A Security Credential Management System for V2X Communications

Abstract

The US Department of Transportation (USDOT) issued a proposed rule on January 12th, 2017 to mandate vehicle-to-vehicle (V2V) safety communications in light vehicles in the US. Cybersecurity and privacy are major challenges for such a deployment. The authors present a Security Credential Management System (SCMS) for vehicle-to-everything (V2X) communications in this paper, which has been developed by the Crash Avoidance Metrics Partners LLC (CAMP) under a Cooperative Agreement with the USDOT. This system design is currently transitioning from research to Proof-of-Concept, and is a leading candidate to support the establishment of a nationwide Public Key Infrastructure (PKI) for V2X security. It issues digital certificates to participating vehicles and infrastructure nodes for trustworthy communications among them, which is necessary for safety and mobility applications that are based on V2X communications. The main design goal is to provide both security and privacy to the largest extent reasonable and possible. To achieve a reasonable level of privacy in this context, vehicles are issued pseudonym certificates, and the generation and provisioning of those certificates are divided among multiple organizations. Given the large number of pseudonym certificates per vehicle, one of the main challenges is to facilitate efficient revocation of misbehaving or malfunctioning vehicles, while preserving privacy against attacks from insiders. The proposed SCMS supports all identified V2X use-cases and certificate types necessary for V2X communication security. This paper is based upon work supported by the USDOT. Any opinions, findings, and conclusions or recommendations expressed in this publication are those of the Authors (we) and do not necessarily reflect the view of the USDOT.