	Ramalakshmi et al.	2024	Security, Privacy, AVs, AI	Privacy and security concerns related to AI in AVs.
[34]	Khattak	2024	Security, Privacy, AVs, Smart Cities	The paper focuses on cooperative driving automation’s susceptibility to cyber threats and its ability to withstand and recover from such attacks. The study examines how these vulnerabilities impact energy efficiency and smooth traffic flow in smart cities.
[35]	Asaju	2024	Security, Privacy, AVs, Smart Cities	Cybersecurity frameworks for AVs aim to safeguard onboard systems, communication networks, and data privacy in SCEs.
[36]	Ansari and Ujjan	2024	Security, Privacy, AVs, Smart Cities	Addressing Security Challenges and Complexities in Smart Logistics through Implementing Intelligent Technologies.
[37]	Ullah et al.	2024	Security, Privacy, IoT, Smart Cities	Transforming cities into “smart” communities by leveraging the Internet of Things and ML to establish data-centric environments.
[38]	Kong et al.	2024	Security, Privacy, AVs, Smart Cities	Smart cities and mobility form the basis of 6G networks, enabling vehicle-to-vehicle communication and applying ML models for cybersecurity analysis.
[39]	Xiong et al.	2024	Privacy, AVs	Challenges, potential solutions, and perspectives on privacy-preserving learning outsourcing for ACVs.

represents the literature review contributions.

2.1.4. Current Challenges in Data Privacy and Security for ACVs

People are worried about the privacy risks associated with data collection in autonomous driving systems. When combined with other forms of personal data, location data can provide significant insights into an individual’s characteristics, such as their financial status, employment situation, sexual orientation, and religious affiliations. Connected automobiles are vulnerable to significant cybersecurity vulnerabilities, particularly remote hacking and data privacy problems. Remote hacking aims to gain illicit entry into the vehicle’s systems. They can directly or exert influence over critical functions like braking and steering. Self-driving automobiles face the challenge of establishing public trust while ensuring high safety. Cybercriminals can gain control of a vehicle’s engine, brakes, and steering, endangering the lives of passengers and other motorists. This poses a greater risk than just the vehicle.

2.1.5. Existing Solutions

Dorri et al. (2017) devised a distributed method to safeguard passengers’ personal information during driving [40]. In 2022, Sachdeva et al. employed BC to enhance the confidentiality and integrity of the UAV network [41]. In 2021, Dargahi et al. published an article [42] and discussed the integration of blockchain technology with ACVs, focusing on the vision and challenges associated with this integration.. In 2023, Bendiab et al. introduced a method that combined BC and AI [43]. In 2020, Nair et al. introduced a BC system that uses deep learning to safeguard the privacy of futuristics automobiles [44]. In 2019, Rathee was presented with a BC framework designed to enhance the security of interconnected and self-driving vehicles [45]. In 2022, Ebrahim et al. surveyed BC and its potential application in smart environments for enhancing privacy and security [46]. Using BC, Koduri has created a method of ensuring secure vehicle communication [47]. Smys found that incorporating a BC-based architectural framework could enhance the security of smart vehicles [48].

2.2. Identification of Key Components of the Framework

By incorporating cutting-edge technologies, ACVs are revolutionising SCEs and establishing urban transportation networks that are safer, more effective, and more sustainable. The ACVs can navigate complicated urban environments using real-time data from interconnected networks, AI, and ML. ACVs work with urban infrastructure, such as sensor-embedded roadways and smart traffic lights in smart cities, to maximise accident prevention, optimisation, and reduced traffic flow and congestion. Additionally, by enabling smoother driving patterns, decreasing idle times, and facilitating the use of electric vehicles, the deployment of ACVs adds to environmental sustainability. In addition to increasing the effectiveness of travel, this invention also raises living standards by encouraging privacy, security, lowering noise pollution, and guaranteeing that all locals have fair access to mobility solutions. Figure 5 shows the levels in the proposed architecture.

The following key components for data privacy and security in ACVs using BFRL in SCEs have been identified.

I.

FL

II.

RL

III.

BC

IV.

FRL

V.

SCE

FL, sometimes called collaborative learning, is a specialised branch of ML that specifically deals with situations where multiple entities collaborate to train a model while maintaining decentralised data. FL is a privacy-preserving technology used to train AI models which prevents unauthorised access or alteration of your data. Data supports the development of novel AI applications. RL is an ML technique that allows systems to learn how to make decisions that optimise desirable outcomes. The system employs an iterative learning methodology to achieve its objectives. In addition, malicious entities could take advantage of the limitations of RL, exposing it to privacy issues. Several research works have focused on addressing concerns related to privacy and security in the context of reinforcement learning.

2.2.1. FL

FL is a process where multiple remote servers or devices, each with its unique collection of local data samples, work together to train algorithms [49]. FL effectively safeguards user privacy and complies with data localisation regulations by enabling the utilisation of multiple data sources instead of relying on centralised data. FL facilitates the collaboration of diverse devices and systems to generate a cohesive learning experience. This enhances models’ robustness and data privacy without revealing sensitive information or necessitating centralisation. FL is an advanced approach to building ML models that highly emphasises maintaining data privacy [50]. In the context of FL, a central server provides an initial model for the devices. The devices then independently update the model using their own local data [51]. These devices transmit updated models to the central server, enabling it to generate and enhance the model. This iteration will persist until the model achieves the requisite level of precision. This iterative technique enables the model to consistently enhance its performance over time by assimilating knowledge from a wide range of data points, improving accuracy and dependability without compromising data privacy. Unlike traditional centralised ML, FL does not necessitate consolidating all data in a single location. Instead, it facilitates training models using several datasets while ensuring data privacy and minimising the requirement for extensive data transfer.

The working process in FL is as follows. (1) During the initial phase of setting up a client-server learning system, the coordinator creates the initial model and shares it with all participants [52]. Later arrivals will receive the latest global model [53]. (2) The datasets provided by each participant are utilised to train a localised model. (3) The central coordinator receives updates to the parameters. (4) The coordinator employs specific aggregating methods to include model updates. (5) Linked participants receive the combined model.

