security and privacy for a connected vehicle environment ...1 security and privacy for a connected...
TRANSCRIPT
![Page 1: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/1.jpg)
1
Security and privacy for a connected vehicle environmentSCMS Overview
End Entity Requirements and InterfacesDean Therriault - GM/CAMP
Benedikt Brecht – VWGoA/CAMP
[email protected]@ibr.cs.tu-bs.de
![Page 3: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/3.jpg)
3August 2016 -- CAMP – VSC5 Consortium Proprietary --
Photo Source: Núria i JC via Flickr
establish trust
![Page 4: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/4.jpg)
4
Photo Source Wiertz Sébastien via Flickr
Sign messages & verify signature
![Page 5: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/5.jpg)
5
Photo Source: Independent.co.uk
Ensure privacy
![Page 6: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/6.jpg)
6Photo Source: depositphotos.com
Long-term certificate used in interactions with SCMS
Where does it come from?How does the EE get it?
![Page 7: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/7.jpg)
7
Photo Source: REUTERS/Ricardo Mo
Pseudonym certificate batch
![Page 8: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/8.jpg)
8
Photo Source: Brittni Gee Photography via Flickr
Misbehavior Detection
![Page 9: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/9.jpg)
9
Photo Source: Andy Devlin/NHLI via Getty Images
Penalty / device
revocationDevice should no longer be trusted - MA revokes certificates via Certificate Revocation List (CRL)
![Page 10: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/10.jpg)
10August 2016 -- CAMP – VSC5 Consortium Proprietary --
V2X SCMS Architecture
Root Management Function
Certification Services
Enrollment CA
Pseudonym CA
Linkage Authority 1
Linkage Authority 2
Registration Authority
Location Obscurer Proxy
Misbehavior Authority
CRL Store
CRL Generator
Global Detection
Policy TechnicalSCMS Manager
OBEs ASDs
Device Config. Manager
Legend
Air gapped communicationRegular communicationOut-of-band communication
Not Intrinsically Central
Intrinsically Central
CRL Broadcast
Intermediate CA
ElectorA
Root CA
ElectorB
ElectorC
Policy Generator
All SCMSComponents
Version: Page-1
RSEs
![Page 11: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/11.jpg)
11August 2016 -- CAMP – VSC5 Consortium Proprietary --
SCMS PoC Environment
DevelopASDs
DevelopRSUs
Device Suppliers
Operation Protocols
Set Policies
End Entity User Group
Maintain Source Code Fix Bugs Develop
New SystemCapabilities
SupportRegistration
GeneralSupport
End User Interface
WyomingTampaNYC Ann Arbor
Future Sites
Develop OBUs
Develop Technical
Procedures
Pseudonym Certificate
Generate Credentials
Establish Technical Operations
Provide SCMSTech Support
SCMS POC Governmental Management
SCMS Operation QA & Production
SCMS Technical Management
SCMS POC Development
New Requirements(If necessary)
Connected Vehicle Support Services
Device Reg. & Support
Deployment Sites
Policies/Protocols/
Basic Procedures
New/AlternativeFunctions/Fixes
Software Releases
System Documentation
Procedures, Configurations & Certificates
Policies & Organizational Protocols
Technical Procedures
Implement New
Functions
Support System Evaluation
Test DevicesCertifyDevices
End Entity Security RequirementsCertification Services
Devices For Testing
CertificationDocumentation
Certified Devices
SCMS PoC USDOT Management & Policy Task Force
End User & SCMSTechnical Liasion
Support Incident Studies
National Prototype Policy Development
Analysis of PoC Policies
Adapt & Additional Prototype
Policies
USDOT SCMS Policy
Statement
SCMS PoC Management Environment
![Page 12: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/12.jpg)
12August 2016 -- CAMP – VSC5 Consortium Proprietary --
SCMS “Operations” - Environments
CAMP Dev Stage(part of SoW)
QA Stage(based on existing hardware – part
of the SoW)
Production Stage(part of the SoW)
Root cause foundFix bugBug fixed
Deploy bug-fix Deploy bug-fix
Bug-fix component test Bug-fix integration /
system test
CV pilot use
![Page 13: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/13.jpg)
13
EE basics and interfaces
End Entity Basics
![Page 14: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/14.jpg)
14
EnrollGet Pseudonyms
Communicate<Repeat>
End Entity Basics
![Page 15: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/15.jpg)
15
Enroll
Enrollment is the EEs entry point to the SCMS- Every EE must be provisioned with an Enrollment Certificate
Enrollment is the EEs entry point to the SCMS• Enrollment Certificate = long term (life of device)
• Ticket for admission to SCMS• Every EE must be provisioned with an Enrollment
Certificate• part of bootstrap process• Expected to cover the lifetime of EE (OBE, RSE/U)• OEM specific/proprietary
• Enrollment environment governed by SCMS Manager policy
More OBE: wiki.campllc.org/display/SCP/Step+2.2%3A+OBE+EnrollmentMore RSE: wiki.campllc.org/display/SCP/Step+12.2%3A+RSE+Enrollment
![Page 16: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/16.jpg)
16
Manual Enrollment Process
• Manual process will be utilized for initial deployment• Later versions of the system will implement an automated process
