Trust assurance levels of cybercars in V2x communication

In the last decade, the automotive industry, governments and researchers have invested a lot of effort setting up the basis for vehicle to vehicle and vehicle to infrastructure (V2X) communication with the aim of improving road safety and traffic efficiency. As for any communication involving the exchange of sensitive data, security was identified from the beginning as a key enabler for many use cases and has been already addressed in various projects. While the first focus was on security issues related to inter-vehicle communication, the Intelligent Transport System (ITS) community rapidly realized that in-vehicle security, which means secure communication endpoints, is also required to enable secure communication between cars and their environment. The recent successful hacking of automotive systems has strengthened this position. However, the holistic view required to set up a framework for mutual trust-establishment between the involving communication entities is m issing. The reception of an authentic message does not provide sufficient proof of the trustworthiness of the message without additional trust assurance regarding the message's sender and the sender's platform integrity. Hence, the need to attest/certify the trustworthiness of a remote communication partner's platform is arising. In this paper, we analyze the platform security requirements of V2X systems, define different Trust Assurance Levels (TAL) and propose a certification framework to support trust establishment between involved V2X communication partners.