Technology.am (Sept. 15, 2009) — A European research project works out how to keep car-to-car data transmissions private and secure from malicious hackers.
How will you save if a hacker could send bogus messages to vehicles you drive and instruct you to brake hard and that actually cause an accident behind?
Hackers could invent fake traffic jams, encourage drivers to take alternative routes, and then enjoy speeding along clear roads. Insecure communication systems could also let criminals track individual cars or harass drivers with unwanted alerts or spam messages.
“Car-makers and equipment manufacturers have to be certain that communication channels between cars and roadside infrastructure are secure from hackers and criminals and that their privacy is maintained,” explains Trialog’s Antonio Kung, coordinator of a European research project that has proposed a blueprint for secure car-to-car (C2C) connections.
The SEVECOM project brought together leading car and equipment manufacturers and ICT research institutes to agree on a security architecture that everyone could easily ‘bolt on’ to their proprietary C2C applications and ensure secure data transmission.
Kung said, “We have developed a general way to add a security module to C2C systems for all existing industry standards. We are interested in the communication ‘tube’ used to exchange messages among cars and between cars and infrastructure.
One of the project’s most important proposals is that car communication should not use a fixed ID tag in its transmissions, which would open up the potential for cars to be tracked.
“Instead,” says Kung, “Cars should use pseudonyms which get changed several times, for example every time the ignition is turned on or at regular times during a trip. This would make malicious wireless communication tracking of individual vehicles almost impossible.”
“The security module had to be independent of all the other communication technology and protocols involved in transmitting data.”
CVIS is developing integrated solutions for installation in the vehicle and roadside equipment to allow vehicles to interact with each other and with operators of road infrastructure. CVIS will use SEVECOM’s architecture to provide security in its applications.