AUTOCRYPT Designated as Vehicle Type Approval Technical Service Provider for UN R155/156.Learn More

Tag: v2x

6 November, 2023 . 4 mins read

Trends in Vehicle Vulnerabilities: A 2023 Report

In recent years, the automotive sector has undergone a profound transformation driven by innovation. The past decade witnessed a rapid digitization of vehicles, the ascent of electric powertrains, the advent of software-defined systems, and the ongoing development of autonomous vehicles. These technological advancements have elevated automobiles beyond mere modes of transportation. However, they also made vehicles increasingly susceptible to cyberattacks. Unfortunately, the pace of implementing in-vehicle cybersecurity measures has lagged behind the speed of innovation, leaving modern vehicles at an alarming risk.

A comprehensive study conducted by IOActive has meticulously analyzed the trends in vehicle vulnerabilities, pooling data from 2016 to 2022. This study sheds light on the evolving threat landscape within the automotive industry, classifying data according to various attack vectors, namely local, physical, network, and peripheral RF.

Key Findings:

Networked Connection Attacks: The most striking revelation from the study is the surge in attacks exploiting networked connections, accounting for nearly half of all attacks in 2022. This signifies a prominent shift towards remote cyberattacks targeting vehicles.

Local Attacks: Local vehicle software, including operating systems, Electronic Control Units (ECUs), and Software Bill of Materials (SBOMs), accounted for 40% of disclosed vulnerabilities. This highlights the growing risk of exploiting vulnerabilities within a vehicle’s software ecosystem.

Physical Hardware Attacks: Physical hardware-associated vulnerabilities witnessed a significant decline, plummeting by 15%. This decline can be attributed to the automotive industry’s increasing focus on remote attack vectors.

Peripheral RF Attacks: Intriguingly, a novel category of attack vectors, peripheral RF attacks, emerged, representing 1% of the total vulnerabilities. This indicates the shifting landscape of vehicle cybersecurity needs and the expanding spectrum of threats.

Now, let’s delve into a closer examination of each attack vector:

Local Attacks

Local attacks primarily exploit vulnerabilities within the vehicle’s software ecosystem. Examples include attacks on operating systems, ECUs, and SBOMs. A common local attack is spoofing, where malicious actors send synthetic signals to deceive the vehicle’s systems. Spoofing can lead to incorrect data interpretation, posing substantial risks to vehicle operation and passenger safety.

Over the past decade, local attacks have seen a 6% increase, reflecting the industry’s struggle to defend against software-based attacks, exacerbated by the increasing complexity of software in modern vehicles. Robust in-vehicle security systems are essential to mitigating the risks of local software attacks. Manufacturers must employ effective testing measures to identify and rectify software vulnerabilities.

Physical Hardware Attacks

While physical hardware attacks have experienced a notable decline, they continue to pose a tangible threat. These attacks necessitate the physical presence of a threat agent. An attack on vehicle hardware could provide unauthorized access to critical vehicle components, potentially allowing a takeover of the vehicle.

For instance, a USB attack targeting a vehicle’s infotainment system could compromise the Controller Area Network (CAN). To address these vulnerabilities, vehicle security systems must incorporate robust gateway security measures to protect against hardware-based intrusions.

Networked Connection Attacks

Emerging as a recent development, networked connection attacks exploit far-field RF spectrum, including wireless and cellular connections, backend networks, and vehicle-to-everything communications. Securing messages exchanged through vehicle-to-everything (V2X) communication channels is of paramount importance, particularly as the industry is gearing up for autonomous driving. Ensuring the authenticity of V2X messages is crucial to prevent masquerading attacks, which can disrupt traffic and compromise vehicle systems.

Original equipment manufacturers (OEMs) must implement cybersecurity practices that authenticate information and signals exchanged through V2X communications to mitigate the risks associated with networked connection attacks.

Peripheral RF Attacks

Peripheral RF attacks originate in the near-field RF spectrum, encompassing technologies like NFC, RFID, remote key entry, and on-board telematics. The 1% growth in peripheral RF attacks, as identified by IOActive’s analysis, is largely attributed to vulnerabilities related to Remote Key Entry (RKE) and Bluetooth.

