Sevecom secure vehicle communication
This presentation is the property of its rightful owner.
Sponsored Links
1 / 21

SeVeCom : Secure Vehicle Communication PowerPoint PPT Presentation


  • 115 Views
  • Uploaded on
  • Presentation posted in: General

SeVeCom : Secure Vehicle Communication. Antonio Kung Coordinator Trialog 25 rue du Général Foy 75008 Paris, France www.trialog.com. Warning: Accident at (x,y). !. Warning: Accident at (x,y). !. Congestion Warning: At (x,y), use alt. route. Traffic Update: Congestion at (x,y). TOC.

Download Presentation

SeVeCom : Secure Vehicle Communication

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Sevecom secure vehicle communication

SeVeCom : Secure Vehicle Communication

Antonio Kung

Coordinator

Trialog

25 rue du Général Foy

75008 Paris, France

www.trialog.com

TRA2008 24 May 2008


Vehicle communication vc

Warning:

Accident at (x,y)

!

Warning:

Accident at (x,y)

!

Congestion Warning:

At (x,y), use alt. route

Traffic Update:

Congestion at (x,y)

TOC

RSU

RSU

!

Vehicle Communication (VC)

  • VC promises safer roads,

  • … more efficient driving,

TRA2008 24 May 2008


Vehicle communication vc1

Text message:

We'll stop at next roadhouse

MP3-Download

Software Update

Malfunction Notification:

Arriving in 10 minuten,need ignition plug

CarManuf.

Vehicle Communication (VC)

  • … more services (infotainment),

RSU

  • … and easier maintenance.

TRA2008 24 May 2008


Sevecom secure vehicle communication

Sounds good

BUT …

TRA2008 24 May 2008


Security and privacy

Warning:

Accident at (x,y)

!

Congestion Warning:

At (x,y), use alt. route

Traffic Update:

Congestion at (x,y)

!

!

!

!

Security and Privacy???

  • Safer roads?

  • More efficient driving?

TOC

RSU

RSU

TRA2008 24 May 2008


Security and privacy1

Location Tracking

Text message from silver car:

You're an idiot!

Position Beacon

Your newignition-control-software

Security and Privacy???

  • More fun, but for whom?

RSU

  • … and a lot more …

TRA2008 24 May 2008


Se cure ve hicle com munication

SE-cure VE-hicle COM-munication

  • Mission: future-proof solution to the problem of V2V/V2I security

  • Partners

    • Trialog (Coordinator)

    • DaimlerChrysler

    • Centro Ricerche Fiat

    • Bosch

    • KU Leuven

    • Ecole Polytechnique Fédéral de Lausanne

    • University of Ulm

    • Budapest University of Technology and Economics

TRA2008 24 May 2008


Sevecom is a transversal project

SEVECOM is a Transversal Project

European

Institutions

Industry

Policies

Standards

C2C-CC

Security WG

Article 29

Data protection WG

SEVECOM

eGovernment

eSafety Forum

Security WG

Modinis-IDM

liaison, terminology

COMeSafety

Security

eSafety

SafeSpot

SecurIST

liaison

CVIS

Coopers

PRIME

liaison-peer review

GST

GST-SEC

TRA2008 24 May 2008


Research topics

Research topics

Topic

Scope of work

A1

Key and identity management

Fully addressed

A2

Secure communication protocols (inc. secure routing)

Fully addressed

A3

Tamper proof device and decision on cryptosystem

Fully addressed

A4

Vehicle Intrusion

Investigation work

A5

Mulfunction detection and Data consistency

Investigation work

A6

Privacy

Fully addressed

A7

Secure positioning

Investigation work

A8

Secure user interface

Investigation work

TRA2008 24 May 2008


Security baseline architecture

Security Baseline Architecture

  • Objectives

    • Focus on communication

    • Baseline Privacy Enhancing Technology (PET)

    • Future dynamic deployment of stronger PETs

      • Analogy: switching from 8 to 10 digit telephone numbers

  • Baseline solution design approach

    • Standardized cryptographic primitives

    • Easy-to-implement

    • Low overhead

    • Adaptable protection

TRA2008 24 May 2008


Security baseline architecture cont d

Security Baseline Architecture (cont’d)