CV Pilot Bootstrapping Process
USDO
TCV
Pilo
t De
velo
per
SCM
S Op
erat
or
Phase
2. Review Request
3. Verify Certification
Results
4. Request Approved?
No
Yes 5. Generate Initialization &
Enrollment Data
6. Create Bootstrap ZIP File & encrypt
7. Decrypt & Unzip
Boostrap File
8. Upload Bootstrap Data
to Devices
1. Create Bootstrap Request
9. Request pseudonym certificates
![Page 17: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/17.jpg)
17Photo Source: depositphotos.com
DCM – Secure Environment- ECA provides a one-time, long term enrollment
certificate - OEM can design and implement into existing
mfg. processes- No “interface” to the SCMS
![Page 18: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/18.jpg)
18
Secure Environment for Enrollment
• A documented procedure for performing the enrollment process
• A physically secure location where the enrollment will take place
• One or more authorized devices (computers) for managing the enrollment process
• An activity log or recording of the enrollment operations that were performed
• wiki.campllc.org/display/SCP/Secure+Environment+for+Device+Enrollment
![Page 19: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/19.jpg)
19
Get Pseudonym certs
Enrollment is the EEs entry point to the SCMS- Every EE must be provisioned with an Enrollment Certificate
• Pseudonym certs are short lived• Used for BSM authentication and MB
reporting• i-Period = 10140 minutes (1week+1hour)
• j-Value = 20 certs/i-Period (currently could change)
• EE-RA <--> PCA-RA
Requirements & process description: wiki.campllc.org/display/SCP/Use+Case+3%3A+OBE+Pseudonym+Certificates+ProvisioningRequest doc: wiki.campllc.org/display/SCP/RA+-+Request+Pseudonym+Certificate+Batch+ProvisioningDownload doc: wiki.campllc.org/display/SCP/RA+-+Download+Pseudonym+Certificate+BatchAdditional:• wiki.campllc.org/display/SCP/RA+-+Download+.info+file• wiki.campllc.org/display/SCP/RA+-+Download+Local+Policy+File• wiki.campllc.org/display/SCP/RA+-+Download+Local+Certificate+Chain+File
![Page 20: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/20.jpg)
20
Get Application Cert
Enrollment is the EEs entry point to the SCMS- Every EE must be provisioned with an Enrollment Certificate
• Application certs are short lived• NO Pseudonymity constraints
required• Validity period can vary (i-period)• One-to-one mapping of PSID and
SSP to enrollment cert• 1 valid application certificate per
application valid at a time • EE-RA <--> PCA-RA
Requirements & process description: wiki.campllc.org/display/SCP/Use+Case+13%3A+RSE+Application+Certificate+ProvisioningRequest doc: wiki.campllc.org/display/SCP/RA+-+Request+Application+Certificate+ProvisioningDownload doc: wiki.campllc.org/display/SCP/RA+-+Download+Application+CertificateAdditional:• wiki.campllc.org/display/SCP/RA+-+Download+.info+file• wiki.campllc.org/display/SCP/RA+-+Download+Local+Policy+File• wiki.campllc.org/display/SCP/RA+-+Download+Local+Certificate+Chain+File
![Page 21: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/21.jpg)
21
Get Identification Cert
Enrollment is the EEs entry point to the SCMS- Every EE must be provisioned with an Enrollment Certificate
• Identification certs are short lived• NO Pseudonymity constraints
required• Validity period can vary (i-period)• One-to-one mapping of PSID and
SSP to enrollment cert• 1 valid identity certificate per
application valid at a time • EE-RA <--> PCA-RA
Requirements & process description: wiki.campllc.org/display/SCP/Use+Case+19%3A+OBE+Identification+Certificate+ProvisioningRequest doc: wiki.campllc.org/display/SCP/RA+-+Request+Identification+Certificate+ProvisioningDownload doc: wiki.campllc.org/display/SCP/RA+-+Download+Identification+CertificateAdditional:• wiki.campllc.org/display/SCP/RA+-+Download+.info+file• wiki.campllc.org/display/SCP/RA+-+Download+Local+Policy+File• wiki.campllc.org/display/SCP/RA+-+Download+Local+Certificate+Chain+File
![Page 22: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/22.jpg)
22
Communicate – How?