One common manifestation of a peripheral RF attack is a relay attack, notably compromising key fob technology. Such attacks can allow unauthorized access to vehicles and even the ability to remotely start them. These attacks have become one of the most common causes of vehicle theft. In 2022, AUTOCRYPT’s Vehicle Threat Research Lab discovered a high severity (CVSS 8.1) relay attack vulnerability (CVE-2022-38766) in a popular electric vehicle in Europe. To counter these threats, vehicle owners can employ signal-blocking devices, while manufacturers should implement comprehensive cybersecurity measures to monitor and filter traffic at the gateway.

Vehicle attack vectors

In light of these evolving trends and vulnerabilities, it is imperative that advancements in the automotive sector go hand in hand with the development of robust cybersecurity measures.

AUTOCRYPT offers end-to-end vehicle cybersecurity solutions that safeguard vehicles from both internal and external threats, ensuring the continued safety and security of modern automobiles.

14 June, 2023 . 7 mins read

The V2X Deployment Roadmap in Europe: Progress, Challenges, and What to Expect by 2024

Vehicle-to-everything (V2X) technology is widely regarded by industry experts as a promising solution to improve road safety and achieve full autonomous driving in the long run. However, to establish a functional and interoperable V2X ecosystem, all stakeholders must be on the same page. This article dives into the current V2X deployment progress in Europe and what to expect in the near future.

Europe is often seen as an optimal testbed for V2X technology and Cooperative Intelligent Transport Systems (C-ITS), not only because the continent has some of the world’s most developed and well-maintained road networks, but also because it is home to dozens of road transport operators and has the highest concentration of global automotive OEMs.

As a promising strategy for achieving Vision Zero, V2X deployment has been on the agenda in Europe since the early 2010s. To facilitate the rollout of C-ITS, European Member States and road infrastructure operators joined forces to establish the C-Road Platform, a joint initiative to establish an integrated and interoperable C-ITS network that spans across European borders.

In the private sector, many automotive OEMs have been integrating V2X onboard units (OBU) into their new vehicles. As one of the early adopters, Volkswagen has equipped V2X OBUs in its entire ID. electric vehicle lineup. BMW recently announced plans to deploy V2X technology in its vehicles for vehicle-to-grid (V2G) bidirectional charging. Mercedes-Benz also has plans to deploy V2X, but has been so far promoting its cloud service as a medium to provide real-time vehicle-to-vehicle (V2V) warnings.

However, despite all these efforts, we haven’t yet seen any large-scale V2X use cases on the continent. This raises many questions. How developed is V2X technology? Where is Europe on the V2X deployment roadmap? What are some of the challenges the industry is facing? What can we expect years down the road?

Is V2X technology ready for commercial use?

This would have been tough to answer in the past few years. But as of 2023, V2X technology is fully ready for implementation and commercial use. The reliability and safety of the technology have been repeatedly validated at cross-industry interoperability tests, with AUTOCRYPT being a major contributor to message security. A lot of roadside equipment is now V2X capable. And many OEMs have equipped their vehicles with V2X OBUs.

Where is Europe on the V2X deployment roadmap?

Europe is now entering an early stage of commercial V2X deployment. Still, to operate V2X services on a large-scale, more OBUs and RSUs need to be deployed. This can take up to a decade because consumers will keep their older cars for many years before upgrading. Time is also needed for road operators to install RSUs into their roadside equipment.

At this stage, is V2X deployment only a matter of time? The reality is more complicated. There remain a few challenges that are preventing OEMs and road operators from rolling out V2X at full speed.

What challenges does the industry face?

1. The divide between DSRC and C-V2X: into the hybrid era

The biggest challenge that has been slowing down V2X deployment was a lack of agreement among industry players on the communication protocol. The debate between the WLAN-based DSRC (dedicated short-range communications) and the LTE and 5G-based C-V2X (cellular V2X) has significantly slowed down the implementation of V2X. Each industry player has their own stance and preference, leading to an ongoing rivalry between the two technologies.

As of 2023, North America and China have mostly agreed on using C-V2X as the de facto V2X communication protocol, phasing out DSRC. However, Europe remains largely divided. Whereas Volkswagen uses DSRC for its vehicles, BMW and Daimler have both been in favour of C-V2X.

Fortunately, this divide is becoming less of an obstacle. Seeing that the European industry isn’t likely to reach a consensus anytime soon, V2X hardware providers, software suppliers, and cybersecurity providers like AUTOCRYPT have developed solutions compatible with both protocols so that industry players can continue V2X deployment without having to worry about compatibility.

