Today the Department of Transportation’s Intelligent Transportation System Joint Program Office (ITS JPO) published a notice in today’s Federal Register (78 FR 18415-18416) that they would be conducting a public workshop on Connected Vehicle Reference Implementation Architecture (CVRIA). The two day workshop (April 30th thru May 1st) in San Jose, CA will look at preliminary architecture viewpoint drafts. DOT is soliciting feedback from the stakeholders who will be involved in manufacturing, developing, deploying, operating, or maintaining the connected vehicle technologies and applications.
Since most modern vehicles already contain extensive mobile control systems, security of those control systems should be an obvious concern. It would seem that expanding the connectivity of those systems to more outside communications increases their vulnerability to unauthorized manipulations and increased concerns about privacy issues.
It appears that DOT has not entirely ignored the security implications of the expanded connectivity of these systems. The program web site provides links to two existing communications security related documents (here and here), but it seems to me that involvement of ICS security professionals early on in the development process would be beneficial in the long run.