Analysis of Vehicle-Based Security Operations

Vehicle-to-vehicle (V2V) communications promises to increase roadway safety by providing each vehicle with 360 degree situational awareness of other vehicles in proximity, and by complementing onboard sensors such as radar or camera in detecting imminent crash scenarios. In the United States, approximately three hundred million automobiles could participate in a fully deployed V2V system if Dedicated ShortRange Communication (DSRC) device use becomes mandatory. The system’s reliance on continuous communication, however, provides a potential means for unscrupulous persons to transmit false data in an attempt to cause crashes, create traffic congestion, or simply render the system useless. V2V communications must be highly scalable while retaining robust security and privacy preserving features to meet the intra-vehicle and vehicle-to-infrastructure communication requirements for a growing vehicle population. Oakridge National Research Laboratory is investigating a Vehicle-Based Security System (VBSS) to provide security and privacy for a fully deployed V2V and V2I system. In the VBSS an On-board Unit (OBU) generates short-term certificates and signs Basic Safety Messages (BSM) to preserve privacy and enhance security. This work outlines a potential VBSS structure and its operational concepts; it examines how a vehicle-based system might feasibly provide security and privacy, highlights remaining challenges, and explores potential mitigations to address those challenges. Certificate management alternatives that attempt to meet V2V security and privacy requirements have been examined previously by the research community including privacy-preserving group certificates, shared certificates, and functional encryption. Due to real-world operational constraints, adopting one of these approaches for VBSS V2V communication is difficult. Timely misbehavior detection and revocation are still open problems for any V2V system. We explore the alternative approaches that may be applicable to a VBSS, and suggest some additional research directions in order to find a practical solution that appropriately addresses security and privacy. Section 1: Introduction Dedicated Short-Range Communication (DSRC) can support V2V and V2I communications; however, bandwidth and range limitations challenge integration of safety and privacy features. In order to ensure interoperability between different OEMs, vehicle safety messages (i.e., Basic Safety Messages or BSMs) must be trusted while protecting the identity of the driver or vehicle. In a traditional public key infrastructure (PKI), participants create, receive, manage, and revoke certificates. A certificate encapsulates a participant’s public key and identifies that participant within the system. Each participant signs data using their private key. When a message recipient receives a signed message, the recipient verifies the message signature using the sender’s public key to ensure the message has not been altered. Assuming that the sender’s private signing key has not been compromised or exposed, the recipient will trust that the sender signed and sent the received message. The proposed Public Key Infrastructure (PKI) for the Intelligent Transportation System (ITS) Vehicle-toVehicle (V2V) safety initiative will be the largest PKI ever deployed. The PKI needs to address the basic security properties (authentication, integrity, and non-repudiation) of a traditional PKI while protecting individual privacy. In the rest of this document, assume that unless otherwise stated, a PKI refers to a PKI for use in a transportation infrastructure and will be used for V2V and V2I. As in most PKIs, revocation is