Nevertheless, since DSRC and C-V2X are not meant to be interoperable at the fundamental access layer, more sophisticated hardware and additional development efforts are needed for dual compatibility. As such, although this hybrid approach can help the industry overcome its immediate interoperability issues, it is by no means an optimal solution in the long run. Many experts predict that one of the two protocols will eventually die off, ending the hybrid era.

2. A lack of incentives

Another obstacle that has been slowing down V2X deployment is the lack of incentives. In most conventional markets, the first mover often gains a competitive advantage because clients and consumers tend to associate the new idea or technology with the brand, just like how Tesla is strongly associated with electric vehicles and Uber with ride-hailing platforms. However, this kind of first-mover advantage is not present in the V2X market, because the full benefit of V2X can only be realized after multiple OEMs and road operators deploy them. Although Volkswagen equipped V2X into the ID. lineup, consumers haven’t been able to experience any significant benefits and thus no association is formed between V2X and the ID. brand.

Under such circumstances, governments and regulators must incentivize early adopters to accelerate V2X deployment. As of now, the idea of regulating V2X is still in debate. But with the joint effort of governments and several industry associations, more and more incentives are beginning to surface.

For instance, Europe’s new car assessment program, Euro NCAP, announced in its 2025 Roadmap that beginning in 2024, all new cars must be equipped with V2X connectivity to receive a five-star safety rating. This move will serve as an effective incentive for OEMs to deploy V2X in their vehicles on a large scale. The Euro NCAP further explained in the report that it chose this timing because it expects all technical uncertainties to be resolved by 2024.

3. Demand uncertainty

Currently, the public has very limited knowledge about V2X technology and its potential. In fact, many have never heard of the technology. This leads to uncertainty in market demand, as it’s hard to gain a grasp of demand when consumers haven’t been informed about the supply.

This isn’t to say that there will be a lack of demand. The potential demand for V2X is immense, given that consumers have always had strong desires for safety and convenience, both of which V2X has a lot to offer. Therefore, the question is not whether there is enough demand, but whether consumers are educated enough to understand how V2X can fulfill these demands. In the end, industry players must not only invest in the technology itself, but also in promoting the benefits of the technology by establishing innovative services and attractive consumer offerings.

What can we expect in the future?

Overall, V2X technology is now nearing the end of its testing stage and ready for large-scale development. Most of the challenges and obstacles that have slowed down V2X deployment over the past few years are now resolved. With more and more incentives, we can expect to see a kickstart to full-scale V2X deployment beginning in 2024.

For a more detailed analysis of the current progress and future prospects of V2X, download the full white paper below:

v2x 2024 prospect white paper thumbnail
Download White Paper

As one of the top five V2X security providers in the world (recognized by Markets & Markets), AUTOCRYPT has always maintained a position ahead of the market in terms of technology and innovation. Not only does its V2X security module support both DSRC and C-V2X, but its Security Credential Management System (SCMS) is fully compatible with all three major standards in the world, including the US SCMS, EU CCMS, and Chinese C-SCMS. To prepare OEMs for full-scale deployment, it released its Integrated Management System (IMS) for SCMS, allowing OEMs to manage millions of vehicle certificates on a single dashboard.

To learn more about AUTOCRYPT’s V2X security solutions and AutoCrypt SCMS, contact global@autocrypt.io.

To stay informed and updated on the latest news about AUTOCRYPT and mobility tech, subscribe to AUTOCRYPT’s newsletter.

19 January, 2023 . 7 mins read

All You Need to Know About V2X PKI Certificates: Butterfly Key Expansion and Implicit Certificates

AutoCrypt SCMS now supports Butterfly Key Expansion for both implicit and explicit certificates of the V2X PKI ecosystem. This article explains why Butterfly Key Expansion is necessary for the SCMS and why implicit certificates might be a useful alternative to conventional certificates.

Vehicle-to-everything (V2X) communication allows vehicles to communicate with other vehicles and road entities for safety warnings, traffic coordination, and eventually vehicle-infrastructure cooperated autonomous driving (VICAD). Given that these V2X messages are critical to road safety, a vehicular public key infrastructure (PKI) known as the Security Credential Management System (SCMS) has been adopted worldwide to protect the integrity of V2X messages and the privacy of road users. V2X PKI certificates, or SCMS certificates, are therefore a crucial enabler of secure V2X communications.

