Blog post

CCAM systems rely on heavy cooperation from all the mobility actors: pedestrians, vehicles, roadside units and infrastructure. In this environment, sensors collect, process and distribute data to build a global view of the system. To ensure the privacy of users, this data must be anonymized, while preserving its usability. Furthermore, as this ecosystem will propose advanced functionality such as software updates or remote attestation, cybersecurity is also critical to ensure the availability of the system and its safety. Trust and data sharing tools are designed to ensure that exchanged data preserves the user’s privacy, and that it is exchanged securely. 

 

Preserving privacy 

Preserving privacy is usually a task that comes at a cost: usability. In the SELFY infrastructure, the Privacy Utility Tool (PUT) is designed to distort data used in specific use cases to preserve privacy. However, this distortion mechanism is performed such as preserving the utility of the transmitted data. In some scenarios, specific pieces of data, such as faces, and license plates must be made unusable to preserve privacy. This task is handled by the Data Anonymization Tool (DAT) that blurs these elements on the video feed captured by the vehicle’s cameras. Messages exchanged in the CCAM architecture must also preserve the privacy of the emitter. The V2X Privacy Tool (VPT) assign an ID to tracked objects in CPM messages. To avoid leaking the tracked object identity, this ID is changed based on the identity received through CAM messages. 

 

Transferring data securely 

Transmitting anonymized data, along with other types of data requires a secured environment for communication. In a cooperative scenario, this implies trusting other participants. The Roadside Trust Tool (RTT) assign a level of trust to each CCAM participant. It compares data received from roadside sensors with other participants’ data. By detecting differences in this comparison, the tool decreases the level of trust of a specific participant. When the trust value reaches a threshold, the participant is no longer trusted. Securing data also implies protecting vehicles’ updates or other exchanges through encryption. This part is guaranteed by the Post Quantum Cryptography (PQC) tool and the Key Exchange and Management System (KEMS). Both tools work hand in hand to initiate secure connections between the different components of the SELFY infrastructure using modern quantum resistant algorithms, ensuring the exchanged data will be secured. 

 

Ensuring continuous operations 

Adding new features, or correcting bugs is also important for SELFY. The Software Over The Air (SOTA) update tool allows to deploy a new version of a software to a single or a fleet of vehicles. This mechanism ensures the update is protected during deployment, thus protecting the intellectual property of the software provider. In order to avoid deploying the update unnecessarily, the Remote Attestation System (RAS) can verify that the execution of a desired piece of code follows a desired path describing a valid execution. This can reveal an alteration of the software running on the device or an error in the deployment of the update. 

 

By combining these different technologies, SELFY infrastructure ensures that the data produced by the system preserves privacy, is exchanged securely, and functions properly. 

Author: CEA