Enrollment is the EEs entry point to the SCMS- Every EE must be provisioned with an Enrollment Certificate
The foundation of V2V safety is based on BSM• J2945/1 - “how to send a BSM”
• Frequency every 100ms using DSRC
![Page 23: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/23.jpg)
23
In the device
Enrollment is the EEs entry point to the SCMS- Every EE must be provisioned with an Enrollment Certificate
• Certificate management in the device• Send BSMs as defined in J2945/1
• BSM every 100ms• Change/rotate pseudo cert every 5mins
• Download and store new batches when possible• DSRC, WiFi, Cellular, etc
OBE(magic happens inside)
SCMS
![Page 24: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/24.jpg)
24August 2016 -- CAMP – VSC5 Consortium Proprietary --
Hardware, OS, and Software
• https://wiki.campllc.org/display/SPFR/Hardware%2C+Software+and+OS+Security+Requirements(work in progress eventual standard??)
• Have an HSM (FIPS 140-2 Level 2 [good])• FIPS 140-2 Level 3 [better] (yes more costly)
• Differentiate between (un)priviledged applications
![Page 25: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/25.jpg)
25
EE interface details
• End Entity Requirements Release 1.1 are here: www.its.dot.gov/pilots/pdf/SCMS_POC_EE_Requirements.pdf
“SHOW OF HANDS IF YOU’VE SEEN THIS DOCUMENT!”
• End Entity Requirements Release 1.2 will be here (published soon): wiki.campllc.org/display/SCP/SCMS+CV+Pilots+Documentation
• ASN.1 repository is here: stash.campllc.org/projects/SCMS/repos/scms-asn/browse
![Page 26: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/26.jpg)
26
CV Pilot validity
Enrollment is the EEs entry point to the SCMS- Every EE must be provisioned with an Enrollment Certificate
• CV Pilots supported by “SCMS Operations” project• 5 year duration• All EE CV pilot certs will expire at end of project duration
• All private keys to be destroyed
• EE certificate type• Section 2.1.2.4 of EE Requirements
• RootCA – 70 years / useable for 20• Component CA certs short enough to exercise rollover• Section 2.1.2.6.2 of EE Requirements
• Every EE must conform to J2945/1 when sending BSMs
More: https://wiki.campllc.org/display/SCP/CV+Pilot+Certificate+Expiration+Timelines
![Page 27: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/27.jpg)
27August 2016 -- CAMP – VSC5 Consortium Proprietary --
Revocation handling
• Use Case 5: Misbehavior Reporting –wiki.campllc.org/display/SCP/Use+Case+5%3A+Misbehavior+Reportingwiki.campllc.org/display/SCP/RA+-+Submit+Misbehavior+Report
• Use Case 6: CRL Download –wiki.campllc.org/display/SCP/Use+Case+6%3A+CRL+Downloadwiki.campllc.org/display/SCP/MA+-+Download+CRL
• Use Case 8: OBE CRL Check –wiki.campllc.org/display/SCP/Step+8.4%3A+OBE+CRL+Check
• Use Case 16: RSE CRL Check –wiki.campllc.org/display/SCP/Step+16.4%3A+RSE+CRL+Check
![Page 28: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/28.jpg)
28
Photo Source: slideshare.net
![Page 29: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/29.jpg)
29
Photo Source: Wikimedia Commons/Jean-Pol GRANDMONT
Sources:• Elector-based Root Management System to Manage a Public Key Infrastructure:
http://priorart.ip.com/IPCOM/000245336• A security credential management system for V2V communications, Dec 2013
http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6737583• Vehicle Safety Communications Security Studies: Technical Design of the Security
Credential Management System, July 2013• Security Credential Management System Design, April 2012
http://www.its.dot.gov/meetings/pdf/Security_Design20120413.pdf• USDOT CV pilots awarded 2015: http://www.its.dot.gov/pilots/• USDOT Smart City Challenge: https://www.transportation.gov/smartcity• IEEE 1609.2: https://standards.ieee.org/findstds/standard/1609.2-2016.html• IEEE 802.11p: http://standards.ieee.org/getieee802/download/802.11-2012.pdf• SAE J2945/1: http://standards.sae.org/j2945/1_201603/
![Page 30: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/30.jpg)
30
Backup
![Page 31: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/31.jpg)
31
SCMS Trust Relationship
Enrollment CA
Pseudonym CA
Registration Authority
Location Obscurer Proxy
OBEs ASDs
Device Config. Manager
Intermediate CA
Root CA
Version: Page-1
RSEs
![Page 32: Security and privacy for a connected vehicle environment ...1 Security and privacy for a connected vehicle environment. SCMS Overview. End Entity Requirements and Interfaces. Dean](https://reader033.vdocuments.mx/reader033/viewer/2022043000/5f7766bedb707416a16a3aca/html5/thumbnails/32.jpg)
32
pseudonym certificate