FL ensures adherence to privacy regulations and mitigates the potential for data breaches by utilising a larger and more varied dataset. Additionally, it facilitates the construction of more robust models, a task that can be challenging inside a centralised framework. The following are the advantages of FL.

• Improved user data privacy: When users use FL, their data will be saved on their devices [54]. This measure avoids unauthorised access to sensitive information [55], empowers customers to make informed decisions regarding their data, and reduces the likelihood of data breaches.
• Compliance with data security standards: FL facilitates compliance with data protection standards, such as the General Data Protection Regulation (GDPR), by circumventing data centralisation. Given the intricate nature and the risks associated with transferring data between different countries, this is of utmost importance for international businesses.
• Enhanced model precision and diversity: FL simplifies the creation of robust models that may be generalised to different datasets by aggregating data from numerous sources [56]. By including variations found in real-world data, the generalisability and robustness of machine learning models are enhanced. In addition, federated ML enhances the fairness and inclusivity of ML systems by allowing the integration of under-represented data categories.
• Optimised utilisation of available bandwidth: FL is beneficial in situations when data transmission costs are exorbitant or bandwidth is restricted, as it reduces or eliminates the necessity for extensive data transfers between clients and servers. FL prioritises optimising network utilisation in businesses with limited network resources.
• Enhanced scalability: FL has excellent scalability as it can be implemented in various networks and devices, such as smartphones and Internet of Things solutions [57,58].

The following are the limitations of FL.

• Data heterogeneity: FL frequently results in non-IID (independent and identically distributed) and imbalanced datasets. This occurs because the data are spread across multiple devices. Training and running models can be quite challenging because of the wide range of variables involved. Creating models that perform well across multiple devices can also be even more complex. One can utilise techniques like enhanced data sampling and personalised model training to address this issue. These methods improve uniformity in model performance and training across different datasets.
• Communication costs: Executing iterative updates and model combinations across multiple devices demands a substantial level of communication capacity. When network resources are scarce, it can lead to a bottleneck. Nevertheless, improving the communication protocol can help alleviate some of the challenges. This can be accomplished by implementing model compression techniques or decreasing the frequency of model updates.
• Limited computational capacity: Devices used in FL, like smartphones or IoT sensors [59], may have limited computational capacity, which can reduce the efficiency and speed of model training and updating. This challenge can be addressed by incorporating adaptive algorithms that consider each device’s processing capability, enhancing efficiency and effectiveness in model training.
• Expertise in complex cybersecurity threats: While FL aims to prioritise data privacy [60,61], there are still lingering concerns about privacy. Advanced attacks, like differential or model inversion, can expose important information. To address this concern, it is recommended that differential privacy and advanced encryption techniques be utilised to strengthen data security and reduce the risk of privacy breaches.
• Large-scale FL systems require reliable infrastructure and efficient algorithms to tackle the challenges of remote model training. However, these challenges can be addressed more effectively by employing scalable and efficient machine-learning techniques and innovative cloud-based infrastructures [62,63].
• Ensuring the safety of data: The performance and learning capabilities of the federated ML model may be impacted by variations in the quantity and quality of data across different ACVs [64,65]. By utilising advanced methods like data augmentation and synthetic data generation, it is possible to improve the amount and quality of training data. As a result, this leads to the creation of more accurate and dependable models.

2.2.2. RL

RL is a computational technique that allows agents to learn how to achieve a specific objective by interacting with a dynamic environment. During the training process, the learning algorithm adjusts the policy parameters of the agent. To optimise the long-term benefit of the activity, the learning algorithm chooses the most optimal plan of action. RL investigates the cognitive process by which humans make decisions. The process involves selecting the most favourable path of action to maximise rewards. RL comprises the following three primary elements: the agent, the environment, and the agent’s actions. The agent is a smart agent that can learn. An agent acquires knowledge about its environment through active engagement and receives rewards for its actions. Using human feedback to train RL systems raises privacy concerns. Collection of personal information, such as health records or biometric data, may be necessary to evaluate and obtain human input. In addition, RL has been susceptible to privacy threats, as hackers may exploit its flaws. RL has numerous uses, including the development of ACVs. ACVs exemplify the most persuasive instances of RL in practice. This technology enhances the reliability and safety of ACVs by aiding them in comprehending and manoeuvring through challenging circumstances. RL could be utilised in the following scenarios.

• Improved customised suggestions: A significant utilisation of RL is enhancing personalised recommendation systems. In addition, organisations like Amazon and Netflix have enhanced user experience and satisfaction by utilising successful RL applications to optimise customer suggestions.
• Advancing in the development of ACVs: RL is also widely applied in advancing ACVs. RL enhances the reliability and safety of ACVs by aiding them in comprehending and manoeuvring through challenging circumstances.
• Enhances the efficiency of energy usage: A significant use of RL in the context of sustainability involves optimising energy usage in large structures. This leads to cost reduction and contributes to environmental conservation.
• Reconceptualising the entirety of healthcare: The healthcare business provides various examples of how learning may be utilised to customise patient treatment regimens. This yields additional advantages, such as enhanced health results and more efficient use of healthcare resources.
• The retail industry enhances supply chain management and logistics by employing RL, which modifies retail logistics. Consequently, the management of inventories is enhanced, leading to a reduction in operational expenses.
• Diversifying techniques for trading financial instruments: Subsequently, the financial sector saw a substantial metamorphosis due to implementing RL to develop intricate trading strategies. This facilitates more effective risk mitigation and enhances the probability of achieving investment gains.
• Enhancing operational efficiency: RL was employed to optimise manufacturing processes, improving production efficiency and decreasing waste.
• Progress in robotics: RL in robotics enables the automation of novel tasks by enabling robots to learn and adjust without significant human involvement.
• Enhancing AI performance in video games: the game industry has improved the user experience by utilising RL to create AI opponents that are both more realistic and formidable.
• Advocating for implementing intelligent electricity distribution networks: reinforced learning has improved energy smart grid management by optimising resource allocation and utilisation.

