V2X: Hybrid communication, homogeneous IT security
Mobility promises us a future of connected driving: an increase in driving safety and road safety, autonomous driving, better traffic flow, less harm to the environment, and enhanced public and goods transportation. The key to making this future a reality is the cooperative intelligent transportation system (C-ITS), which enables vehicles to exchange information with other vehicles and with traffic infrastructure in real time. This is known as V2X (Vehicle-to-everything) communication. Up to now, V2X communication has been based primarily on ITS-G5, a dedicated short-range communication (DSRC) standard. This means that the exchange of data between vehicles and roadside equipment happens through direct WLAN communication.
But this is set to change. The wheels are already in motion to use also the LTE-V wireless standard (today 4G, soon to be 5G) for V2X data exchange. In the future, thanks to new kinds of wireless chips installed in devices, it will be possible to involve other road users (e.g. pedestrians, cyclists) in the communication process in the form of direct, ad hoc data exchange (C-V2X autonomous) between devices. At the same time, other standardized concepts are being put into the mix: mobile edge computing (MEC), which distributes messages via a cellular network at close range (e.g. for tailback warnings), and traditional wireless communication via cell towers for communication with cloud and backend services.
A consistent, intelligent structure for protocol stacks
In all likelihood, we can expect to see various types of V2X communication designed to serve different channels and standards, depending on the particular use case and entity. But the question remains: How do we efficiently secure such hybrid V2X communication? It would be entirely wrong to think that each of the different transmission channels should have its own security solution. Instead, what is called for is a security concept that is effective across the full spectrum of V2X communication with all its different use cases.
The solution lies in ensuring the protocol stacks used for V2X communication between all V2X devices have a consistent, intelligent structure. V2X messages are generated on the application or device level and relayed to the transport and transmission level. This is where the security header is added to each V2X message via the security components interface. The header includes the message signature and the associated certificate; if necessary, the message can be symmetrically encrypted in a second step. Information relating to the symmetric key is included in the header to enable recipients to decrypt the V2X message. To ensure data protection for the entities communicating via the V2X network, each V2X message receives a signature before it is encrypted. This way, even within a hybrid communication network, security for V2X data exchange fulfills all requirements: data integrity, sender authenticity, sender authorization, replay detection, confidentiality, privacy protection, reliability, and revocation of trust.
Road testing with the CONCORDA project
Hybrid communication for vehicles is a sensible and useful development for connected driving. It paves the way for integrating more systems, road users, and services into V2X data exchange. At the same time, IT security is and will remain a necessary and fundamental condition for V2X. Establishing an intelligent concept means consistent, homogeneous, and efficient IT security across the various V2X communications channels and standards.
A trial run is currently underway on test routes in the Netherlands, Belgium, Germany, France, and Spain in the shape of the CONCORDA (Connected Corridor for Driving Automation) project, which is being funded in a part by the European Union and carried out in collaboration with companies including ESCRYPT, Deutsche Telekom, Nokia, Bosch, and Volkswagen. By mid-2020, CONCORDA will have shown how a hybrid V2X communications system with ITS-G5, LTE connectivity, and a consistent IT security architecture performs in practice.
You can find detailed information about V2X security in hybrid networks here.