C-ITS Secure Communications (CSC)

 

Introduction

This project is performed in CEN/TC 278/WG16.

Intelligent Transport Systems (ITS) means applying information and communications technologies in the road transport domain with the goal to improve overall traffic in terms of safety, efficiency and comfort. Whilst initially "silo-solutions" were predominantly developed and deployed for the different ITS service domains (e.g. Electronic Fee Collection / Road Tolling, eCall, Public Transport, Traffic and Traveler Information), about two decades ago the idea of "Cooperative ITS" (C-ITS) was developed to suppport sharing of data, components and software (e.g. radio transceivers, GNSS equipment, software-based facilities) amongst service domains. That led to an ITS station and communication architecture specified in ISO 21217 as a "Bounded Secured Managed Domain" and a related set of standards supporting:

  • hybrid communications (neutrality of technology where applicable)
  • portability of ITS applications
  • security and privacy

and avoiding vendor lock-in in a future-proof way with management centres that remotely connect to their associated ITS station units taking care of their whole life-cycle. 

 

Objectives

The objectives of the CSC project are to

  • support deployment of C-ITS solutions in Europe for road safety and traffic management as pursued under the framework of pilot deployment of C-ITS services (C-ROADS, C-ITS Corridor, Converge, SCOOP, NordicWay, ...):
    • sharing of data from sensor and control networks between the various C-ITS user entities using all kind of connectivity means (hybrid
      communications) for extended deployment of C-ITS use cases
    • session security to ensure location and data privacy, trust and reliability
    • reliable location and time referencing to increase the value of the collected data
    • providing guidelines on the use of standards
  • support an internationally harmonized approach towards global C-ITS
  • develop four CEN Technical Specifications, each for a specific C-ITS feature designed for ITS-SUs conformant with ISO 21217:
    • Position, velocity and time (PVT) service
    • Global transport data management (GTDM) framework
    • Secure session establishment
    • Communication profiles
  • develop a CEN Technical Report that provides guidelines on the usage of C-ITS standards:
    • Standardisation landscape and releases
    • Hybrid communications
    • Security

The set of these five deliverables complements the set of existing C-ITS standards. Standards that are considered by the project to be relevant for C-ITS deployment are presented below; see "C-ITS cluster of SDO deliverables".

 

Webinars

A series of webinars on C-ITS standardization will be held during 2020. You may register for attending a webinar by sending an This email address is being protected from spambots. You need JavaScript enabled to view it., providing your name, your affiliation, country of residence, and the date of the respective webinar. Upon registration, you will receive an email with the login information.

The first webinar will be on 21. April 2020 from 13:00h through 17:00h.

 

Scope

The overall scope of the above mentioned five deliverables is as follows:

CEN/TS 21176: Cooperative intelligent transport systems – Position, velocity and time functionality in the ITS station

This document specifies a generic position, velocity and time (PVT) service. It further specifies the PVT service within the ITS station (ITS-S) facilities layer and its interface to other functionalities in an ITS-S such as:

  • ITS-S application processes defined in ISO 21217
  • the generic facilities service handler (FSH) functionality of the ITS station facilities layer, defined in ISO/TS 17429

This document specifies:

  • a PVT service which, dependent on a specific implementation, uses a variety of positioning-related sources (global navigation satellite system, roadside infrastructure, cellular infrastructure, kinematic state sensors, vision sensors)
  • a PVT service, which merges data from the above-mentioned positioning-related sources and provides the PVT output parameters (carrying the PVT information) including the associated quality (e.g. accuracy)
  • optionally specifies the PVT service as a capability of the ITS-S facilities layer (see ISO 24102-6)
  • how the PVT service is integrated as an ITS-S capability of the ITS station facilities layer
  • the interface function calls and responses (Service Access Point – service primitives) between the PVT ITS-S capability and other functionalities of the ITS station architecture;
  • an ASN.1 module C-itsPvt providing ASN.1 type and value definitions
  • an implementation conformance statement proforma, as a basis for assessment of conformity to this document.

To define the associated conformance evaluation test procedures is outside the scope of this document.