What Is Unique About V2X PKI Certificates?

What makes V2X PKI certificates unique? The most significant difference between IT and V2X authentication is that IT authentication is centralized and hierarchical. Users use their digital signature to reveal their identity to the server, after which the server verifies the identity and grants the user access. There is apparently no need for users to prove their identity to other users. On the other hand, V2X authentication is decentralized, where users (vehicles) need to verify each other’s identity without revealing it. Sounds contradictory? This is made possible by using pseudonym certificates.

In the SCMS, pseudonym certificates are issued by authorization certification authorities (CA) to every road user (vehicle). As suggested by its name, these certificates are pseudonymous and thus do not contain the vehicle’s identity, but instead contain proof that the vehicle’s identity had been verified by the CA and that it is a legitimate entity.

Furthermore, to prevent a stalker from spying on the same pseudonym certificate over an extended period to trace its travel routes and behaviours, pseudonym certificates have very short validity periods. For an average private vehicle, up to 20 pseudonym certificates are issued weekly, rotating every few hours to prevent tracing. These numbers can vary depending on local regulations and the importance of the passenger. For instance, the vehicle for a head of state might require non-rotating, one-time pseudonym certificates issued every five minutes.

What Is Butterfly Key Expansion?

Every time a vehicle requests a pseudonym certificate, the responsible CA needs to sign a new certificate and return it to the vehicle. Given that a typical vehicle needs up to 20 certificates per week, the CA needs to sign over a thousand certificates to a single vehicle over a year. This is a scale never seen before in the IT or financial industry. As more and more vehicles join the V2X environment, it can soon become difficult for CAs to cope with the growing number of requests.

With advancements in cryptographic construction technology, a novel approach known as Butterfly Key Expansion now overcomes this disadvantage. Butterfly Keys allow a vehicle to request an arbitrary number of certificates all at once; each certificate with a different signing key and each encrypted with a different encryption key. A request using Butterfly Key Expansion contains only one signing public key seed, one encryption public key seed, and two expansion functions that enable expansion. Therefore, Butterfly Keys are very useful for requesting pseudonym certificates as they can drastically decrease the number of requests needed.

Note that Butterfly Keys are not needed for issuing application certificates* to roadside units (RSU). Since privacy is not a concern to roadside infrastructures, application certificates are issued once at a time and have very long validity periods, meaning that application CAs are fully capable of dealing with the volume of requests.

(*Pseudonym certificates are used by vehicles for self-identification in V2V communications, whereas application certificates are used by roadside infrastructures for self-identification in V2I applications.)

Explicit vs. Implicit Certificates

Pseudonym certificates can be constructed in two different forms: conventional (explicit) certificates and implicit certificates. Conventional certificates consist of three distinct pieces of data: 1) a public key, 2) the digital signature of the CA, binding the public key to the vehicle’s identification data, and 3) the vehicle’s identification data. During V2V message transmission, the sender signs the certificate with the private key, after which the receiver uses the public key in the certificate to verify and view the message. In this process, the sender’s identity is “explicitly verified” because by opening the message, the receiver knows that the sender is the only entity holding the private key. As such, these certificates are also known as explicit certificates.

However, a disadvantage of explicit certificates is that, since they contain three distinct pieces of data, their size can range between 2,000 bits to 30,000 bits, depending on the level of security needed. Such a size isn’t a concern in and of itself. But in the V2X environment, where traffic volume is high and transmission speeds are pivotal, smaller sizes can be more advantageous.

To enable speedier message transmission and more efficient certificate issuance, a new form of V2X PKI certificate is gaining popularity. Known as implicit certificates, or Elliptic Curve Qu-Vanstone (ECQV), these certificates contain the same three pieces of data as explicit certificates do, but do not carry them as three distinct elements. Instead, the public key and the digital signature are superimposed, leaving a single reconstruction value that is similar in size as the public key. The receiver of the message uses this reconstruction value to reconstruct the public key and verify the message. The way in which the public key and the digital signature are superimposed means that by verifying the public key, the digital signature and the legitimacy of the sender get “implicitly verified”.

