Security and privacy for a connected vehicle environment

Slides:

Advertisements

Similar presentations

Connected Vehicle Technology Be Connected. Be Safe. Be Green © DENSO International America, Inc. All rights reserved. Roger Berg Vice President Wireless.

Advertisements

 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.

Securing Vehicular Communications Author ： Maxim Raya, Panos Papadimitratos, and Jean-Pierre Hubaux From ： IEEE Wireless Communications Magazine, Special.

BILL WHITE Presents… VEHICULAR NETWORKING: A SURVEY AND TUTORIAL ON REQUIREMENTS, ARCHITECTURES, CHALLENGES, STANDARDS, AND SOLUTIONS GEORGIO KARAGIANNIS.

Secure Communication Architectures.

Securing. Agenda  Hard Drive Encryption  User Account Permissions  Root Level Access  Firewall Protection  Malware Protection.

Connected Vehicles AASHTO Annual Meeting | October 17, 2013 | Denver, CO Mike Cammisa Director, Safety Association of Global Automakers.

ITS Joint Program Office 62 nd Illinois Traffic Engineering and Safety Conference October 24, 2013 Walton Fehr.

IntelliDrive Safety Workshop July 20, 2010 Alrik L. Svenson US Department of Transportation National Highway Traffic Safety Administration IntelliDrive.

PKIs  To use public key methods, an organization must establish a comprehensive Public Key Infrastructure (PKI) A PKI automates most aspects of using.

Research Directions for the Internet of Things Supervised by: Dr. Nouh Sabry Presented by: Ahmed Mohamed Sayed.

Michigan VII: Technology Improving Lives ITS Midwest Annual Meeting February 7, 2006 Gregory D. Krueger, P.E. Statewide ITS Program Manager Michigan Department.

Privacy Issues in Vehicular Ad Hoc Networks.

USDOT, RITA RITA: Oversight of USDOT’s R&D programs  University Transportation Centers $100M  UTC Consortia $80M  UTC Multimodal R&D $40M  Intelligent.

Meeting of State Pooled Fund Partners April 20, 2005 "Reducing Crashes at Rural Intersections: Toward a Multi-State Consensus on Rural Intersection Decision.

V ehicle I nfrastructure I ntegration Jeffrey F. Paniati Associate Administrator for Operations and Acting Program Manager for ITS Joint Program Office.

By: Diana Ornelas.  A LAN that is inside & around the vehicle  Is a branch under VANET  4 types of communication:  Vehicle-to-vehicle  Intra-vehicular.

The Fully Networked Car Geneva, 4-5 March Ubiquitous connectivity to improve urban mobility Hermann Meyer ERTICO.

I NTEGRATED L IGHT V EHICLE M ODEL D EPLOYMENT R ESEARCH P ROJECT U PDATE ITS-JPO Public Workshop September 24, 2013 Mike Lukuc, NHTSA Research.

ITS Standards Program Strategic Plan Summary June 16, 2009 Blake Christie Principal Engineer, Noblis for Steve Sill Project Manager, ITS Standards Program.

IntelliDrive SM Vehicle Safety Communications Working Toward V2V Deployment John Harding July 20, 2010.

September 25, 2013 Greg Davis FHWA Office of Safety Research, Development and Test Overview of V2I Safety Applications.

IntelliDriveSM Update

C OLLABORATIVE V2V S ECURITY R ESEARCH U PDATE ITS-JPO Public Workshop September 24, 2013 Mike Lukuc, NHTSA Research.

A Vehicle Manufacturer’s Perspective on VII Christopher Wilson ITS Oregon- Feb 1, 2005 Christopher Wilson.

C OLLABORATIVE V2V S ECURITY R ESEARCH U PDATE ITS-JPO Public Workshop September 24, 2013 Mike Lukuc, NHTSA Research.

Security fundamentals Topic 5 Using a Public Key Infrastructure.

Engineering Secure Software. Agenda  What is IoT?  Security implications of IoT  IoT Attack Surface Areas  IoT Testing Guidelines  Top IoT Vulnerabilities.

I NTEGRATED L IGHT V EHICLE M ODEL D EPLOYMENT R ESEARCH P ROJECT U PDATE ITS-JPO Public Workshop September 24, 2013 Mike Lukuc, NHTSA Research.

DSRC and SPaT, SSM, SRM & MAP

Eyal Hamo Berry Shnaider בס " ד 1.

ITS: The Next Generation Shelley Row Director Intelligent Transportation Systems Joint Program Office Research and Innovative Technology Administration,

 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.

Michigan DOT Wx-TINFO Project ITS T3 Webinar Using Mobile Data for Weather Responsive Traffic Management March 26 th, 2015 Collin Castle, P.E. Michigan.

The City of Calgary’s Intelligent Transportation Systems and Yeatland (Yeats) Wong, P. Eng. The City of Calgary Transportation Department.

1 Autonomous Vehicles. 2 One of our top priorities is preparing our members for the impact of automation in vehicles.

Indian Institute Of Technology, Delhi Page 1 Enhancements in Security, Performance Modeling and Optimization in Vehicular Networks Ashwin Rao 2006SIY7513.

