The S2-Move project involves collecting vehicle data through on-board units and transmitting it to a central processing system for traffic estimation and fleet management services. Vehicles communicate vehicle-to-vehicle and vehicle-to-infrastructure to exchange soft real-time information. Security challenges are presented by the IEEE 802.11p protocol's lack of security. The project proposes using IEEE 1609.2 security services including public key infrastructure and symmetric/asymmetric cryptography. Future work will experimentally evaluate the protocols and investigate group management and trust models to ensure security and privacy in vehicle communication networks.

1. Pietro Marchetta, Eduard Natale, Alessandro Salvi,
Antonio Tirri, Manuela Tufo, and Davide De Pasquale
Trusted Information and Security
in Smart Mobility Scenarios:
the case of S2-Move Project*
www.s2-move.it
*grant number PON04A3_00058

2. The S2-Move project (1/3)
}
}
Soft-real time information exchange among citizens, public
administrations and transportation systems
Services
} Road traffic estimation
} Fleet Management and Fleet Control (platooning)
!2

3. The S2-Move project (2/3)
}
Each vehicle is equipped with a OBU (On-Board Unit)
} Collecting in-vehicle data
(e.g. speed, fuel consumption)
}
Sending data to a remote CPS
(Central Processing System)
}
V2V (Vehicle-to-Vehicle)
V2I (Vehicle-to-Infrastructure)
communication
!3

4. The S2-Move project (3/3)
}
CPS (Central Processing System)
}
Data acquisition
}
}
}
Urban probes
(smartphone, vehicles, etc.)
Data processing
Services providing on annotated map
Data
Transmission
Manager
Presentation
Layer
Logical
Units
Data
Layer
!4

5. Protocol for data transmission
}
IEEE 802.11p is based on a communication outside the
BSS (Basic Service Set)
} Does not provide any kind of security
Fabrication Attacks
Replay Attacks
(e.g. accident ahead!)
(e.g. wrong traffic estimation)
Sybil Attacks
(e.g subvert reputation system)
1
1.Traffic Jam!
2
2.Traffic Jam!
Traffic Jam!
3
!5
3.Traffic Jam!

6. Security Services
}
IEEE 1609.2 uses PKI (Public Key Infrastructure)
} Each vehicle comes with:
IEEE 1609.2
} TPM (Trusted Platform Module)
IEEE 802.11p
} stores public and private key
}
Certificate (proves the vehicle identity)
}
}
}
}
CA (Certification Authority) needed
!
Integrity, Authenticity
Confidentiality (optional)
Privacy, Trustworthiness
Symmetric (AES-CCM)
Asymmetric (ECIES)
!6

7. IEEE 1609.2 Authentication
!
!
!
!
!
!
!
!
!
PUB
ECDSA
TPM
PRV
MEX
}
CERT
…do we need confidentiality?
!7

8. Certification lacks
}
Certificate ⇏
} Privacy
}
Vehicle recognition/tracking
Correct behavior of a user
!
Suspicious vehicles identification
} Revocation of the Trusted Component (RTC)
} - if an attacker is able to block RTC messages
- then use Certificate Revocation Lists (CRL)
} RSU forwards the list to the vehicles
}
}
All clear!
Increase speed!
!8

9. Communication Privacy
}
Possible solutions
1. Aliases
} ELP (Electronic License Plate) - by CA or TPM
2. Group Keys (signatures)
} The group provides anonymity outside its membership
}
}
Group private and public keys
Group Manager
id_c
TPM
id_b
id_a
GK_B
!9
GK_A

10. Messages propagation
}
Symmetric key: leader generates and sends the key to members, encrypted
with their public key
} Areas must overlap
} Vehicle V owns both keys
!
}
Advantages
} reduced overhead
} doesn’t need to contact the CA
V
!
}
GK_B
GK_A
Disadvantages
} This system does not guarantee:
} non-repudiation → solution: unique group-key pair (assigned and
revoked by CA)
} privacy
!10

11. Trust Models
}
}
}
Traditional models
} Each vehicle assigns a reputation to other vehicles
} Scalability?
Novel techniques
} Each vehicle assigns a reputation to a group
} What about short-living groups?
!
Data-oriented trust models → message-related
} Vehicle type (ambulance, police, bus, etc.)
} Dempster-Shafer Theory
} Opinion piggybacking
!11

12. The case of S2-Move Project (1/2)
}
CPS (Central Processing System)
}
}
}
Certification Server
Group management (keys assignment)
!
CPS may be unattainable
}
relies on network availability
Data
Transmission
Manager
Presentation
Layer
Logical
Units
Data
Layer
!12

13. The case of S2-Move Project (2/2)
}
}
Solution
} Symmetric key when network is unavailable
} Integrity and Authenticity guaranteed
} Group Management
} Privacy guaranteed
Hybrid trust models
M1
M1
M2
M2
CA - GM
CA - GM
!13

14. Future work
}
Experimental evaluation
} 802.11p - 1609.2 on-road analysis
} delay measurement
} different speed conditions
!
}
Investigating on particular events
} Followers exits a fleet
} Leader pushes a follower out of a fleet
!
}
Issues
} cars may not be on the road - how to deal with it?
} fleet control
!14

15. Thanks!
www.s2-move.it

16. !16

17. ECDSA Algorithm
!17

18. Dempster-Shafer Theory (DST)
}
}
Bayesian theory → probabilities
Belief functions (DST) → degrees of belief
!
belief ≤ plausibility
!
e.g. accident on a certain road
Vehicle A P(R1)=0.1, P(R2)=0.9
Vehicle B P(R1)=0.1, P(R3)=0.9
Vehicle C P(R1)=0.1, P(R4)=0.9
R1
R4
R2
R3
!18