Since implicit certificates contain a single reconstruction value, they are much lighter and thus require much less bandwidth to transmit. The typical size of an implicit certificate is only 200 to 500 bits, which is ideal for the SCMS, where a large volume of certificates needs to be transmitted within a constrained timeframe.

The concept of implicit certificates is developed and patented by Blackberry Certicom. Nevertheless, CAs are free to issue implicit certificates for applications in the SCMS in accordance with IEEE 1609.2.

V2X PKI Regional Requirements and Preferences

As mentioned earlier, Butterfly Key Expansion is only beneficial for issuing pseudonym certificates and is not used for generating application certificates. The same is true for implicit certificates. The lightweight advantage of implicit certificates is best seen when applied to pseudonym certificates, but less significant when applied to application certificates. Given that the mechanism behind implicit certificates is more complex, some parts of the world prefer to stay with explicit certificates.

As a result, a mix of different mechanisms is used in the real world. In fact, different transport authorities have established different requirements for the certificates used in their SCMS. In North America, implicit certificates have become the standard for all V2X PKI certificates, whereas, in China, explicit certificates are required. Europe has been establishing two different standards, one for explicit certificates and one for implicit certificates.

In general, V2X PKI certificates can be constructed using four different combinations.

AutoCrypt SCMS Ready to Support All Certificate Types

In late 2022, AUTOCRYPT completed its development on the issuance of both explicit and implicit certificates with Butterfly Key Expansion, gaining the full capability to issue and provision all types of V2X PKI certificates in the SCMS.

To learn more about AUTOCRYPT’s V2X security solutions and AutoCrypt SCMS, contact global@autocrypt.io.

To stay informed and updated on the latest news about AUTOCRYPT and mobility tech, subscribe to AUTOCRYPT’s newsletter.

7 December, 2022 . 2 mins read

AUTOCRYPT Accredited by WebTrust for CAs as V2X Root Certificate Authority

SEOUL, KOREA, December 7, 2022 — AUTOCRYPT, an industry-leading provider of automotive cybersecurity and connected mobility solutions, announced that it has been officially accredited by the AICPA/CICA WebTrust Program for CAs (Certification Authorities) as a root certificate authority for the V2X-PKI ecosystem, making it Asia’s first, and the world’s third V2X root certificate authority to receive the WebTrust seal.

The WebTrust Program accredits CAs after having licensed auditors conduct extensive audits to verify that the CA has adequate management capabilities and strictly follows its Certificate Practice Statement (CPS) by properly verifying organizations and protecting its certificate keys. The WebTrust seal is an internationally recognized symbol for safe practice in PKI and cryptography, to which many organizations demand WebTrust accreditation for all CAs involved in their supply chains.

AUTOCRYPT’s V2X-PKI CA (Certificate Authorization) Service acts as a root CA that registers, issues, manages, and revokes V2X certificates to subordinate CAs, supporting SCMS standards across North America, Europe, and China. Independently operated by its self-established security certification center, the service has undergone months of external audits and monitoring prior to receiving the accreditation.

“Aligning with our vision of enabling reliable and autonomous mobility for all road users, we developed our own root CA service to help establish trust within the V2X ecosystem,” said Daniel ES Kim, CEO of AUTOCRYPT. “By providing WebTrust-accredited certificate lifecycle management for V2X CAs, we look forward to enabling a streamlined V2X deployment process for our clients and partners, as well as encouraging more V2X implementations across a wider variety of use cases.”

Apart from serving as a V2X root CA, AUTOCRYPT offers a complete security solution for the V2X ecosystem, including a security module for OBU/RSUs, an SCMS backend, and an Integrated Management System (IMS) for SCMS that enables automotive OEMs to oversee all the SCMS certificates for their fleets via a graphical user interface.

For more information regarding AUTOCRYPT’s V2X security solutions and offerings, contact global@autocrypt.io.

1 December, 2022 . 8 mins read

From Safety to Sustainability: A Look at the Short-Term Benefits of V2X

There are two major approaches to achieving autonomous driving. The first is ADAS (advanced driver-assistance systems). And the other is V2X (vehicle-to-everything). Although the public is now quite familiar with ADAS, V2X remains a relatively unknown field. Even among industry stakeholders, a common misconception about V2X is that it must be deployed on a mass scale to provide meaningful benefits. In this blog, we explain why V2X deployment might not be as big an investment as it might seem, by looking at some of the short-term benefits of V2X.

