Carsten Maple, professor of cyber systems engineering at Warwick Manufacturing Group (WMG), University of Warwick, UK, looks at some of the obstacles faced when creating a connected mobility network, and how they might be solved
The concept of widespread connected and automated mobility (CAM) is quickly becoming something of a reality thanks to a national and global push to develop the next generation of transport solutions. An integral part of the UK government’s Road to Zero strategy, CAM is expected to become widely deployed across the nation and will be a key driver behind ambitions to eventually achieve zero accidents, zero congestion and zero emissions on the road.
Evolving into a sector that is predicted to be worth £907bn (US$1.1tn) by 2035, CAM has also conjured new societal and technological challenges that need to be considered. At WMG, University of Warwick, we’ve been tackling some of these challenges by focusing on how to improve security, privacy and safety in connected and automated vehicles from a cyber-perspective, conducting rigorous testing and exploring innovative technologies in a real-world environment.
Overcoming public anxiety
It’s not surprising to see that earning the public’s trust and subsequently reducing anxiety around this new form of travel is somewhat of a barrier to widespread adoption. However, our work to improve the privacy and safety of connected and automated vehicles will help to demonstrate the scalability and wider benefits of this new technology.
Our real-world testing considers how vehicles will connect with each other, as well as with the roadside infrastructure, and also how parts of this infrastructure can be intelligent in the ways they share information with each other. Our work considers how this connectivity informs the automated activity of vehicles and more importantly influences how we expect vehicles to react when a data breach is attempted. For example, if a hacker manages to access the data in a vehicle or vehicular system, how do we safeguard against compromising the vehicle’s identity and history? How do we protect the locations the vehicle has visited? Or, indeed, how do we control what the vehicle does next in terms of its interactions with the roadside and other vehicles following a breach?
Transferring information within the roadside infrastructure
When a vehicle is traveling down a road it may meet multiple vehicles in a short space of time. In order to check the identity of these vehicles, the key of the other vehicle needs to be verified. However, having to check this in-cloud infrastructure creates additional communication overhead, increasing the time before the vehicle receives the necessary verification. Instead, through the use of ‘Decentralized PKI’, vehicles can verify messages much faster as the key information is distributed over edge infrastructure that sits next to the road. Essentially this means that the roadside infrastructure can communicate with each other and directly transfer shared information, such as traffic levels, vehicle speed and direction. This eliminates the reliance on cloud servers, saving communication time.
Protecting a vehicle’s identity
For a vehicle to send and receive these sorts of messages from other vehicles and the roadside effectively and reliably, it is important that the messages it sends contain proof that the vehicle is what it claims to be; these messages can be transmitted between cars or the road’s infrastructure from up to 500m (1,640ft) away. Our ‘Group Signatures’ solution proves a vehicle’s identity without allowing that individual vehicle to be tracked over a long time. This method only indicates that the vehicle is a member of a group, making it much harder for privacy to be compromised, revealing the history of all the locations a vehicle, and therefore an individual, has visited.
Verifying vehicle identities
However, it is an expensive task for a vehicle to verify another’s identity. Vehicles will have limited computing resources and so will only be able to verify a specific number of identities of senders of messages per second.
Therefore, with our ‘Authentication Prioritization’ solution, the order in which the identity of messages is verified is decided based on assigning a priority to the messages. These priorities can be defined by vehicle distance, direction of travel or positioning on the road. A higher priority means that those messages are verified first.
Embedding the foundations for effective adoption
As we continue our research into privacy and security issues associated with CAM, our end goal is to achieve the right technological balance to enable effective and quick communication between vehicles and the roadside infrastructure, while protecting the privacy of individual vehicles and allowing reliable and safe messages to be filtered by vehicles in order of importance. At WMG we are making significant strides toward achieving these goals and supporting the ultimate objective of assisting with the widespread adoption of CAM on UK roads.