Privacy and security challenges in smart and sustainable mobility

Applied Sciences

Intelligent transport system (ITS), owing to their potential to enhance road safety and improve traffic management, have attracted attention from automotive industries and academia in recent years. The underlying technology—i.e., vehicular ad-hoc networks (VANETs)—provide a means for vehicles to intelligently exchange messages regarding road and traffic conditions to enhance safety. The open nature of ITS as wireless communication technology leads to many security and privacy challenges. These challenges pertain to confidentiality, authentication, integrity, non-repudiation, location privacy, identity privacy, anonymity, certificate revocation, and certificate resolution. This article aims to propose a novel taxonomy of security and privacy issues and solutions in ITS. Furthermore, categorization of security and privacy schemes in ITS and their limitations are discussed with various parameters—scalability, privacy, computational cost, communication overhead, latency—and various type...

Intelligent Transportation system (ITS) is a system which integrates various components like decision, control, etc. The automobile industry is continuously evolving with time and huge industrialist are constantly working on the development and deployment of new technologies like self-driving cars, object-detection, etc. Thus, these technologies have increased the ease and efficiency to travel exponentially. Due to introduction of new technologies everyday the security has been a rising concern. The data of each individual is being collected and this data is vulnerable. Thus, this data has to be protected.

IEEE Access

Metropolitan transportation is a dynamic and non-linear complex system. In such a system, there are possibilities of altering, monitoring, forging, and accessing private, public, and resource information of depot staff and communicating agents by unauthorized agencies the metropolitan area. Existing solutions for the management of security and privacy of communicating agents in an intelligent public transportation system (IPTS) do not adapt to the dynamic occurrence of real-time event information. Therefore, existing solutions are insufficient to address the randomness and other characteristics pertaining to a non-linear complex system such as an intelligent transport system (ITS). To this end, in this article, we propose a privacy and security management scheme for ITS depot staff in a metropolitan area. This scheme provides privacy and security management in the transportation industry during the exchange of information regarding vehicle allocation, dispatch, revocation, financial, and maintenance. Absence of such an aforementioned scheme leads to anomalies such as impersonation of genuine staff and malicious and greedy staff. We use the emergent intelligence (EI) technique to collect, analyze, and share information, and take dynamic decisions during the security and privacy management of the depot staff in transport industries. The EI technique provides autonomy, flexibility, adaptiveness, robustness, self-organization, and evolution to address the randomness and behavior of a non-linear complex system pertaining to the transportation system in metropolitan areas. The proposed scheme is implemented using the Crypto++ package, and the results indicate that the scheme efficiently manages the security and privacy in transportation industries in metropolitan areas. INDEX TERMS Emergent intelligence, intelligent transportation systems, metropolitan area networks, privacy and security policy, pseudonyms, transport depot staff.

2015

Cooperative Intelligent Transportation Systems (C-ITS) allow in-vehicle systems, and ultimately the driver, to enhance their awareness of their surroundings by enabling communication between vehicles and road infrastructure. C-ITS are widely considered as the next major step in driving assistance systems, aiming at increasing safety, comfort and mobility for drivers. However, any communicating systems are subjected to security threats. A key component for providing secure communications at a large scale is a Public Key Infrastructure (PKI). Due to the safety-critical nature of Vehicle-to-Vehicle (V2V) communications, a C-ITS PKI has functional, performance and scalability requirements that differ from traditional non-automotive environments. This paper identifies and defines the key functional and security requirements for C-ITS PKI systems and analyses proposed C-ITS PKI standards against these requirements. In particular, the proposed US and European C-ITS PKI systems are identifi...

IEEE Access, 2021

With the proliferation of embedded technologies and wireless capabilities, today’s vehicles are no longer isolated mechanical machines. They become part of a hyper-connected system -Intelligent Transportation Systems (ITS)- that has the potential to support multiple levels of autonomy and intelligence improving considerably the safety, efficiency, and sustainability of transportation networks. However, this raises new security issues that make the whole system prone to cybersecurity attacks that threaten both the safety and privacy of all road-users. This article gives a short background tutorial on the main security issues and the different attacks that hinder Intelligent Transport Systems. To enable secure and safe ITS applications, this article provides a comprehensive analysis of existing solutions and highlights their strengths and limitations. Finally, this survey presents key challenges in the field, and discusses recent trends that must be factored in by researchers, impleme...