2.2.3. BC

BC, being a decentralised record-keeping system that utilises agreement processes and cryptographic hashes, offers enhanced security [66]. Individuals can possess and manage their data using private and public keys through BC transactions. Unauthorised access or use of the information by any other party is strictly prohibited. When private information is stored on the BC, the owners possess the authority to determine the individuals who can access it and the specific time at which they can do so. BC enables the establishment of a fully encrypted and uninterrupted record, which assists in deterring fraud and illicit activities. The decentralised, transparent, and immutable characteristics of BC enhance cybersecurity. Ensuring the absence of vulnerable elements guarantees accessibility, robust encryption safeguards secrecy, and unchangeability upholds data integrity. BC’s decentralised and transparent nature enhances data privacy. Data is safeguarded using cryptographic methods, ensuring it remains unchangeable, anonymous, and under strict supervision. Consequently, reliance on centralised entities is reduced, while privacy is strengthened. BC is the optimal approach for securely storing and distributing data. Data about a digital transaction that has been logged onto an unalterable ledger is promptly accessible and fully transparent. Access to these immutable ledgers is restricted to network users with proper authorisation and credentials. The data stored in the BC is highly secure and impervious to unauthorised access due to its encryption. Access to the data is restricted to individuals without the appropriate authorisations. Despite encryption, BC transactions remain transparent. To ensure the security of the BC, it is imperative to maintain a highly secure private key. Private keys can be safeguarded against unauthorised access using hardware wallets, multi-signature wallets, or secure key storage. BC utilises pseudonymity, selective disclosure, and encryption to provide privacy while upholding the necessary amount of transparency to foster public confidence. The equilibrium is upheld by implementing pseudonymous transactions on public BCs and enforcing more stringent privacy protocols on private BCs. BC employs distributed ledger technology to ensure the integrity and immutability of data. It greatly simplifies the process of securely transmitting and storing crucial vehicle data. ACVs can use BC to store, retrieve, and exchange data collected from sensors and operations. Utilising BC can potentially enhance ACVs’ privacy and security aspects.

• Decentralised data storage is facilitated by BC, which effectively mitigates the potential for data breaches and the existence of vulnerable single points of failure. This guarantees that information on self-driving vehicles is safely stored across a decentralised network.
• Immutable records: The BC’s unchangeable ledger guarantees that all data transactions are permanent and resistant to tampering. Ensuring the integrity of vehicle logs, sensor data, and incident recordings is paramount.
• BC employs cryptographic methods to encrypt sensitive data, restricting access solely to authorised individuals, thus bolstering data privacy for vehicle owners and passengers.
• BC enables secure communication between ACVs and infrastructure (V2X), guaranteeing message authentication and integrity. This is crucial for ensuring safe navigation and efficient traffic management.
• Smart contracts are computer programs running on a BC that may automatically execute and enforce agreements between several parties. They eliminate the need for third party and reduce the chances of fraud while increasing transparency. The agreements that can be automated using smart contracts include maintenance schedules and insurance claims.
• BC can establish a secure and reliable identity management system for ACVs. This system ensures that only verified organisations, such as vehicles, manufacturers, and service providers, can access and exchange data, prohibiting unauthorised access.
• BC empowers vehicle owners to exercise authority over their data by enabling them to grant or withdraw access permissions. This guarantees that data is only exchanged with reliable entities and for specific intentions.
• Incident reporting and liability: BC can offer a clear and unalterable account of incidents in case of accidents, facilitating the determination of responsibility and simplifying the process of making insurance claims.
• Software Updates: BC can guarantee the secure dissemination of software updates to self-driving vehicles, validating the genuineness of upgrades and thwarting the installation of harmful software.
• BC can improve the security and transparency of the supply chain for ACVs. It ensures that the components and software used in these vehicles are sourced from reliable and trustworthy sources and have not been altered or tampered with.

2.2.4. FRL

Recently, RL has demonstrated superior effectiveness compared to humans across various fields of study. Action selection is the cognitive process in which an intelligent agent perceives its environment, whether it is a simulated or real world. It uses RL techniques to maximise the total future reward it can obtain. RL is a methodology that focuses on enhancing the accuracy of models by employing agents, while FL is a framework designed to distribute models. FRL is a recently introduced capability in edge computing systems that specifically tackles the difficulties associated with making sequential decisions. The system combines the use of FL and RL. FRL ensures privacy by enabling collaborative training across several ACVs without compromising the integrity of the original data. Unlike classic FL techniques, FRL considers the variability of data caused by agent actions and environmental oscillations and the complexity resulting from non-stationary environmental feedback. Incorporating model-based RL into the FL framework and utilising joint knowledge distillation is an innovative approach for enhancing the performance of FRL. This technique allows for creating client-specific ensembles of dynamics models and the subsequent training of policies using just these ensembles. This technique consistently enhances sample collection efficiency and guarantees consistent improvement in continuous control benchmarks conducted under edge computing settings.

2.2.5. SCE

Smart cities are huge urban areas that integrate advanced technology and data analysis to enhance sustainability, optimise resource utilisation, and enhance the quality of life for residents. A smart city leverages digital technology to optimise and enhance existing networks and services, benefiting residents and companies. The development of smart city ACVs is driven by advancements in networking, sensors and AI. Advanced technologies like 5G networks, accurate navigation, and real-time data are facilitating the development of improved, safer, and more ecologically conscious transportation methods in urban areas. Autonomous automobiles, lorries, and buses are types of intelligent vehicles that can be seamlessly connected to important data, resulting in decreased traffic congestion and enhanced road safety. Contemporary ACVs have a significant capacity for reducing emissions due to their highly efficient and state-of-the-art electric engines. Electric vehicles have a lower lifetime emission rate than conventional vehicles that run on internal combustion engines fuelled by fossil fuels. Intelligent Transport Systems gather data from various sources to facilitate various applications. The sources encompass networked video cameras, automated data-detecting and collecting tags, and radio frequency identification tags. Ensuring the confidentiality of obtained data is crucial for intelligent vehicular networks. This paves the path for data centres to implement analytics solutions that effectively safeguard users’ personal information. Utilising such data for any purpose beyond that context constitutes a privacy breach.

