Today the DOT’s National Highway Transportation Safety
Administration (NHTSA) published an advance notice of proposed rulemaking
(ANPRM) in the Federal Register (79 FR
49270-49278) concerning potential creation of a Federal Motor Vehicle
Safety Standard (FMVSS) for vehicle-to-vehicle (V2V) communications. NHTSA believes
that requiring V2V communication capability in new light vehicles would
facilitate the development and introduction of a number of advanced vehicle
safety applications.
Along with the publication of this ANPRM NHTSA is publishing
“Vehicle-to-Vehicle
Communications: Readiness of V2V Technology for Application” (.PDF download
link). According to the report abstract (pg i), the “report explores technical,
legal, and policy issues relevant to
V2V, analyzing the research conducted thus far, the technological solutions
available for addressing the safety
problems identified by the agency, the policy implications of those
technological solutions, legal authority and legal issues such as liability and
privacy”.
This ANPRM is not an actual proposal for any specific
regulatory language; rather it asks a series of questions that NHTSA needs to
have answered before it can proceed with the rulemaking process. The extensive
list of questions covers ten general topics:
Of particular interest to readers of this blog will be the
cybersecurity questions asked in the communications security section of the
ANPRM. These questions include:
• Do commenters believe that using
machine-to-machine PKI
for V2V is feasible, and that a security system based on PKI provides the
level of security needed to support wide-scale V2V deployment?
• Do commenters believe that the current security system
design (as shown in Figure IX-3 of the research report) is a reasonable and
sufficient approach for implementing a secure and trusted operating
environment?
• Do commenters believe the Certificate Revocation List
is necessary?
• Do commenters believe a V2V
system would create
new potential “threat vectors” (i.e., “ways into” a vehicle's electronic
control unit) that could somehow control a vehicle or manipulate its responses
beyond those existing in today's vehicles?
• Do commenters believe that V2V
could introduce the threat
of remote code execution, i.e., that, among possible threat vectors,
malicious code could be introduced remotely into a vehicle through the DSRC [dedicated
short-range communications] device and could create a threat to affected
vehicles?
• Do commenters have suggestions on
how NHTSA could mitigate
these potential threats with standardized security practices and how NHTSA
could implement a self-certification or third-party audit or testing program to
guard against such threats?
• Does the absence of encryption of the Basic
Safety Message itself create any security threat, e.g., reverse engineering
of a V2V system?
• If OEM DSRC devices were kept
up-to-date through the current methods of upgrading that existing consumer
electronics use today, would the use of this updating process
introduce a new attack vector?
• Is there a possibility of cyber-attacks
across the entire vehicle fleet and, if so, how should they be analyzed and
addressed?
• Are there any other specific security
issues that have not been mentioned here, but that should be addressed in
the V2V security review?
NHTSA is soliciting public responses to the questions listed
in the ANPRM. Comments may be submitted via the Federal eRulemaking Portal (www.Regulations.gov; Docket # NHTSA-2014-0022).
Comments should be submitted by October 20th, 2014.
Posts
No comments:
Post a Comment