gnu radio software defined dsrc radio · final report: vehicle infrastructure integration proof of...
TRANSCRIPT
Institute for Critical Technology and Applied Science
GNU Radio Software Defined DSRC Radio
Joseph M. Ernst, PhDResearch Assistant Professor
(540) 231-2254, [email protected]
11/2016
11/2016 2
Motivation
https://www.youtube.com/watch?v=MK0SrxBC1xs
Cyber Vulnerabilities
• Blind spot warnings
• Forward collision warnings
• Sudden braking ahead warnings
• Intersection collision avoidance and movement assistance
• Approaching emergency vehicle warning
• Transit or emergency vehicle signal priority
• Electronic parking and toll payments
Planned DSRC Related Automation
11/2016 3
Long Term Goals
DSRC RadioImplementation
DSRC RadioCyber Security
VehicleCyber Security
11/2016 4
NSHTA Levels of AutomationAutomation Level Description
Level 0 No-Automation
The driver is in complete and sole control of the primary vehicle controls – brake, steering, throttle, and motive power – at all times.
Level 1Function-specific Automation
Automation at this level involves one or more specific control functions. Examples include electronic stability control or pre-charged brakes, where the vehicle automatically assists with braking to enable the driver to regain control of the vehicle or stop faster than possible by acting alone.
Level 2Combined Function Automation
This level involves automation of at least two primary control functions designed to work in unison to relieve the driver of control of those functions. An example of combined functions enabling a Level 2 system is adaptive cruise control in combination with lane centering.
Level 3Limited Self-Driving Automation
Vehicles at this level of automation enable the driver to cede full control of all safety-critical functions under certain traffic or environmental conditions and in those conditions to rely heavily on the vehicle to monitor for changes in those conditions requiring transition back to driver control. The driver is expected to be available for occasional control, but with sufficiently comfortable transition time. The Google car is an example of limited self-driving automation.
Level 4Full Self-Driving Automation
The vehicle is designed to perform all safety-critical driving functions and monitor roadway conditions for an entire trip. Such a design anticipates that the driver will provide destination or navigation input, but is not expected to be available for control at any time during the trip. This includes both occupied and unoccupied vehicles.
http://www.nhtsa.gov/About+NHTSA/Press+Releases/U.S.+Department+of+Transportation+Releases+Policy+on+Automated+Vehicle+Development
11/2016 5
DSRC Background
Category Description
Designated licensed bandwidth
For secure, reliable communications to take place. It is primarily allocated for vehicle safety applications by FCC Report and Order FCC 03-324.
Low Latency Active safety applications must recognize each other and transmit messages to each other in milliseconds without delay.
Fast Network Acquisition
Active safety applications require the immediate establishment of communication and frequent updates.
High Reliability when Required
Active safety applications require a high level of link reliability. DSRC works in high vehicle speed mobility conditions and delivers performance immune to extreme weather conditions (e.g. rain, fog, snow, etc.).
Priority for Safety Applications
Safety applications on DSRC are given priority over non-safety applications.
Interoperability DSRC ensures interoperability, which is the key to successful deployment of active safety applications, using widely accepted standards. It supports both V2V and V2I communications.
Security and Privacy DSRC provides safety message authentication and privacy.
http://www.its.dot.gov/factsheets/dsrc_factsheet.htm
11/2016 6
Number Finding
SEC-1 Security system generally works as expected, but testing is difficult since all systems must operate properly. Security system has a tendency to be brittle in that any minor anomaly can cause it to prevent communications; although security system is functioning properly, it cannot always discriminate between other system anomalies or errors and false or malicious messages.
SEC-2 WSM verification works properly, but verification performance at higher rates could not be assessed due to operational issueswith the OBE.
SEC-3 WSA Signing checks effectively ignore WSAs if out of geographic, time or operational scope; however, errors in position can lead to erroneously rejected messages.
SEC-4 Messages can be signed by system and successfully validated (or not) based on location, and time (message age); however, misalignment of OBE clocks can cause erroneous rejection of messages.
SEC-5 System can replace certificates (identified and anonymous) over the air during typical RSE encounters at road speeds.
SEC-6 System successfully rejects messages with expired or revoked credentials.
SEC-7 Anonymous certificate functionality (system to prevent the ability to track) was not measured (cost and schedule issues).
SEC-8 Certificate Revocation List (CRL) capability appears to be acceptable for moderately sized CRLs; the system was able to download CRLs with up to 30K entries at 65 mph past an RSE.
SEC-9 End-to-End encryption of IP packets using IEEE 1609 protocol was successful and operated at usable data rates.
SEC-10 Overall viability of anonymous authentication system needs to be refined to determine manageability and to refine management policies and processes.
DSRC Security ConcernsFinal Report: Vehicle Infrastructure Integration Proof of Concept – Executive Summary (Vehicle)
5.1.3 Security Service
11/2016 7
Software Defined Radio
RF Front EndAntenna
N210
ADC FPGA MixerBaseband
Demodulator
Computer
RF Front EndAntenna
E310
ADC FPGA MixerBaseband
Demodulator
RF Front EndAntenna
Radio
ADCASIC
DemodulatorMixer
11/2016 8
USRP E310
5.2”
2.7”
1.0”
11/2016 9
• Provide complete open source GNU Radio solution for DSRC
• Implement DSRC solution on E310 (ARM)
• Test RF characteristics of implementation
• Initial characterization of cyber concerns
Intermediate Goals
11/2016 10
Schedule
Objectives 1 2 3 4 5 6 7 8
1) Equipment Procurement
2) Execution of existing receiver functionality
3) Development of transmitter waveforms
4) GNU Radio simulations
5) Over the air testing of Tx/Rx
6) Investigation of cyber vulnerabilities
7) Final Report
11/2016 11
Risk AssessmentSe
veri
ty
5 4
4
3 6
2 3 2
1 1,5
1 2 3 4 5
Likelihood
Risk Description
1 Open-Source Software will not be as functional as advertised
2 E310 USRP will not be able to process the waveforms in real time
3 Transmit power for E310 does not have sufficient range for in-vehicle tests
4 DSRC standard is abandoned by connected vehicle community
5 USRP hardware is backordered
6 Appropriate GRA is unavailable