2.3. System Architecture Design

The BFRL architecture for ACVs in smart cities offers a robust solution to data privacy and security challenges. BFRL integrates BC’s decentralised, immutable nature with the collaborative, privacy-preserving aspects of FL and the adaptive decision-making capabilities of RL. Each vehicle trains its local model on pre-processed data in this architecture and shares only the model updates via a secure BC network, ensuring data integrity and confidentiality. An aggregation server collects these updates, forms a global model, and disseminates it to the vehicles, enabling continuous collective learning without exposing individual information. This approach not only enhances the security and privacy of data but also fosters efficient and scalable learning, leading to improved performance and adaptability of ACVs in SCEs. BC can add the following features to the BFRL framework. (1) Decentralisation: The requirement for a central authority to distribute data throughout a network of nodes is eliminated due to this approach. (2) Immutability: it is practically impossible to change the transactions that have been recorded, which ensures the integrity of the data. (3) Transparency and security: this increases confidence level among participants by providing transparent and secure transaction records.

FL adds the following features to the BFRL framework. (1) Data privacy: this allows many entities to train an ML model together without having to share their local data during the training process. (2) Local training: Locally, each vehicle trains the model on its own data and only updates to the model are shared with other vehicles. (3) Aggregation server: this updates the global model by collecting model updates from all participants and aggregating and publishing those updates.

RL adds the following features to the BFRL framework. (1) Adaptive learning: RL agents acquire optimal policies through interactions with their surroundings, which enhances their ability to make decisions in dynamic and complex situations. (2) Reward system: this encourages learning by rewarding activities that are desirable and penalising actions that are not desirable. Figure 6 represents the BFRL model architecture.

2.4. Data Collection and Preprocessing

ACVs are constantly gathering information from various sensors and communication interfaces. The data are pre-processed locally to extract features pertinent to the model’s training. Data pretreatment refers to the various processing techniques applied to raw data to prepare them for the subsequent step of data processing. Gathering pertinent data is the initial and pivotal step in developing a machine learning model. The accuracy of predictions generated by ML algorithms is limited by the quality of the training data. The following possible problems may arise while collecting data: (1) Inaccurate information. The information collected may be entirely unrelated to the problem statement. (2) Non-existent data: There may be a deficiency in certain sub-data. This may appear as empty columns or absent visuals for a certain sort of prediction. (3) Imbalance in data distribution: The quantity of interconnected samples may be abnormally large or small for certain datasets. Consequently, they may discover that they are not well reflected in the outcome. (4) Deformed results: If the data, respondents, and labels are chosen in a specific way, the model may continue to uphold biases related to gender, political affiliation, age, or area, among other factors. Identifying and mitigating bias in data is a challenging task.

Raw data and photographs obtained directly from the real world may be untrustworthy, as they may lack important information and unique patterns or trends. There is a high probability that they will include a significant error. Before being collected, the data are pre-processed into a format that is comprehensible to the ML algorithm of the model. Typically, ML systems have methods and application programming interfaces (APIs) for addressing data imbalance and imputation of missing data. Common methods for filling in missing values in the provided field include k-nearest neighbours (k-NNs), standard deviation, median, and mean. Data integration refers to the process of combining and consolidating data from several sources into a unified and coherent format. Data standardisation refers to the process of establishing and implementing consistent and uniform formats, structures, and definitions for data throughout an organisation or system. The dataset’s size directly impacts each iteration’s processing and memory demands.

2.5. Implementation of BFRL Framework

2.5.1. Challenges and Opportunities of Components of BFRL Framework

Table 4. Challenges and Opportunities of Components of the BFRL Framework.

Component	Description	Technologies/Methods	Opportunities	Challenges
FRL	ACVs collaboratively learn without sharing raw data.	FL, RL	Preserves data privacy and reduces communication overhead.	Requires robust coordination among vehicles, handling non-IID data distribution.
BC Network	Decentralised ledger for secure and transparent data transactions.	BC, Smart Contracts	Ensures data integrity, transparency, and security.	Scalability, high computational and storage requirements.
Privacy-Preserving Techniques	Methods to protect data privacy during the learning process.	Differential Privacy, Homomorphic Encryption	Ensures individual data privacy and secure aggregation of model parameters.	Computationally intensive, potential accuracy trade-offs.
Data Collection	Local data collected by each vehicle (e.g., sensor data, traffic conditions).	Sensor Networks, V2X Communication	Provides rich, real-time data for model training.	Ensuring data quality and reliability, managing large volumes of data.
Local Model Training	Training models locally on collected data with privacy-preserving mechanisms.	Local RL, Differential Privacy	Preserves privacy, enables personalized learning.	Limited local data may lead to suboptimal models, requires regular updates.
Model Parameter Sharing	Secure sharing of encrypted model parameters through the blockchain network.	Homomorphic Encryption, Blockchain Transactions	Ensures secure and verifiable model updates.	Handling encryption/decryption overhead, ensuring timely updates.
Secure Aggregation	Aggregating encrypted model parameters securely on the blockchain.	Homomorphic Encryption, Secure Multi-Party Computation (SMPC)	Ensures privacy-preserving aggregation.	High computational complexity, synchronisation among vehicles.
Global Model Update	Updating the global model based on aggregated parameters and distributing it to all vehicles.	BC Smart Contracts, Consensus Mechanisms	Ensures consistent and secure global model updates.	Ensuring timely updates, managing potential conflicts in model updates.
Model Deployment	Distributing and deploying the updated global model to all vehicles.	BC Network, Secure Model Distribution Protocols	Ensures all vehicles have the latest model, enhancing overall performance.	Ensuring secure and reliable distribution, managing version control.
Continuous Learning	The iterative process of local training, secure sharing, aggregation, and global model updates.	FL Frameworks, BC Automation	Enables adaptation to new data and dynamic conditions.	Maintaining system stability and performance over time, handling concept drift.
Security Mechanisms	Ensuring the security of data and model updates through various mechanisms.	BC Consensus, Encryption, Secure Communication Protocols	Protects against attacks and ensures data integrity.	Handling potential security breaches by managing cryptographic keys and certificates.
Privacy Considerations	Ensuring the privacy of individual vehicle data throughout the learning process [67,68].	Differential Privacy, Homomorphic Encryption	Protects individual privacy and complies with data protection regulations.	Balancing privacy with model performance, managing privacy budgets.
Scalability	Ensuring the system can handle a growing number of vehicles and data volumes.	Scalable BC Solutions, Efficient Learning Algorithms	Supports large-scale deployment in smart cities.	Handling network latency and bandwidth constraints, ensuring efficient resource utilisation.
Interoperability	Ensure that the system works with different vehicle manufacturers and smart city infrastructures.	Standardised Protocols, Interoperable BC Solutions	Facilitates collaboration and integration with diverse systems.	Ensuring compliance with standards and managing compatibility issues.

represents the challenges and opportunities of BFRL components in terms of data privacy and the security of ACVs.

