Page 68 - Cyber Defense eMagazine - October 2017
P. 68
Open source technology is likely key to ensure regulatory and market requirements are
met, both today and in the future. First among these requirements is to securely identify
both the vehicle and the user, in real-time, during even the highest periods of local
network traffic. Imagine hundreds or thousands of moving vehicles interfacing with the
ITS and third-party services via the ITS at any given moment. Each passenger or driver
will need identity management mechanisms. Vehicle sharing services and the second-
hand automotive market will require the ability to securely wipe previous owner or renter
information, while leaving vehicle and component identities intact. However, there are a
couple of key challenges the industry will need to overcome to make an operational and
secure V2I network a reality.
Interfaces and standardization
Automotive industry convergence with payment, telecommunications and road
infrastructure is a must. Besides instant communication with road infrastructure, V2I will
enable automatic toll collection, intelligent parking and intelligent traffic services.
Information like driving conditions, traffic status and road issues will be communicated
to the driver and vehicle as necessary. But when it comes to laying the foundation for
V2I, both automakers and the ITS industry will face the challenge of deciding which
existing industry standards and protocols they want to incorporate, and what new
standards they need to create to fit their needs.
In banking, certain regulations are already in place to ensure customer data and
company information is kept secure, the Payment Card Industry Data Security Standard
for example. This sort of collaboration can be seen in the 5G Automotive Association,
where SIM card manufacturers, carmakers and members of the payment industry are
working together on specific-use cases to set universal standards.
Technical implementation
Each connected vehicle, including many of its parts, requires a unique identity to ensure
data transmitted to and from the vehicle can only be accessed by the right people. This
unique identity needs to be attributed during the production process, as it is in Industrial
IoT (IIoT) manufacturing. Key and certificate management will be an essential part of
this secure over-the-air-updates (OTA) and authentication.
V2I requires data exchanges to occur instantaneously, often many times per second.
This means that verifying the identity of the vehicle must happen just as fast. To meet
these needs, vehicles implementing V2I must be equipped with digital certificates and
encryption key management.
Over-the-air (OTA) data exchanges or downloads, for instance new code, software,
media content or vehicle usage data, will need to be executed securely. Not only will the
vehicles and infrastructure need to be secured, but the channels through which the
information is exchanged needs to be protected. Without security measures in place,
vehicles risk transmitting the wrong, or even harmful, data to and from ITS.
68 Cyber Defense eMagazine – October 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide.
