Focusing on security of ITS, ITU-T Study Group 17 (SG17) develops international standards to foster public and private trust towards the emerging ITS applications worldwide.
SG17 activities related to ITS
Secure software update capability for ITS communication devices
Modern vehicles, which use software applications including for safety critical systems, are more and more automated and may be considered mobile phones on wheels. In this context, a software update/upgrade becomes a fundamental aspect, similarly for mobile phones and computers. This becomes even more critical for vehicles that are equipped with ITS communication capabilities as these applications may endanger the life of vehicle passengers. Hence the necessity of a secure and reliable software update/upgrade over the air (OTA) for next generation vehicles. The aim of this activity in ITU-T SG17 has developed a procedure and components for OTA secure software updates for ITS communication devices, considering potential threats such as tampering and malicious intrusion.
SG17's efforts focus on continuously improving the basic model of software update procedures, defining messages and related attributes to achieve secure software updates. This procedure is designed for the application layer, leveraging existing communication protocols, and targets vehicle-to-infrastructure (V2I) communication through the internet and/or ITS dedicated networks.
Security guidelines for electric vehicle charging
Electric vehicles are becoming more and more popular, especially to address the sustainability advocated by the United Nations Sustainable Development Goals (SDGs). In this context, SG17 studies the security of electric vehicle charging. Plug and Charge (PnC) is a service that includes secure personal identification where the customer will only plug their vehicle into the electric vehicle supply equipment, and all aspects of charging are automatically taken care of with no further intervention from the driver.
SG17 puts efforts into realising PnC service using Vehicle Identity (VD) for electric vehicles. Moreover, SG17 identifies threats and provides security guidelines for the PnC services.
Security guidelines for Vehicular Edge Computing (VEC)
VEC is a decentralized computing model that brings computing resources closer to vehicles and road users, offering localized storage and application services. This results in reduced latency, faster response times, enhanced mobility support, location awareness, high availability, and improved quality of service for real-time applications.
VEC faces many security challenges and issues since it requires providing faster service response time to end-users. To ensure a secure VEC, SG17 provides security guidelines for VEC based on an analysis of the threats and vulnerabilities identified within VEC.
Collaboration with UNECE WP29
ITU-T SG17 experts collaborates with UNECE World Forum for Harmonization of Vehicle Regulations (WP.29), which is a unique worldwide regulatory forum within the UNECE Inland Transport Committee. In particular SG17 experts contributed to develop the UN Regulation N.155 on “Cyber security and cyber security management system” and N.156 on “Software update and software update management system” which were adopted in March 2021.
Some SG17 deliverables for ITS