2.5.2. Develop the BFRL Algorithm

Developing an algorithm for safeguarding data privacy and security in ACVs in smart cities utilising BFRL entails the integration of multiple sophisticated technologies to guarantee the integrity and confidentiality of data and facilitate collaborative learning. ACVs acquire knowledge collectively by utilising shared data without transmitting the original data to a central server, hence safeguarding data confidentiality. The decentralised ledger guarantees data integrity, transparency, and security by securely recording all transactions and updates. Methods such as differential privacy and homomorphic encryption guarantee data privacy protection while learning. The stepwise algorithm is presented as follows:

Step 1:

Initialisation

• Define the environment and agents.

  I.

  Each ACV acts as an agent in the FRL framework.

  II.

  Define each agent’s state space, action space, and reward function.

• Initialize BC Network

  I.

  Deploy a BC network with nodes representing ACVs and other stakeholders (e.g., traffic management systems).

  II.

  Define smart contracts for secure transactions and data sharing.

Step 2:

Local Training

• Data Collection:

  I.

  Each ACV collects local data (e.g., sensor data, traffic conditions, etc.).

• Local Model Training:

  I.

  Each ACV trains its local model using RL on the collected data.

  II.

  Implement differential privacy to ensure data privacy during training.

  III.

  Update local model parameters.

Step 3:

Secure Aggregation using BC.

• Model Parameter Sharing

  I.

  ACVs share encrypted model parameters with the BC network.

  II.

  Use homomorphic encryption to ensure privacy-preserving aggregation.

• BC Transactions

  I.

  Record the shared model parameters on the BC using smart contracts.

  II.

  Ensure that all transactions are verified and appended to the BC.

Step 4:

Global Model Update

• Secure Aggregation:

  I.

  Perform secure aggregation of the encrypted model parameters using the homomorphic encryption scheme.

  II.

  Update the global model based on the aggregated parameters.

• Smart Contract Execution:

  I.

  Use smart contracts to automate the update and distribution of the global model to all ACVs.

Step 5:

Model Deployment

• Distribute Global Model:

  I.

  Distribute the updated global model to all vehicles through the BC network.

  II.

  Ensure the integrity and authenticity of the model using BC verification mechanisms.

• Local Model Update

  I.

  Each ACV updates its local model with the new global model parameters.

Step 6:

Continuous Learning and Adaptation

• Iterate

  I.

  Repeat Steps 2–5 continuously to ensure the model adapts to new data and changing conditions.

The algorithm is shown in Algorithm 1.

Algorithm 1. Algorithm for BFRLframework.

def federated_reinforcement_learning():   initialize_environment_and_agents()   initialize_blockchain_network()   while not convergence_criteria_met():     for vehicle in vehicles:       data = vehicle.collect_data()       local_model = vehicle.train_model(data, privacy_preserving = True)       encrypted_params = encrypt(local_model.parameters)       transaction = blockchain.create_transaction(vehicle.id, encrypted_params)       blockchain.add_transaction(transaction)     aggregated_params = blockchain.aggregate_parameters()     global_model = update_global_model(aggregated_params)     for vehicle in vehicles:       vehicle.update_model(global_model)   return global_model

2.5.3. Local Model Training

Data processing can be performed without transmitting data produced by devices or collected by organisations in a central server. The data stays stored on the device, ensuring its security against unauthorised access and safeguarding privacy. ACVs, sometimes called compute nodes, acquire knowledge by analysing data gathered from their surrounding environments. ACVs utilise the acquired local data to train their models, which subsequently updates the global model. The global model is transferred to the local models for additional training. The techniques are iterated until the entire model has achieved convergence. Each AV utilises pre-processed data to train its local RL model. The RL model optimises specific objectives, such as minimising energy usage, preventing collisions, and enhancing navigation efficiency.

2.5.4. Model Update Sharing Using BC

Encryption is applied to the local model updates before they are broadcast to the BC network. BC makes the immutable and secure logging of these updates possible. BC represents a decentralised distributed system. In short, BC is a form of decentralisation that ensures data integrity through a network of peers. Each node inside the BC network manages and supervises its own data resources, enabling seamless data access and participation in data authorisation for any node. Sharing updatable models on BC refers to a platform that facilitates the training and distribution of decentralised ML models. After the validation process, the verified portion of the local model is sent to the BC for aggregation.

2.5.5. Aggregation and Global Model Update

The aggregation server utilises them to acquire encrypted model changes from the BC. This global model is then broadcast to the ACVs when the server has compiled all of these modifications into a single model.

2.5.6. Global Model Deployment

ACVs update their local models with the global model, enhancing their learning with collective knowledge while maintaining data privacy.

2.6. Benefits of BFRL Framework

The following are the BFRL model benefits.

• Enhanced data privacy and security: FL ensures that local data never leaves the local ACV, significantly reducing the risk of data breaches. BC provides a secure and transparent mechanism for sharing model updates.
• Scalability: the decentralised nature of BC and FL allows the system to scale efficiently with the number of participating vehicles.
• Improved learning and adaptability: the combination of RL and FL enables ACVs to improve their performance continuously through adaptive learning.
• Collaborative learning across multiple vehicles accelerates the convergence to optimal policies.

