US DoT publishes factsheet on security system
On 13 June, the US Department of Transportation published a factsheet on its security credential management system (SCMS). The Security Credential Management System (SCMS) is a proof-of-concept security
solution for vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communication. The SCMS uses a Public Key Infrastructure (PKI)-based approach that employs highly innovative methods of encryption and certificate management to facilitate trusted communication. Authorized system participants use digital certificates issued by the SCMS to authenticate and validate the safety and mobility messages that form the foundation for connected vehicle technologies. To protect the privacy of vehicle owners, these certificates contain no identifying information, but serve as system credentials so that other users in the system can trust the source of each message. The SCMS also plays a key function in protecting the content of each message by identifying and removing misbehavior devices, while still maintaining privacy.
The SCMS provides the security infrastructure to issue and manage the security certificates that form the basis of trust for V2V and V2I communication. Connected vehicle devices enroll into the SCMS, obtain security certificates from certificate authorities (CAs), and attach those certificates to their messages as part of a digital signature. The certificates prove the device is a trusted actor in the system, while also maintaining privacy. Misbehavior detection and reporting allow the system to identify bad actors and revoke message privileges, when necessary.
For more information, read the US DoT Factsheet.