Public Key Infrastructure

AutoCrypt PKI

Public key infrastructure for connect vehicles
autocrypt v2x pki

Protecting all vehicle connections with PKI-based authentication.

AutoCrypt® PKI is a specialized public key infrastructure (PKI) dedicated to the credential verification of participants during all types of vehicular communications, including V2X, Plug&Charge (PnC), and digital key.

Best known for its usage in V2X environments, AutoCrypt® V2X-PKI (AutoCrypt® SCMS) is a tri-standard public key infrastructure compatible with the North American Security Credential Management System (SCMS), the European C-ITS Credential Management System (CCMS), and the Chinese CCSA standard (C-SCMS), providing certificate registration, authentication, and management services for onboard units (OBU) and roadside units (RSU) in compliance with IEEE 1609.2, ETSI, GB/T, and YD/T 3957-2021.

AutoCrypt PKI is a crucial security component required for vehicular communications like V2X and Plug&Charge (PnC). The system registers enrolment certificates for OBUs and RSUs and issues identification, pseudonym, and application certificates for authentication, ensuring that only trusted entities are allowed to join the communication.


All You Need to Know About PKI

and stay prepared with AUTOCRYPT

The Basics of AutoCrypt PKI

AutoCrypt PKI is a security infrastructure that ensures trust within the V2X and PnC environment.

With AutoCrypt PKI’s ecosystem, connected participants (vehicle OBUs, infrastructure RSUs, pedestrian devices) are able to obtain security certificates from root certificate authorities (root CA), and attach these certificates to their messages as their digital signature. The root CAs continuously generate, distribute, and revoke certificates within the ecosystem.

page image

AutoCrypt PKI enables the issuance of both enrolment certificates and authorization certificates to OBUs and RSUs.

Enrolment certificates are issued when the units are first registered, while authorization certificates are issued every time a message is exchanged to allow for the system to authenticate each user.

Authorization certificates can be further broken down into identification certificates (used by OBUs to sign V2I messages), pseudonym certificates (used by OBUs to sign basic safety messages), and application certificates (used by RSUs to sign over-the-air messages).

All these certificates act as IDs that prove the identity of the participants and the legitimacy of the messages. The infrastructure also enables continuous certificate management with an updating list of revoked devices.

page image

Tri-Standard Compatibility, Worldwide Inteoperability

Having demonstrated interoperability across international protocols including SCMS, CCMS, and C-SCMS, AutoCrypt PKI is a crucial component for V2X, Plug&Charge (PnC, ISO 15118), and a wide range of vehicular communications, ensuring mutual safety during message exchanges.

Security and Management

Does not re-enter incorrect SCMS information

Malfunction Detection

Identifies abnormal devices and revokes their certificates

Mutual Safety

Exchange of data with other vehicles, devices, and infrastructure

Integrated Management System

AutoCrypt IMS

for integrated PKI management across regions

Not only do different parts of the world use different PKI protocols, but different regions sharing the same protocol can also require separate SCMSs due to variations in requirements and root CAs. Since OEMs sell cars in multiple regions, the automotive industry has been demanding a more comfortable means of managing these different regional SCMSs on a single user interface, while still being compliant with all regional requirements.

AutoCrypt® IMS (Integrated Management System) is designed for OEMs and infrastructure operators to supervise their entire SCMS in real-time, regardless of the region. With a centralized user interface containing visual dashboards that display real-time information on all certificates and certification statuses, divided into various regions and locations of choice, certification management (issuance and revocation) has never been easier.

Additionally, AutoCrypt IMS provides a detailed view of the status of relevant resources, such as system inspection, updates, and database management, while providing 24/7 response for operational and technical issues.

AutoCrypt IMS User Inferface
autocrypt ims dashboard

Certificate Dashboard

  • Provides an overview of the entire Security Credential Management System
  • Displays information on certificate issuance and revocations, as well as notable recent events

System Operation Dashboard

  • Allows administrators to monitor and manage the resources of regional SCMSs
  • Displays the operational status of each component in each regional SCMS

RSU Status Dashboard

  • Allows administrators to monitor roadside units
  • Displays information on the status of deployed RSUs with trend analytics on the number of messages broadcasted and related events

Certificate Management

  • Provides a detailed list of all issued certificates and their statuses
  • Allows for quick and easy batch management