  • Challenges

    • High rate broadcast communication

    • VANET-only (e.g., safety) and TCP/IP communication

Safety Applications

General Applications

Wave Short Message Protocol (WSMP)

C2C-CC Position Based Routing

TCP / UDP

IPv6

IEEE 802.11p

MAC and PHY

C2C-CC MAC

IEEE 1609.4

TRA2008 24 May 2008


Security baseline architecture cont d1

Unique Identity

Credentials and Cryptographic Keys

Central Processing Module

Wireless Communication Module

Security Baseline Architecture (cont’d)

  • Basic ideas

  • Long-term identity

  • Public key crypto

  • EC-DSA, RSA

  • Certificates

Abstract view

of a vehicle

TRA2008 24 May 2008


Building blocks in baseline architecture

In car Security

Module

Gateway/Firewall

Intrusion Detection

Attestation

Secure

Communication Module

Identification & Trust

Management Module

Hardware Security Module

Secure

Beaconing

Identity

Management

Key/Certificate

Storage

Secure

Geocast

Trust

Management

Secure

Time Base

Secure

Georouting

Protected

Functions

Privacy Management

Module

Pseudonym

Application

Pseudonym

Management

Building Blocks in Baseline Architecture

TRA2008 24 May 2008


Deployment

Deployment

Vehicle

Vehicle systems

Security & Policy

Manager

In-car Security

Module

V2I/V2I

Applications

Hardware

Security Module

Secure

Communication

Module

Communication

Stack

Identification &

Trust

Management

Module

Privacy

Management

Module

Direct Communication

(Cellular, Physical)

Wireless Medium

RSU

Service Infrastructure

Security & Policy

Manager

Communication

Stack

Secure

Communication

Module

Trust

Management

Infrastructure

Identification &

Trust

Management

Module

Secure

Communication

Module

Backbone

network

V2I Applications

Hardware

Security Module

TRA2008 24 May 2008


Sevecom privacy focus

Sevecom Privacy focus

  • Requirements

    • Authentication, Integrity, Non-repudiation, Access control, Confidentiality

    • Availability

    • Privacy

    • Liability identification

TRA2008 24 May 2008


Sevecom privacy focus1

Sevecom Privacy focus

  • V2V / V2I communication

    • should not make it easier to identify or track vehicles

    • should conform to future privacy directives

  • Lack of privacy control will prevent deployment

    • Active safety applications require knowledge on activities of nearby vehicles, not their identity

    • Similar requirements to electronic payment

       Privacy-enhancement mechanisms thatuse resolvable pseudonyms

TRA2008 24 May 2008


Sevecom privacy focus2

Eavesdropping

Case

Protection

Focus

V2V

Storage

Internet

Storage

V2V

Sevecom Privacy focus

TRA2008 24 May 2008


Security baseline architecture cont d2

PSNYM_2

PSNYM_3

PSNYM_1

PSNYM_2

PSNYM_3

PSNYM_2

PSNYM_1

PSNYM_1

Security Baseline Architecture (cont’d)

  • Basic ideas (cont’d)

    • Pseudonym: Remove all identifying information from certificate

    • Equip vehicles with multiple pseudonyms

      • Alternate among pseudonyms over time (and space)

      • Sign message with the private key corresponding to pseudonym

      • Append current pseudonym to signed message

TRA2008 24 May 2008


Security baseline architecture cont d3

Security Baseline Architecture (cont’d)

  • System setup

Authority X

Long-term Identification

Authority A

Pseudonym Provider

PSNYM_1, …, PSNYM_k

Vehicle V

TRA2008 24 May 2008


Security working groups

Security Working Groups

  • C2C Security Working Group

    • Dr H.J Voegel, BMW

  • COMeSafety IST project

    • Dr T.Kosch, BMW

  • eSafety forum Security WG

    • Antonio Kung, Trialog

    • Prof. Ruland, Siegen U.

White Paper

Baseline Architecture

Impact of Security to eSafety

Architecture

Recommendations

In-vehicle Communication,

Telematics and Co-operative systems

Workshop on security and privacy issues

Brussels, 27 May 2008

TRA2008 24 May 2008


Thank you

Thank You

www.sevecom.org

TRA2008 24 May 2008


  • Login