Is ITS Security ready for deployment?
Frank Kargl | PRESERVE & Univ. of Twente & Univ. of Ulm ETSI ITS Workshop | 2014-02-12/13 | Berlin
FP7$ICT$2009$6.2,.STREP,.No..269994.1.1.2011.–.31.12.2014.
2.ETSI ITS WS 2014 | 2014-02-12/13
Secure.IVC.
V2X.Security.Subsystem.
Security.and.Scalability.TesHng.
3.
ITS.Privacy.
In$Vehicle.Sec..
Sec..Appl..Plat..
Security.and.Privacy.Arch..and.ImplementaHon!
Security.ASIC!
Deployment.Challenges!
V2X.FOT.
ETSI.ITS.WS.2014.|.2014$02$12/13.
Mission: Design, implement, and test a secure and scalable V2X Security Subsystem for realistic deployment scenarios.
Is ITS Security ready for deployment?
ETSI ITS WS 2014 | 2014-02-12/13 4
Yes No and
The most important elements are in place.
It will never be! After deployment, we will constantly need to adjust
the security system to new threats and attacks.
Central Elements of ITS Security
Misbehavior Detection
Privacy Protection ID Management
ETSI ITS WS 2014 | 2014-02-12/13 5
How do we ensure that only valid vehicles participate in ITS communication?
How do we protect vehicles and drivers from being tracked?
How do we prevent a valid vehicle from injecting incorrect data into the ITS? ✔
✔
?
PRESERVE V2X Sec. Arch.
ETSI ITS WS 2014 | 2014-02-12/13 6
Internal Communication
Applications
Access
Security
Managem
ent
Road Safety Road Traffic Efficiency Comfort and Mobility
Networking & Transport
Facilities Secure Information
Security Management
Security Analysis Security Policies
Audit
Monitoring
Logging
Secure Software
Secure Storage
Data Consistency and Plausibility
Privacy Protection
Secure Communication
Cryptographic Operations
Credential Management Security Entities Management
External Communication
SF
SN
SI MI
MN
MF
FA SA
Policy Storage
Policy Management
Policy Enforcement
Internal Communication
External Communication
MS
NF
IN
MA
Message Signatures, Pseudonyms & PKI
13.02.14 PRESERVE Overview 7
ITS
G5
Net
wor
k V
2X S
ecur
ity
Infra
stru
ctur
e Root Certificate Authority
Long-term Certificate Authority
Pseudonym Certificate Authority
LTC PC1 … PCn CA certs.
IP V2X message
PC1
RSU
Vehicles
ITS G5
PRESERVE & C2C-CC Security Architecture Workshop ! June 5th, 2013 in Ulm, Germany
! Goal: Discuss open architecture and implementation related issues
– Relation of IP and non-IP communication from a security perspective
– Parallel processing of packets in the communication stack to fully exploit HSM performance
– Verification-on-demand, certificate omission and their relation to Distributed Congestion Control
– Meta-data and cross-layer signalling of security information – Development of the PKI architecture in more complex ITS
settings – Design of Misbehavior Detection
ETSI ITS WS 2014 | 2014-02-12/13 8
Verification on Demand, Cert. Omission, & DCC
ETSI ITS WS 2014 | 2014-02-12/13 9
Receiving 1000 packets/s
Over 1000 ECC sig.ver. / s
Do not verify some packets
Add powerful HSM
Strategy?
Attach cert?
Some packets
All packets Congestion!
Crypt. packetloss
Strategy?
Parallel processing in V2X Stack
ETSI ITS WS 2014 | 2014-02-12/13 10
Access
Networking &
Transport
Facilities
Managem
ent
Applications
V2X Security Subsystem
SI
SN
SF
MI
MN
MF
MS
MA FA SA
1000 ver./s 1 ms/ver.
ECC CORE
ECC CORE
1000 ver./s 6 ms/ver.
ECC CORE
ECC CORE
ECC CORE
ECC CORE
Misbehavior Detection What to do about (valid) nodes injection incorrect information into the ITS?
Frank Kargl | Institute of Distributed Systems | 04.
February 2014
Misbehavior Detection
Data-centric Node-centric
Plausibility Consistency Trust-based Behavioral
! Different detection mechanisms need to collaborate for reliable det.
! Need to be extended depending on type of misbehavior / attacks encountered after deployment
! Need to include a flexible MBD-framework into V2X security architecture
Summary ! Major V2X security mechanisms in place ! Recommendations
– Consider integration of security certificate omission strategy with DCC
– C2X communication stack implementation needs to consider specifics of security HSM
– Consider and integrate misbehavior detection framework into overall architecture
– For discussion of other topics, see PRESERVE deliverable D1.3 (coming soon)
ETSI ITS WS 2014 | 2014-02-12/13 12