Security for V2X Communications - ITS) Canada Porciello - ITS_Canada-201… · – “Version...

Your Connected Car Security Partner

Brian Romansky

VP – Strategic TechnologyYour Connected Car

Security Partner

ITS Canada

Annual General Meeting

May 1-4, 2016

Security for V2X Communications


TrustPoint - Security Leadership and Innovation

• Experts in Security and Cryptography

– Leading experts in public-key policy and implementation

– Team that developed the Blackberry security model

– Technical security experts for US DOT V2X initiative

• Experience in implementing security for large scale deployments for companies worldwide

• Excellence in Solutions and Products for Connected Car and IoT

– Security Toolkits and Infrastructure Components

– Implements flawless efficient security

– Simplifies security implementation by removing complexity

2

Security

Consulting

Security

Software ToolkitsCertificate

Authority


V2X Technology

• Basic Safety Messages (BSMs):

– Vehicle position and speed

– Steering angle, throttle and brake status

– Vehicle size and bumper height

– Transmitted wirelessly 5 times per second

• Additional V2I Capabilities

• Unique Security Requirements

3


The Promise of V2X Technology

• Potential for an 80% reduction in collisions

• Augment existing Advanced Driver Assistance Systems (ADAS) technology

• Improve interoperability between human drivers and autonomous vehicles

• Enable advanced infrastructure and emergency management solutions

2015 US NHTSA revised report─ 24 million reported vehicle crashes─ 33,000 fatalities─ 3.9 million injuries─ $836 billion economic loss

4


Augment Advanced Driver Assisted

SystemsV2V Adds New Capabilities:

– Extended range - increased response time

– Predictive data - respond to steering, brake, throttle changes

– Two-way communication -negotiate collision avoidance

– Communicate with roadside equipment

5


Example: Google Car / City Bus Crash

• Car had to change lanes to avoid construction.

• Algorithm did not account for the size and response time of the bus.

• Software assumed that the approaching vehicle would yield.

• Vehicle data + two-way communication could have avoided this crash.

6


Security Requirements

Privacy

Can’t make it easy to track

personal cars

� Each BSM contains exact

position information

� Data is sent unencrypted to

enable fast response time

Security

Need to validate that BSMs

are from real cars

� Prevent attackers from

creating fake messages to

change traffic patterns or

create a road hazard

VS.

7


Security Credential Management System (SCMS)

• Crucial requirements that must be met are:

– Ensure authenticity and integrity of messages

– Minimize opportunity for tracking personal vehicles

• System also mandates:

– Privacy for users: No PII can be collected

– Prevent tracking by insiders & outsiders

– Assume errors will happen and hackers will attack the system

– Detect and remove misbehaving systems

– Minimize over the air messaging bandwidth

• Tricky Result:

– Create a high volume of anonymous short lived identities

– … and still be able to revoke these identities when needed

8


Crash Avoidance Metrics Partnership

• CAMP is under contract with the US DOT

– Design the Security Credential Management System (SCMS)

– Develop a working prototype system

– Support the US Connected Vehicle (CV) pilots in New York, Florida, and Wisconsin

• TrustPoint is a security technical advisor to the SCMS design program

9


Design for Security and Privacy

20 new certificates per week per car with ~250M cars (US)

= 260B certificates per year

Privacy

� No unique information about the car

or the owner

� Certificate changes every 5 minutes

� Cycle through 20 certificates every

week

Security

� Every message is digitally signed

(but not encrypted)

� Linkage values allow for

“misbehavior detection” and

revocation

10


SCMS Architecture

11


CentralSCMS

Manager

Distributed ICA

Managers

SCMS Architecture

12


ICA Manager Role

• Operate a secure Intermediate Certificate Authority

– Back-end hardware and software

– Policies and operating procedures

• Issue certificates to equipment

– Vehicle On-Board Units (OBUs) or Road-Side Equipment (RSEs)

– Define and issue special “application certificates” for locally defined use cases

• Participate in misbehavior detection and revocation

– Submit misbehavior reports for equipment that is not functioning normally

– Respond to central Misbehavior Authority (MA) requests

– Manage Certificate Revocation Lists (CRLs) or equipment blacklists

13


Application Permissions and Roles

Traffic Management:

• Adaptive traffic light mgmt and secure pre-emption

• Emergency work zone warnings and lane closures

• Road condition warnings and temporary speed restrictions

• Speed Harmonization

Public Transportation:

• Public vehicle lane or zone prioritization and signal priority

• Intelligent bus stop

• Platooning and speed harmonization

Infrastructure Management:

• Emergency vehicle lane and signal priority

• Work zone warning

• Temporary road hazard warning

14


SCMS Current Status• Core design is complete

– “Version 1.1” prototype is in testing, will support CV pilots & Smart City program launching in ~12 months

– Version 2.0 design work is in progress, will add critical details on misbehavior detection and CRL distribution

• Design is heavily influenced by vehicle manufacturers

– CV Pilot plans are introducing new needs from municipal operators

– More participation and early pilot test programs can bring balance to the design

• Initial Deployments are uncovering unanticipated conditions

– Mobile and “temporary” road signs (such as lane closure signs)

– Procedures to authorize replacements for failed or outdated equipment

15


Recommendations for Government Agencies

• Track progress of CV Pilot deployments

– US DOT website: http://www.its.dot.gov/pilots/

• Develop your own Concept of Operations

– Develop a “wish-list” of custom applications and deployments

– Start planning for incremental deployments as standards mature

– Engage with hardware & software vendors, discuss your needs

– Deploy and test technology early and learn before making a major commitment

• Participate in local trials

16

Security for V2X Communications - ITS) Canada Porciello - ITS_Canada-201… · – “Version...

Documents

Transcript of Security for V2X Communications - ITS) Canada Porciello - ITS_Canada-201… · – “Version...