With privacy and data security currently a key topic in the Intelligent Transportation Systems (ITS) arena, the team working on a Cooperative ITS (C-ITS) project in the Netherlands has announced that it has developed and deployed Europe’s first Public Key Infrastructure (PKI) security system.
The new PKI system is currently being used to support cooperative or ‘connected’ driving tasks in the A58 Shockwave Traffic Jam project, but as the system is based on international standards, it is also suitable for large-scale application in other services and at other locations. The A58 motorway between Tilburg and Eindhoven is a test route for various C-ITS applications.
Since April, road users have been able to test two shockwave traffic jam services: FlowPatrol and ZOOF. Special equipment in their cars communicates with 34 WiFi-P beacons on the roadside. Based on detailed information about congestion and shockwave traffic jams, they receive personalized in-car speed advice, which enables them to better anticipate situations ahead that are not yet visible, allowing them to move through the traffic quickly and more easily.
To generate that advice, a great deal of data must be collected, stored, processed and transmitted. This involves ‘public’ data, such as traffic information and the advice that is ultimately transmitted by the roadside beacons. However, it also includes ‘personal’ data about the cooperative vehicles, such as their exact location, speed and direction. Using the latter type of data without any additional measures could quickly give rise to data security risks and privacy issues. That is why the consortia participating in the project, which includes Siemens, Technolution, Vialis, and V-tron, have developed a solution to curb those risks.
The most important element is the digital signing or ‘signature’ of all communications sent between roadside beacons and the cooperative equipment in vehicles, which guarantees the integrity and authenticity of the communication. This ensures that the data has been sent on by, and originates from, a reliable source, without being changed. The signing and verification process is called Public Key Infrastructure (PKI).
To safeguard the privacy of users, the ‘Talking Traffic kit’ equipment in each car has various digital identities that can be used to sign messages. They can change their unique identification (ID) Media Access Control (MAC) address every five minutes. As a result, they never broadcast the same ID longer than a few consecutive minutes, making it much harder for third parties to recognize and track a sender.
The major benefit of the new system is that it is actually meant for future developments and services. New services can be connected easily, and if a service requires additional security measures, it will not be necessary to fully adapt the system, as the existing platform can easily be expanded. As the PKI system is based on the ETSI and CEN European standards, the architecture that has been developed is broadly applicable and other parties can also join in, and develop, test and implement their own ITS services in regular traffic situations.