2.7. Challenges of BFRL Framework

The following are the challenges of the BFRL framework.

• Communication overhead: efficient communication protocols are required to manage the transmission of model updates without overwhelming the network.
• Computational resources: ACVs must have sufficient computational power to handle local model training and data preprocessing.
• Consensus mechanisms: robust consensus mechanisms are needed to ensure the integrity and reliability of the BC network.
• Model aggregation: the aggregation algorithm must handle model heterogeneity and ensure fair contribution from all participants.

Integrating BFRL into the SCE for ACVs offers a promising solution to data privacy and security challenges. This architecture safeguards sensitive information and enhances ACVs’ collective learning and adaptability, paving the way for more efficient and safer urban mobility solutions.

3. Data Security and Privacy Measures in ACVs Using the BFRL Framework

ACVs are enhanced by combining decentralised data storage, encrypted communication, differential privacy, and secure aggregation [69]. Each vehicle collects and processes its data locally, significantly reducing the risk of data breaches associated with centralised storage. Encrypted communication channels [70] ensure that any data transmitted securely [71,72], such as model updates, remain confidential and tamper-proof. Differential privacy techniques add controlled random noise to the data, protecting individual data points from being inferred during aggregation. Secure aggregation methods further ensure that only aggregated model updates are shared, preventing any single vehicle’s data from being exposed. This combination of FRL techniques optimises the performance of ACVs and upholds stringent data security and privacy standards.

Data encryption in ACVs using BFRL ensures that sensitive data remains secure throughout its lifecycle. Each vehicle processes its local data to train machine learning models autonomously in this framework. These model updates are encrypted using advanced cryptographic algorithms before sharing any updates with the BC network or other vehicles. This encryption ensures that data integrity and confidentiality are maintained during transmission over secure channels. BC further enhances security by providing a decentralised and immutable ledger which records and verifies all transactions, including encrypted model updates. By integrating BC with FRL, ACVs can achieve heightened data security, protecting against unauthorised access and ensuring the integrity of data exchanges in dynamic and connected environments.

Access control in ACVs [73] using BFRL ensures that only authorised entities can interact with and contribute to the learning process while maintaining data privacy and integrity. Each vehicle acts as a node in the federated learning network, processing local data to train machine learning models. Access to these models and data is governed by robust authentication mechanisms, leveraging BC’s decentralised ledger for secure verification of identities and permissions [74]. Smart contracts embedded in the BC enforce predefined data access and contribution rules, ensuring that only authenticated and authorised participants can initiate or validate transactions, such as model updates or data exchanges. This approach enhances trust and transparency in autonomous vehicle networks, mitigating risks associated with unauthorised data access or manipulation while fostering collaborative learning and innovation in autonomous vehicle technologies.

Anomaly detection in ACVs using BFRL is crucial for identifying and responding to irregularities that could improve safety and performance. Each vehicle continuously monitors its environment and operations in this framework, using local data to detect anomalies such as unexpected behaviours or potential cybersecurity threats. These detections are securely shared and validated through BC, leveraging its decentralised ledger for transparent and tamper-proof recording of anomaly transactions. Smart contracts embedded in the BC can automate responses to detected anomalies, ensuring immediate and coordinated actions across the vehicle network. By combining FRL’s distributed learning capabilities with BC’s immutable record-keeping and automated authority, anomaly detection in ACVs becomes more robust and adaptive, enhancing overall system resilience and reliability in dynamic driving conditions.

4. Performance Analysis of the BFRL Framework

The performance analysis in ACVs using BFRL involves evaluating the effectiveness and performance of trained models in the BFRL framework. FRL allows each vehicle to autonomously learn from its local data while periodically sharing encrypted updates with the BC network or other vehicles. This decentralised approach comprehensively compares model outcomes without compromising data privacy. Key metrics such as accuracy, efficiency in decision-making, and adaptability to varying driving conditions are scrutinised to assess how well FRL enhances the vehicles’ autonomy and safety. By aggregating insights from multiple sources while safeguarding data integrity through BC’s immutable ledger, FRL enables a robust comparison analysis that identifies strengths and areas for improvement in autonomous vehicle operations, driving continuous advancements in autonomous driving technologies.

Table 5. Performance analysis of BFRL framework.

Feature	Description	Results
Data Security	Measures to ensure data integrity and protection against unauthorised access [75,76]	Blockchain’s tamper-proof nature provides robust security. Encryption ensures data is secure.
Privacy Preservation	Techniques to maintain user privacy [77] and avoid central data collection	FL prevents centralised data collection, preserving privacy through anonymisation.
Model Accuracy	Effectiveness of the federated learning model in predicting and making decisions	Improved model accuracy compared to centralised learning methods.
Latency	Time taken for data processing, model training, and aggregation	Acceptable levels for real-time applications, though potential latency in data aggregation was noted.
Scalability	The system’s ability to handle an increasing number of vehicles and data	Effective scalability with maintained performance as the number of vehicles increases.
Learning Efficiency	Efficiency of the learning process in terms of computational resources and speed	Demonstrated improved learning efficiency through federated reinforcement learning.
Incentives	Mechanisms to encourage participation in the federated learning process	Blockchain rewards participants for contributing to the learning process, enhancing participation.
Resource Requirements	Computational and network resources needed for the implementation	High computational resources are required for blockchain and federated learning processes.
Implementation Complexity	Difficulty level of integrating blockchain with federated learning in ACVs	Complex implementation requires sophisticated infrastructure and expertise.
Future Improvements	Potential areas for further research and development	Focus on optimisation, advanced privacy measures, and extensive real-world testing.

represents the performance analysis of the BFRL framework.

The performance of BFRL frameworks in terms of model accuracy and training efficiency is notable for its dual focus on data security and collaborative learning. By leveraging BC, FRL ensures that each ACV can locally train its model using real-time data while maintaining data privacy through encryption and decentralised storage. This approach minimises the need for data to be transferred to a centralised server, thereby reducing latency and enhancing training efficiency. Moreover, BC’s immutable ledger and smart contract capabilities provide a transparent and secure framework for aggregating model updates and ensuring consensus on the most accurate models. This results in improved model accuracy as insights from diverse environments and driving conditions are incorporated into the learning process. Overall, BFRL enhances model accuracy through collaborative learning and optimises training efficiency by streamlining data handling and ensuring robust security measures throughout the learning cycle.