Principles Identified - UK DfT -

SPaT Challenge Overview and Execution

IEEE ™-2016, Standard for Wireless Access in Vehicular Environments—Security Services for Applications and Management Messages T. M. Kurihara, Chair,

Connected Vehicles in the Internet of Things Presenter

Ch. 7 Intersections.

Key management issues in PGP

Phase 4: Manage Deployment

Ian Deakin, iconectiv 3rd July 2017

On-board Technologies

Security&Privacy Considerations for IP over p OCB

Connecting the East Orlando Communities

Smart Columbus Overview

Transportation Worker Identification Credential (TWIC) Next Generation (NEXGEN) Card Update for National Maritime Security Advisory Committee (NMSAC)

Module 8: Securing Network Traffic by Using IPSec and Certificates

CYBERSECURITY FOR AUTONOMOUS VEHICLES

Adaptable safety and security in v2x systems

Project: IEEE P Interest Group for Wireless Personal Area Networks (WPANs) Submission Title: ITS OCC system based vehicle-to-vehicle communication.

Overview of CV2X Requirements

Ottawa AV Innovation ‘201’

Connected Vehicle Activities at MnDOT

Mitigation Principles PROPOSAL OICA/CLEPA

Securing a Connected Transportation System

Module 8: Securing Network Traffic by Using IPSec and Certificates

Month Year doc.: IEEE yy/xxxxr0

July 2007 doc.: IEEE p Jan Case Study for reduced priority management frames – Vehicular Safety Communication Date:

Install AD Certificate Services

On-board Technologies

Formal Analysis of V2X Revocation Protocols

Developing Vehicular Data Cloud Services in the IoT Environment

Bootstrapping Key Infrastructure over EAP draft-lear-eap-teap-brski

A proposal for approach to proceed work in Cybersecurity TF

Presentation transcript:

Security and privacy for a connected vehicle environment CAMP PI: CSI Detroit. No camping CAMP: Crash Avoidance VSC5: 7 OEMs within Security and privacy for a connected vehicle environment Benedikt Brecht, Principal Investigator, Crash Avoidance Metrics Partners (CAMP)

Vehicles and infrastructure exchanging unmanaged messages What is V2X? Vehicles and infrastructure exchanging unmanaged messages Vehicle 2 Vehicle and Vehicle 2 Infrastructure Communication V2V system can alert the driver (thus help prevent crashes) by issuing different safety warnings Messages include information on current position, velocity, etc. Photo Source: U.S. DOT

Do Not Pass Warning - Sensors can hardly detect incoming vehicles Photo Source: Continental

Left Turn Assist No detection outside of line of sight Photo Source: Cadillac

Traffic Light Assistant Show time to green Show time to red Photo Source: Audi/jalopnik.com

establish trust Being able to verify information Messages received over the air: integrity and authentication required One wrong message and customer’s trust is lost (No second chance) Photo Source: Núria i JC via Flickr

ensure privacy Standard IT Technology for first two requirements Nobody shall be able to track vehicles by using this technology Prevent SCMS from collecting Personally Identifiable Information (PII) Prevent trip tracking by outsiders Prevent trip tracking by SCMS insiders Privacy by design Photo Source: Independent.co.uk

V2X SCMS Architecture

Misbehavior Detection This is obvious misbehavior ;-) Misbehaving / attacking units need to be removed Misbehavior Detection on application level Photo Source: Brittni Gee Photography via Flickr

Misbehavior detection – proximity plausibility One example of misbehavior detection Photo Source: Kris LoCascio via Flickr

“Linkage values” used to identify certificates during misbehavior detection Photo Source: something-familiar.com

Penalty / device revocation Device should no longer be trusted - MA revokes certificates via Certificate Revocation List (CRL) Pseudonym and Enrollment cert revocation CRL distributed to vehicles and to be checked regularly in verification process of incoming BSMs Photo Source: Andy Devlin/NHLI via Getty Images

Photo Source: Benedikt Brecht

USDOT CV pilots awarded 2015: http://www.its.dot.gov/pilots/ Sources: Elector-based Root Management System to Manage a Public Key Infrastructure: http://priorart.ip.com/IPCOM/000245336 A security credential management system for V2V communications, Dec 2013 http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6737583 Vehicle Safety Communications Security Studies: Technical Design of the Security Credential Management System, July 2013 Security Credential Management System Design, April 2012 http://www.its.dot.gov/meetings/pdf/Security_Design20120413.pdf USDOT CV pilots awarded 2015: http://www.its.dot.gov/pilots/ USDOT Smart City Challenge: https://www.transportation.gov/smartcity IEEE 1609: https://standards.ieee.org/develop/wg/1609_WG.html IEEE 802.11p: http://standards.ieee.org/getieee802/download/802.11-2012.pdf SAE J2945/1: http://standards.sae.org/j2945/1_201603/ Photo Source: Wikimedia Commons/Jean-Pol GRANDMONT

@CodeFried Photo Source: Free for Commercial Use via Flickr