Why It Doesn’t Need to Be Mass Deployment

Indeed, the ultimate objective of V2X is to create a fully connected mobility ecosystem that enables a state of full driving automation (Level 5), where vehicles seamlessly communicate with their surrounding vehicles and infrastructure through exchanging messages in real-time, overcoming the shortcomings (e.g., blind spots, failed object recognition) of cameras and sensors. This approach towards autonomous driving is also referred to as Vehicle-Infrastructure Cooperated Autonomous Driving (VICAD).

However, establishing an entire V2X ecosystem is a long process, as it can take many years to transform an entire city’s transport infrastructure into V2X-enabled systems. Therefore, industry players shouldn’t solely focus on the final objective of VICAD, but instead, work towards deploying V2X for its immediate benefits. This way, consumers can start benefiting from V2X sooner, which helps generate momentum to accelerate further investment and deployment.

Imaging planning and building a subway network from scratch. Of course, the final goal is to create an interconnected network that covers the entire city. However, if the public must wait until an entire network to be completed before benefiting from it, there would be very little interest in moving the project forward. Instead, cities start by building and operating a single line to allow at least some consumers to benefit from it in the short term.

The same is true for V2X. It doesn’t need to be mass deployment before we can start to see benefits. Some case-specific applications, including Signal Phase and Timing (SPaT) and emergency vehicle preemption (EVP), have already generated some promising short-term benefits in terms of road safety and efficiency.

The Short-Term Benefits of V2X

1. Road safety

Even with selective, small-scale deployments over the short term, V2X opens the opportunity for many creative approaches to enhance road safety. For instance, V2X roadside units (RSU) can be installed onto traffic signals at selected intersections where car accidents frequently occur, enabling Signal Phase and Timing (SPaT). SPaT is a V2X application where the traffic signal informs incoming vehicles of the remaining time of the signal. When vehicles receive that information, they can automatically determine whether to continue to cruise through the intersection, slightly accelerate to pass through prior to the signal change, or gently decelerate to a full stop. Having machines do the timing and calculation can help reduce human misjudgments at intersections.

It might be tempting to think that SPaT is only beneficial when all vehicles are equipped with V2X onboard units (OBU). Of course, the more V2X-enabled vehicles there are, the more effective the use case becomes. Still, if only a quarter of vehicles were to be equipped with V2X OBUs, SPaT would make a significant difference by improving the safety record of the intersection. This is because drivers have a natural tendency to move with the flow. The behaviour of V2X-enabled vehicles will influence the behaviours of surrounding drivers, encouraging them to comply with the coordination as well, hence reducing the likelihood of dangerous acceleration and braking during yellow lights.

Installing RSUs at intersections enables another common use case known as emergency vehicle preemption (EVP), which is currently deployed in many major cities across the globe. This is where OBUs installed in ambulances and fire trucks communicate with RSUs at intersections, prompting the traffic signal to change in favour of their direction, making it a very useful application in dense city streets where emergency vehicles can easily get stuck in gridlocks.

As such, localized V2X applications like SPaT and EVP do not require mass deployment. Hence, infrastructure operators and automotive OEMs can focus primarily on these short-term benefits.

2. Traffic efficiency

Besides safety, traffic efficiency is one of the other short-term benefits of V2X. A promising V2X-enabled solution that helps increase traffic efficiency is truck platooning. This is when a fleet of trucks cruise in a row at the same speed in the formation of a train. Given that trucks take up a significant percentage of the highway, having trucks travel individually at different speeds across different lanes can slow the overall traffic and lead to potential safety hazards. By lining them up in a lane at a consistent speed, a significant amount of space can be freed up, enabling faster travel speeds, and reducing the level of congestion during peak times. Furthermore, truck drivers in the follower trucks will be able to rest during the trip, reducing the likelihood of driver fatigue, hence enhancing road safety as well.

Another localized application of V2X is smart parking. This is when RSUs equipped in parking lots communicate with OBUs in nearby vehicles to inform them about parking space availability. In busy urban centers, a great amount of aggregated time is spent on searching for parking space. Not only is it a frustrating experience to circle around a busy block looking for the nearest available parking space that doesn’t cost a fortune, but those in search of parking can add up to the existing traffic and cause further congestion. With V2X-enabled smart parking, there will be no need to roam around urban streets for parking.

