Preliminary Considerations for a Cooperative Intelligent Transport System Cybersecurity Reference Architecture

Cyber security and privacy are major challenges for interconnected automatic driving cars which rely on confidentiality, integrity, availability, authenticity, accountability as well as privacy of a cooperative intelligent transport system (C-ITS). The cars require detailed data about the environment on different levels to generate a comprehensive overview of the current traffic situation in real time to ensure their safe and secure movement. The availability, integrity, authenticity and accountability of data and its processing are a prerequisite for automated and interconnected driving. Additionally, confidentiality and privacy are main requirements for using C-ITS services. Cyber security is not only necessary for an efficient traffic management. Co-operative functions and coordinative autonomy is mandatory, since successful intentional attacks on a C-ITS in fact threaten human lives. There is a fundamental need for a comprehensive harmonization of safety and security aspects from the infrastructure provider's perspective to ensure awareness and trust - and not solely from an original equipment manufacturer's (OEM) view. Especially cyber security is essential to make these cooperative traffic structures and autonomous interconnected driving technologies confidently available to society. In this paper, the approach for component identification, scoping, use case development, and the applied risk management method as preliminary work for the development of a comprehensive C-ITS cybersecurity reference framework is discussed. These steps are part of a currently ongoing research project.