The integration of BC significantly impacts the scalability and reliability of systems utilising FRL in ACVs. BC’s decentralised nature and consensus mechanisms enhance scalability by concurrently allowing multiple nodes (vehicles) to participate in data validation and model aggregation. This distributed approach reduces the dependence on centralised servers, potentially increasing the system’s overall processing capacity and accommodating a larger volume of data transactions. Moreover, BC enhances system reliability by providing an immutable ledger that records all transactions and model updates. This transparency and data integrity assurance help mitigate risks of data manipulation or unauthorised access, thereby fostering trust among network participants. Combining these benefits, BC integration in FRL systems improves scalability and helps to handle huge amount of data. It enhances reliability through enhanced transparency and security measures, which are crucial for the robust operation of ACV networks.

5. Discussion

5.1. Discussion of How the Research Questions Were Scientifically Answered

This review study focuses on several new findings from earlier academic research on data security and privacy in ACVs in SCEs. Several previous research have been reviewed such as federated learning, encryption approaches, blockchain-based frameworks, and sophisticated intrusion detection systems designed specifically for ACVs to solve the issues related to the huge volumes of data generated and sent in smart cities. Furthermore, it has been determined that end-to-end data security and privacy practices, like multi-layer encryption, secure communication protocols, and decentralised data management, are essential for protecting ACVs in SCEs. Despite these advancements, a significant knowledge gap remains in understanding the real-time implications of these technologies under diverse and dynamic urban conditions. Data security and privacy in ACVs in SCEs are addressed using BFRL framework.

5.2. Identifying Challenges and Future Directions

Identifying challenges and future directions in BFRL for ACVs highlights several key focus areas. One primary challenge is optimising the balance between data privacy and model accuracy. Ensuring vehicles collaborate effectively on model training without compromising sensitive data remains critical. Another challenge is scalability [78,79]. As the network grows, ensuring efficient communication and consensus mechanisms across more nodes becomes increasingly complex. Moreover, integrating diverse data sources and ensuring interoperability among vehicle types and manufacturers poses technical hurdles. Future directions include advancements in encryption techniques to enhance data security, developing more efficient consensus algorithms tailored to FRL, and exploring hybrid models combining BC with other emerging technologies. Addressing these challenges and pursuing these directions will be crucial in realising the full potential of BFRL in ACVs, ultimately improving safety, efficiency, and reliability in smart transportation systems.

Future research directions in the realm of BFRL for ACVs encompass several promising areas that can further enhance the capabilities and applications of this technology:

• Privacy-preserving techniques: developing advanced techniques for differential privacy [80,81,82], secure multi-party computation, and homomorphic encryption to strengthen data privacy while enabling effective collaboration in FRL frameworks.
• Scalability solutions: investigating novel consensus mechanisms and distributed ledger architectures tailored to FRL environments to ensure scalability as the network expands, accommodating more vehicles and diverse data sources.
• Interoperability standards: establishing interoperability standards and protocols to facilitate seamless communication and data exchange among ACVs [83,84,85] from manufacturers and geographical regions.
• Adversarial robustness: enhancing robustness against adversarial attacks by exploring adversarial training, anomaly detection, and secure aggregation methods within BFRL systems.
• Edge computing integration: exploring the integration of edge computing technologies to perform local data processing and model training closer to the vehicles, reducing latency and enhancing real-time decision-making capabilities.
• Regulatory and ethical considerations: addressing regulatory frameworks and ethical considerations surrounding the deployment of BFRL in ACVs, ensuring compliance with data protection laws and ethical guidelines.
• Hybrid AI models: investigating hybrid AI models that combine BFRL with machine learning techniques like deep learning or federated learning to improve model accuracy and adaptability to varying driving conditions.
• Energy efficiency: Researching energy-efficient computing and communication protocols to minimise the power consumption of BFRL systems in resource-constrained ACVs. These future research directions aim to advance the state-of-the-art BFRL for ACVs, addressing current challenges while exploring new opportunities for enhancing safety, efficiency, and reliability in smart transportation systems. Enhancing the system’s scalability to handle more significant numbers of ACVs and edge devices. Enhancing the scalability of BFRL systems to accommodate more significant numbers of ACVs and edge devices involves the following strategic approaches:
  • Partitioning and sharding: Implementing partitioning and sharding techniques within the BC network to divide data and processing tasks among multiple ACVs. This allows the network to handle more transactions and interactions without overwhelming any single ACV.
  • Consensus algorithm optimisation: Developing and optimise consensus algorithms tailored to FRL environments that can efficiently reach agreements on model updates and transactions across a distributed network of ACVs and edge devices. Algorithms like Proof of Stake (PoS) or Practical Byzantine Fault Tolerance (PBFT) can be adapted to improve throughput and reduce latency.
  • Parallel processing and distributed computation: Exploring parallel processing and distributed computation techniques, enabling ACVs and edge devices to concurrently perform local data processing and model training. This reduces bottlenecks and improves overall system performance.
  • Edge computing integration: Leveraging edge computing infrastructure to perform local data aggregation and preliminary model training closer to the ACVs, minimising latency and bandwidth usage for communication with the BC network. Edge nodes can be aggregators or validators of model updates before transmitting them to the leading BC network.
  • Dynamic network adjustment: Developing mechanisms for dynamically adjusting the network topology and resource allocation based on demand and traffic patterns. Adaptive resource management and load-balancing algorithms can optimise resource utilisation across ACVs and edge devices, ensuring efficient scalability under varying conditions.
  • Interoperability standards: Establishing interoperability standards and protocols that facilitate seamless communication and data exchange between ACVs [86,87] and edge devices from manufacturers and regions. This promotes a unified approach to scalability while accommodating diverse technological infrastructures. By implementing these scalable strategies, BFRL systems can effectively handle larger ACVs and edge devices, enabling robust and efficient collaboration in autonomous vehicle networks while maintaining data security and privacy [88], improving interoperability with existing smart city infrastructures.