3. Cost saving

Road transportation comes with a cost. Apart from fuel and maintenance costs, every minute spent sitting in traffic is an opportunity cost that can be measured in the form of lost productivity. According to the 2021 INRIX Global Traffic Scoreboard, traffic congestion in the United States costs the average driver $564 in lost productivity throughout the year, and an aggregated $53 billion to the country.

When RSUs are deployed in critical areas such as frequently congested intersections and highway merges, V2X-enabled traffic coordination like SPaT and lane merge assists can reduce congestion remarkably, thus cutting unnecessary fuel consumption and productivity loss.

4. Environmental sustainability

When it comes to sustainable transport, electric vehicles (EV) are the most effective solution that contributes directly to a reduction in carbon emissions. However, many do not realize that V2X is another promising technology that can make a positive impact on environmental sustainability.

This is because V2X is an effective energy saver. As aforementioned, since V2X applications can help coordinate traffic and reduce congestion, the average vehicle spends less time on the road, with less unnecessary acceleration and braking. This results in not just less emission, but also less electricity consumption for EVs. Although this might seem like a subtle difference for a single vehicle, the accumulated energy savings and emission cuts can make a meaningful impact on the environment.

Additionally, just like emergency vehicle preemption, OBUs can also be installed on buses and street cars so that traffic signals can give priority to public transit, making traveling by public transit more efficient and convenient, thus encouraging greater usage.

5. Convenience

Regardless of its application, a common benefit that V2X brings across all use cases is convenience. Through real-time communications, road users will be able to benefit from a smart and connected mobility environment.

Start Small, Think Big

Back to the point — V2X connectivity isn’t all about the big picture of full autonomous driving. Through vehicle-infrastructure cooperation, V2X can be utilized for a wide range of localized use cases that do not require much time and effort to deploy. Eventually, these local deployments will naturally accumulate to shape an interconnected V2X ecosystem, enabling a complete VICAD experience. Therefore, policymakers, infrastructure operators, OEMs, and investors should push forward V2X deployment by focusing primarily on its immediate benefits.

Securing V2X Communications

An integral component of V2X deployment is cybersecurity. Encryption and PKI-based authentication measures must be preestablished within the communication end-entities (OBU/RSUs) to ensure that the messages communicated via V2X are securely protected from unauthorized access and tampering. Conversely, with more and more localized V2X deployments, cybersecurity capability will continuously improve with enhanced regional security policies.

AUTOCRYPT’s secure V2X communications solution strengthens both privacy and safety for V2X applications, including a security module installable onto OBU/RSUs, a Security Credential Management System (SCMS) that issues, revokes, and manages digital certificates for end-entities, as well as an Integrated Management System (IMS) for SCMS that allows automotive OEMs to easily manage all their V2X certificates across all vehicle fleets via a graphical user interface.

To learn more about AUTOCRYPT’s V2X security solutions and offerings, contact global@autocrypt.io.

To stay informed and updated on the latest news about AUTOCRYPT and mobility tech, subscribe to AUTOCRYPT’s quarterly newsletter.

1 November, 2022 . 5 mins read

Spotlight: V2X Interoperability Testing at OmniAir Costa del Sol Plugfest

In this blog, Vice President of Autocrypt North America, Martin Totev, takes us to OmniAir Consortium’s Costa del Sol Plugfest in Malaga, Spain, held between October 24 and 28, where AUTOCRYPT provided its SCMS certificates for the testing environment.

Interoperability Across the V2X Ecosystem

Cooperative Intelligent Transport Systems (C-ITS) are making road mobility increasingly connected and adaptive, linking vehicles with road infrastructures and pedestrians, and enabling them to cooperate with one another in real-time through V2X (vehicle-to-everything) communications. Yet, although the idea might seem straightforward, industry players and regulators have been putting tremendous effort into establishing V2X interoperability, ensuring that vehicles, smart devices, and infrastructures built by different manufacturers across various domains can seamlessly communicate with each other.

How is interoperability established? At the baseline, all manufacturers must follow a set of standards and protocols for each relevant use case. These protocols are often established by regulators and industry associations. For instance, the two major technical protocols for V2X communications include WAVE (Wireless Access in Vehicular Environments) by IEEE and C-V2X (cellular V2X) by 5GAA. As such, manufacturers of onboard units (OBU) and roadside units (RSU) need to ensure that all their end-entities within a V2X environment comply with the same protocol to enable reliable message transmission.

