HSM requirements for V2X connected cars communications (E13b)
The automotive industry has rapidly evolved in recent times in such a way that the cars have been transformed from a simple mode of transport to the ultimate mobile device. The current “connected car†has pulled out the car from its isolation featuring wireless technologies like V2X communications, Near Field Communication (NFC) and multi-standard digital broadcast reception used to implement autonomous driving capabilities.
V2X (vehicle to everything) refers to the car’s communication system, where information from sensors and other sources travels via high-bandwidth, low-latency, high-reliability links, smoothing the way to the fully autonomous driving. There are several scenarios of V2X including vehicle-to-vehicle (V2V), vehicle-to-infrastructure (V2I), vehicle-to-pedestrian (V2P) and vehicle-to-network (V2N) communications. In these scenarios, cars talk to other cars, to infrastructure such as traffic lights, to smartphone pedestrians, and to data centres. There are two types of V2X communication technology depending on the underlying technology being used: WLAN-based, and cellular-based.
These communications functions, which continuously generate, process, exchange and store large amounts of data, may cause risks, should they be compromised. The impact of these risks may vary between safety, security or privacy concerns. The wireless interfaces connect the in-vehicle systems of the cars to external networks which are entry points for hackers for remote attacks. For this reason, components involved in V2X communications are described as assets and require appropriate protection. Protections are coming from the familiar cryptography implementations, trusted channels, access control policies, etc. and shall be implemented at different layers of the vehicle network: external interfaces, gateway, internal network and platform (processing units).
In a V2X environment, the gateway is the key component in charge of securing communications between vehicles (V2V) and between vehicles and their environment (V2I, V2P, etc.) providing also internal domain isolation. For increasing security, V2X gateways usually rely on a Trusted Platform Module (TPM) or a Hardware Security Module (HSM) for cryptographic operations and key management.
This presentation will address an analysis of the V2X gateway + HSM security architecture including the security requirements that resolve the security problem defined for the V2X environment.