Connected mobility is developing at a rapid pace. The focus here is on functional and traffic safety together with intelligent technologies. Both are only possible through V2X communication: the exchange of data between vehicles and with the traffic infrastructure.
V2X constantly provides networked vehicles with a large amount of information to guide them, automated or not, to make decisions that are appropriate for traffic. The cybersecurity of V2X communications is of key importance. This is because the effectiveness of the system depends on how accurate and trustworthy the information is. Traditionally, in IT security, the trustworthiness of information is ensured by identifying and authenticating its sender.
ESCRYPT CycurV2X-PKI solution architecture
To ensure data security and privacy, V2X communications require a public key infrastructure (PKI) - the Security Credential Management System (SCMS) for North America (NA) and the Cooperative Intelligent Transportation System Credential Management System (CCMS) for Europe (EU). These PKI systems issue pseudonymous certificates that allow communicating systems to identify only authorized senders as trusted. SCMS and C-ITS CMS have long been used in numerous V2X pilot projects and are also envisioned for future national V2X infrastructures and beyond.
The ESCRYPT CycurV2X-PKI platform is a robust, modular and scalable standards-compliant credential management system that registers and manages complete vehicle and transportation infrastructure security services. In doing so, ESCRYPT CycurV2X-PKI implements the security services for both the North American and European V2X standards.
- Easy to integrate, deploy and manage, and compliant with IEEE 1609.2 and ETSI TS 103 097certificate format
- Simplify the implementation of complex PKI components for both IEEE and ETSI standards
- Reduce the initial investment through an easy-to-use platform and utilization of security software
- Reduced deployment risk through professional services
- Robust solution leveraging ETAS’ in depth certificate and key management expertise and deployment know-how
- Customer may choose a subset of the ETAS’ PKI components to operate with other external standard-compliant PKI components
- Modular bootstrapping and registration management process allows seamless integration with an existing device management setup
- Global certified and PKI-trained multi-tier operations support
ESCRYPT CycurV2X-PKI service offering
- PKI components are hosted in a highly available, certified and compliant environment using certified HSMs
- Supports pilot deployments through modular and compliant V2X PKI services
- The root certificate authority of the EU PKI can be listed on the official ECTL and supports an internal test ECTL with internal test TLM
- Multi-tier IT operations support throughout the pilot and production deployments
- Flexible deployment models