MDPI Sensors, 2019

Today, the Intelligent Transportation Systems (ITS) are already in deep integration phase all over the world. One of the most significant enablers for ITS are vehicle positioning and tracking techniques. Worldwide integration of ITS employing Dedicated Short Range Communications (DSRC) and European standard for vehicular communication, known as ETSI ITS-G5, brings a variety of options to improve the positioning in areas where GPS connectivity is lacking precision. Utilization of the ready infrastructure, next-generation cellular 5G networks, and surrounding electronic devices together with conventional positioning techniques could become the solution to improve the overall ITS operation in vehicle-to-everything (V2X) communication scenario. Nonetheless, effective and secure communication protocols between the vehicle and roadside units should be both analyzed and improved in terms of potential attacks on the transmitted positioning-related data. In particular, said information might be misused or stolen at the infrastructure side conventionally assumed to be trusted. In this paper, we first survey different methods of vehicle positioning, which is followed by an overview of potential attacks on ITS systems. Next, we propose potential improvements allowing mutual authentication between the vehicle and infrastructure aiming at improving positioning data privacy. Finally, we propose a vision on the development and standardization aspects of such systems.

Risks

Intelligent Transport Systems (ITSs) are part of road transportation sector evolution and constitute one of the main steps towards vehicle automation. These systems use technologies that allow vehicles to communicate with each other or with road infrastructure. By increasing information quality and reliability, ITSs can improve road safety and traffic efficiency, but only if cybersecurity and data protection is ensured. With the increase in the number of cyberattacks around the world, cybersecurity is receiving increased attention, especially in the area of transportation security. However, it is equally important to examine and analyze security in depth when it concerns connected vehicles. In this paper, we propose a qualitative risk analysis of ITSs based on Threat, Risk, Vulnerability Analysis (TVRA) methodology, and we focus on ETSI ITS communication architecture. We present a review of solutions and countermeasures for identified critical attacks.

Journal on Systemics, Cybernetics and Informatics, 2012

Intelligent Transport Services expect availability of the secure seamless communications solutions typically covering widely spread areas. Different ITS solutions require different portfolio of telecommunications service quality. These parameters have to correspond with ITS service performance parameters required by specific service. Even though quite extensive range of public wireless data services with reasonable coverage are provided, most of them are provided with no guaranteed quality and security. ITS requirements can be in most parameters easier reached if multi-path communications systems are applied core solution is combined with both public as well as private ones where and when it is needed. Such solution requires implementation of relevant flexible system architecture supported by the efficient decision processes. This paper is concentrated the telecommunications security issues relevant to the ITS wide area networking. Expected level of security varies in dependence on ...

Proceedings of the 35th International Symposium on Automation and Robotics in Construction (ISARC), 2018

The usability of the Internet of Things (IOT) is accelerated by making intelligent and equipping different machines and devices with smart sensors. IOT is used in smart cities, transportation, construction cases. IOT has the capability to provide real-time information for drivers and citizens to design their routes to avoid traffic and reduce fuel consumption. However, there is a significant number of IOT barriers to IOT utilization such as the distrust of users and managers in sharing information, suspicion to privacy and the ease of using the relevant applications. Despite the importance of these factors, a model for predicting the use of this technology for specific disciplines has not yet been developed, especially for developing countries. Therefore, this research attempts to propose a model for prediction of application, taking into account the increased security of IOT in intelligent transportation. To this end, influential constructs on user trust were collected and tested by questionnaire from 62 experts. The data were analyzed using Smart PLS using confirmatory factor analysis. The results show that 11 hypotheses in the research have been confirmed. The results of this study are very important for technology specialists and urban managers to establish the IOT in the field of urban transport.

Electronic Control Units (ECUs) of a vehicle control the behavior of its devices-e.g., break and engine. They communicate through the in-vehicle network. Vehicles communicate with other vehicles and Road Side Units (RSUs) through Vehicular Ad-hoc Networks (VANets), with personal devices through Wireless Personal Area Networks (WPANs), and with service center systems through cellular networks. A vehicle that uses an external network, in addition to the in-vehicle network, is called connected vehicle. A connected vehicle could benefit from smart mobility applications: applications that use information generated by vehicles, e.g., cooperative adaptive cruise control. However, connecting in-vehicle network, VANet, WPAN, and cellular network increases the count and complexity of threats to vehicles, which makes developing security and privacy solutions for connected vehicles more challenging. In this work we provide a taxonomy for security and privacy aspects of connected vehicle. The aspects are: security of communication links, data validity, security of devices, identity and liability, access control, and privacy of drivers and vehicles. We use the taxonomy to classify the main threats to connected vehicles, and existing solutions that address the threats. We also report about the (only) approach for verifying security and privacy architecture of connected vehicle that we found in the literature. The taxonomy and survey could be used by security architects to develop security solutions for smart mobility applications.