5.3. Improving Interoperability Using BFRL

Improving interoperability with existing smart city infrastructures involves integrating BFRL systems with diverse technologies and platforms already deployed within urban environments. Key strategies to enhance interoperability include the following:

• Standardization and open APIs: establishing standardised protocols and open APIs that allow seamless communication and data exchange [89,90,91] between BFRL systems and various smart city infrastructure [92] components such as traffic management systems, IoT devices, and urban sensors [93,94].
• Middleware and integration layers: Developing middleware solutions and integration layers for internet of vehicles things [95] that bridge the gap between BC networks and existing smart city platforms [96]. These layers translate data formats, protocols, and communication methods to ensure compatibility and interoperability.
• Data standardization and semantic interoperability: Promoting data standardisation initiatives and semantic interoperability frameworks that enable consistent interpretation and sharing of data across different systems. This facilitates meaningful data integration from ACVs and edge devices with urban planning, traffic optimisation, and environmental monitoring systems.
• Multi-stakeholder collaboration: encouraging collaboration among stakeholders, including government agencies, technology providers, research institutions, and community organisations, to define interoperability requirements, develop common standards, and implement interoperable solutions.
• BC as a trusted data exchange layer [97]: Leveraging BC’s decentralised and immutable ledger capabilities as a trusted data exchange layer for securely sharing and verifying data transactions [98] between ACVs, edge devices, and smart city infrastructure components. BC ensures data integrity, transparency, and auditability, which is crucial for building stakeholder trust. Fl ensures privacy [99].
• Scalability and performance optimization: Optimising BC networks and FRL algorithms to handle large-scale data flows and real-time processing demands from interconnected smart city infrastructures. This includes enhancing network throughput, reducing latency, and ensuring efficient resource utilisation across distributed computing nodes. Beyond 5G, advancements in artificial intelligence and edge computing will further enhance the capabilities of ACVs [100] and handle the new challenges [101].
• Regulatory compliance and governance: Addressing regulatory compliance challenges and governance frameworks related to data privacy, security, and ethical considerations in smart city deployments. Aligning BFRL systems with existing regulatory frameworks ensures responsible and lawful integration within smart city environments.

By focusing on these strategies, BFRL systems can effectively improve interoperability with existing smart city infrastructures, fostering a cohesive and interconnected urban ecosystem that enhances residents’ efficiency, sustainability, and quality of life.

5.4. Improving Data Security and Privacy in ACVs Using BFRL Advanced Techniques

Exploring advanced techniques in FRL and BC can significantly enhance data privacy and security in ACVs. The following are some advanced techniques and approaches:

• Zero-knowledge proofs (ZKPs): Implementing ZKPs allows participants in FRL networks to prove possession of certain information (e.g., model updates) without revealing the information itself. This enhances privacy by ensuring that sensitive data remains hidden while verifying the validity of transactions.
• Homomorphic encryption: Advancing homomorphic encryption techniques enables computations to be performed directly on encrypted data without decrypting it first. This preserves data privacy throughout the computation process, including during model aggregation and validation in FRL frameworks.
• Multi-party computation (MPC): MPC protocols enable multiple parties to jointly compute a function over their inputs while keeping their respective inputs private. In FRL, MPC can securely aggregate model updates from multiple ACVs without exposing individual data facts.
• Privacy-preserving federated learning (PPFL): PPFL techniques enhance FRL by incorporating additional privacy-preserving mechanisms such as differential privacy, federated learning with secure aggregation, and cryptographic assurances. These techniques collectively safeguard data privacy while maintaining collaborative learning among ACVs.
• BC-based access control: Utilising BC’s decentralised ledger and smart contract capabilities to enforce fine-grained access control policies. This ensures that only authorised entities can access sensitive data or participate in FRL model training, enhancing security against unauthorised access and manipulation.
• Decentralised identity management: Implementing decentralised identity solutions on BC platforms to securely manage and authenticate identities of ACVs in FRL. This reduces the risk of identity theft and unauthorised access to sensitive data.
• Post-Quantum Cryptography: As quantum computing capabilities advance, post-quantum cryptography ensures long-term data security in FRL systems. Researchers can enhance data privacy and security in ACVs by exploring and integrating these advanced techniques in FRL and BC. These advancements mitigate risks associated with data breaches and cyber-attacks and foster trust and reliability in decentralised and collaborative learning environments.

Integrating advanced techniques in FRL and BC represents a pivotal advancement towards enhancing data privacy and security in ACVs and beyond. By leveraging innovations such as zero-knowledge proofs, homomorphic encryption, multi-party computation, and privacy-preserving federated learning, FRL systems can ensure that sensitive data remains confidential and protected throughout the collaborative learning process. BC’s decentralised ledger and smart contract capabilities further bolster security by enabling transparent and immutable record-keeping, enhancing stakeholder trust and mitigating data manipulation risks or unauthorised access. As research continues to evolve in these areas, the future promises to create robust, scalable, and resilient systems that prioritise innovation and data integrity in smart transportation systems. These advancements pave the way for safer and more efficient autonomous vehicle operations and set a precedent for secure and ethical deployment of AI-driven technologies in smart city environments.

6. Conclusions

The primary objective of the automotive industry is to develop secure and fully self-driving vehicles. The business and educational sectors have recently shown a keen interest in ACVs. FRL is employed to enhance the security and privacy of data-driven systems in many situations. This article briefly introduces FRL’s fundamental concepts, concerns, and characterisation. The security and privacy aspects of ACVs using BFRL framework were extensively examined from multiple perspectives. Using traffic control applications and forecasting, ACVs are utilized to tackle current traffic problems. The smart transportation system requires creating a system that can acquire knowledge and improve its performance over time. This system should be capable of ensuring traffic safety, providing related services, and identifying and rectifying any disruptions or irregularities. Integrating BC with FRL establishes a decentralised framework for enhancing data privacy and security, ensuring reliability, and providing protection assurance. This paper comprehensively reviews the BFRL frameworks used in ACVs in SCEs.