CEN/TS 21177: Intelligent transport systems — ITS station security services for secure session establishment and authentication between trusted devices

This document contains specifications for a set of ITS station security services required to ensure the authenticity of the source and integrity of information exchanged between trusted entities:

  • devices operated as bounded secured managed entities, i.e. "ITS Station Communication Units" (ITS-SCU) and "ITS station units" (ITS-SU) specified in ISO 21217
  • between ITS-SUs (composed of one or several ITS-SCUs) and external trusted entities such as sensor and control networks

These services include authentication and secure session establishment which are required to exchange information in a trusted and secure manner.

These services are essential for many ITS applications and services including time-critical safety applications, automated driving, remote management of ITS stations (ISO 24102-2), and roadside / infrastructure related services.

This document is complemented by guidelines (contained in CEN/TR 21186-3, see below) on how security for C-ITS can work in general for all communication types (broadcast information dissemination and unicast sessions), considering especially what is needed in the infrastructure in addition to the technical features implemented in ITS station units.

CEN/TS 21184: Cooperative intelligent transport systems — Global transport data management (GTDM) framework

This document specifies a "Global Transport Data Management" (GTDM) framework composed of

  • a global transport basic data model
  • a global transport function monitor data model
  • a global transport access control data model

to support data exchange between ITS-S application processes and correct interpretation of these data.

This document defines standardized data classes in a "Global Transport Data Format" (GTDF), and means for managing them.

Data exchange between ITS stations is specified based on messages composed of a global unique identifier and the associated data part. The format of the data part is specified by a globally unique identifier pointing to a configuration including instructions for correct interpretation of the data part.

Application and role-based access control to GTDF resources are specified in conformance with IEEE 1609.2 certificates.

The set of ITS-S facility layer services is described as an ITS-S capability conformant with ISO 24102-6, which is an optional feature.

CEN/TS 21185: Cooperative intelligent transport systems — Communication profiles

This document specifies a methodology to define ITS-S communication profiles (ITS-SCPs) based on standardized communication protocols to interconnect trusted devices. These profiles enable information exchange between such trusted devices, including secure low-latency information exchange, in different configurations. This document also normatively specifies some ITS-SCPs based on the methodology, yet without the intent of covering all possible cases, in order to exemplify the methodology.

Configurations of trusted devices for which this document defines ITS-SCP’s include the following units according to ISO 21217:

  • ITS station communication units (ITS-SCU) of the same ITS station unit (ITS-SU), i.e. station-internal communications specified e.g. in ISO 24102-4
  • an ITS-SU and an external entity such as a sensor and control network, or a service in the Internet
  • ITS-SUs

The specifications given in this document can be applied to secured and to unsecured communications, both in unicast and groupcast communications mode.

CEN/TR 21186: Cooperative intelligent transport systems — Guidelines on the usage of standards

Part 1: Standardization landscape and releases:
This document describes standardization activities related to C-ITS on a global level by major standard development organizations (SDOs). It explains the various purposes of deliverables from SDOs and introduces a classification scheme of such documents. It presents an overview of standards with special relevance for C-ITS. It identifies an approach for C-ITS releases and exemplifies this approach.

Part 2: Hybrid communications:
This document serves as a guideline explaining the concept of hybrid communications and support functionalities in Cooperative ITS services deployed in compliance with the ITS station architecture and related Cooperative ITS standards.

It is targeted to developers of Cooperative ITS solutions specifications and developers of ITS applications.

Part 3: Security:
This document explains usage of the various technical security means (ITS-S services) relevant for C-ITS, considering both the broadcast information dissemination (signing of messages) and unicast communications (sessions).

It explains the necessary framework needed for deployment of secure C-ITS services.

 

C-ITS cluster of SDO deliverables

C-ITS standards can be grouped in nine areas as presented in TR 21186-1:

  • System architecture
  • Station architecture
  • ITS applications, messages, data
  • Station management
  • Security
  • Access layer technologies
  • Network and transport layer technologies
  • Facility layer technologies
  • Protocol stack

This grouping is used to present the cluster of relevant SDO deliverables. Some of them are essential to ensure interoperability between equipment from different manufacturers, others are essential for portability of ITS applications, a final group is a beneficial aid to simplify ITS-SU design and help ensuring operation of ITS-SUs at an acceptable level of functionality and performance in a future-proof way.

Overview of relevant standards for C-ITS

The following figure provides an overview of relevant standards for C-ITS.

ITS S