The full-scale deployment of intelligent transport systems with automated vehicles and associated road infrastructure in urbanized spaces opens up additional prospects for increasing the efficiency of the transportation industry. However, it also leads to the emergence of additional sources of threats, risks and areas of vulnerability of such systems. The range of various kinds of threats disrupting the normal functioning of connected and automated vehicles (CAV) is expanding. It includes the impact of the interaction between all road users and elements of the road infrastructure on the channels of information within the framework of the intelligent transport system (ITS). There is a growing need for further improvement of the norms and requirements of legal and technical regulation of CAV production and operation. It means an expansion of the field and tasks of testing the safety of public, personal, commercial and special automobile vehicles, including through the verification of information security during the validation and verification of both CAV and ITS components. The authors employed a systematic approach using methods of content, logical and comparative analysis in the research. The paper clarifies the subject area of the study, characterizes the state of national regulators’ requirements for ensuring information security of connected and automated vehicles, and considers methodological approaches to testing information security of automated road traffic within the framework of intelligent transport systems. The authors present a conceptual approach to the identification of a complex model of threats to information security of the technological platform of information interaction “unmanned vehicle-road infrastructure”. The study was based on the analysis of security requirements for unmanned vehicles and clarification of concepts in the field of information security for the operation of CAV and the functioning of ITS in the transition to mobile communications of the 5G generation. The main results of the research include the composition of typical zones of vulnerabilities and potential attacks; characteristics of the spectrum of the main threats; classification of the main agents of information security threats in the CAV architecture and ITS infrastructure. The applied value of the obtained results lies in the possibility of using the presented model of CAV information security threats in the development of methodological approaches and analytical tools for organizing and testing various types of deliberate violations of communication channels of individual CAV devices, a group of autonomous vehicles and a separate CAV with ITS in the framework of laboratory experiments and field tests. After the regulatory requirements are formalized in the national CAV information security standard, a possible direction for further research may be the development of technological and economic models for testing information security within the framework of ITS for the national certification system CAV of various types.