Similarly, the technical standard for electric vehicle charging is outlined in ISO 15118, which defines the architecture for Plug&Charge (PnC) and V2G (vehicle-to-grid) bidirectional charging, providing a set of consistent specifications and guidelines for OEMs, charger manufacturers, and charge point operators (CPO) to promote a seamless EV charging ecosystem.

Why Protocols Aren’t Enough: The Need for V2X Interoperability Testing

Simply because two manufacturers follow the same standard or protocol, it doesn’t necessarily guarantee that their devices will be perfectly compatible with each other under actual implementation. As a simplified example, the standard for a universal plug may specify the width but lacks specification on the length, resulting in plugs with different lengths being incompatible despite adhering to the same standard. In practice, incompatibility issues can be much more complex, arising from a variety of underlying factors that can be difficult to pinpoint.

Given that the V2X ecosystem involves a wide range of end-entities across different domains, interoperability testing is necessary prior to mass deployment. These tests are usually conducted at a plugtest (or plugfest), which invites all relevant manufacturers to deploy their vehicles and devices in combined scenarios.

OmniAir Plugfest

OmniAir Consortium is one of the most influential associations in the C-ITS industry. It specializes in promoting interoperability between different connected entities within the V2X ecosystem, including the vehicle itself, onboard units (OBU) and roadside units (RSU), embedded communication modules, and security modules and SCMS backends.

OmniAir Consortium regularly organizes interoperability testing events—known as OmniAir Plugfests—to provide a platform for industry participants to test the cross-domain interoperability of their connected mobility technologies and devices. The most recent Costa del Sol Plugfest was held between October 24 and 28 in Malaga, Spain.

Opening ceremony of the Costa del Sol Plugfest

A wide range of bench tests were performed at the Costa del Sol Plugfest, including those involving V2X modules, message encryption, V2X-PKI certificates, SPaT message transmissions, and MAP message transmissions. Specific use cases like red light violation warning, emergency vehicle preemption, lane closure warning, curve speed warning, and many more, were tested on the field. One of the industry’s major testing and inspection firms, DEKRA, provided its testbed for the event.

As one of the more than 60 associate members of the OmniAir Consortium, and a C-ITS cybersecurity provider specialized in securing V2X connections, the AUTOCRYPT team headed to Malaga to participate in the plugfest by providing AUTOCRYPT’s SCMS certificates to the devices tested at the event.

The AUTOCRYPT team testing our SCMS certificates at Dekra’s testbed

Is C-V2X Ready?

Vice President of Autocrypt North America, Martin Totev, presented at a panel session discussing whether C-V2X is ready to be deployed for commercial use. Martin expressed his optimism on C-V2X commercialization and stressed a step-by-step deployment approach. “It doesn’t need to be mass deployment and autonomous driving straight away,” said Martin. “We can begin by deploying them in vehicles first, then intersections with frequent accidents, gradually enhancing road safety and saving lives in the long run.”

Martin also pointed out the importance of cybersecurity in V2X. “Although interoperability testing is crucial, it only marks the beginning of a continuous improvement process. In fact, more commercial deployments are needed so that security and SCMS providers like AUTOCRYPT can continuously enhance its regional security policies and strengthen its definitions for misbehaviours.”

VP of Autocrypt North America, Martin Totev, speaking about C-V2X deployment

AUTOCRYPT’s Pivotal Role in the V2X Ecosystem

AUTOCRYPT specializes in securing V2X communications. Given that vehicles rely on V2X messages for judgment and decision-making, the validity of these messages is critical to the safety and functionality of cooperative autonomous driving.

AUTOCRYPT secures V2X communications using both encryption and authentication technologies. On the frontend, a security module is embedded into each end-entity to encrypt and decrypt messages by referring to a list of SCMS certificates stored in a Local Certificate Manager (LCM). At the backend, its SCMS architecture enables the proper issuance, revocation, and verification of certificates, ensuring message validity and privacy.

To learn more about AUTOCRYPT’s V2X security solutions, contact global@autocrypt.io.

To stay informed and updated on the latest news about AUTOCRYPT and mobility tech, subscribe to AUTOCRYPT’s quarterly newsletter.