Identity and security company Nexus Group offers a flexible and scalable public key infrastructure (PKI) platform, which enables organizations to issue and manage electronic identities for people and things. Its reliability and high output rate makes it suitable for vehicle-to-everything (V2X) initiatives, writes Magnus Malmström, CEO at Nexus Group.
The auto industry is undergoing massive disruption, brought on by new technologies. Nexus has a long history of protecting People and Things in business-critical processes. Recently, Nexus’ open-standards-based digital identity platform has proven suitable for the next generation of connected vehicle initiatives, V2X, referred to by some as Car2X.
The trusted digital identity is a critical part of securing the rapidly emerging ecosystems for autonomous driving, e-charging networks, car sharing, personalized user experiences and secure communication in V2X, such as vehicle-to-infrastructure and vehicle-to-vehicle.
V2X continues to progress, delivering many benefits to society. Through instant communication, V2X makes driving safer with features like road safety improvements with possibility for platooning, emergency vehicle approaching, road work warnings and collision warnings.
Since V2X technology relies on a constant transmission of data, there are privacy concerns that must be managed. The automotive industry understands that the public will not accept V2X systems without strong security and an assurance of privacy. The standardization of V2X communication in form of WLANp and 5G is ongoing, and security and privacy requirements must be taken into account from the very beginning. The automotive industry and government officials must therefore ensure that privacy concerns are a priority and collaborate with the technology providers to help mitigate any privacy risks that may arise with V2X technologies.
Nexus IoT PKI platform for automotive addresses Privacy concerns
To help making this a reality, the Nexus Car2X CA platform leverages on one of the largest, most comprehensive and trustable Certificate Systems ever built. A pseudonym scheme has been introduced based on open standardization with the aim to provide privacy for drivers. Secure communication in V2X relies on digital certificates and deployment of a public key infrastructure (PKI) for vehicular communications. At the factory, vehicles receive a long-term certificate from the long-term certificate authority and can later use this certificate to obtain short-term certificates from the pseudonymizing certificate authority, which supports privacy when the vehicle communicates externally. The architecture and platform ensure that each vehicle has 50-100 weekly trusted identities (certificates) which can be signed and updated remotely. The V2X equipment in each vehicle is responsible for randomizing these certificates throughout the week (part of the pseudonymization process). Any vehicle that is compromised can be removed from the system until trust is restored. Signed audit log records can be managed in accordance with desired retention periods.
Reach out to a Nexus representative if you want to know more about Nexus innovation, and our ambition to secure the future of the automotive industry through a reliable PKI infrastructure for V2X including;
- Standard functions for certificate life cycle and CRL types, EA and AA certificate requests and response messages according to ETSI TS 102 941, TS 103 097 and IEEE1609.2, and ECC key derivation using Butterfly curves, hash-ID based revocation and removal of certificates and audit records after retention period.
- Open interfaces to integrate into car production and logistical processes, and by customer choice, deliver systems as a cloud service or on-premise.
- Trusted software and development practice through Nexus ISO 27001 and Common Criteria EAL3+ and soon EAL 4+ certifications.
- A flexible high-capacity certificate management architecture to maintain millions of cars, and scale as you grow and with proven strong reliability.
- Future-proof investment, through Nexus participation in additional EU initiatives;
- ECSEL SECREDAS: PKI and certificate management for IoT-devices used in vehicles.
- CEBOT and SecureIoT: Equip IoT devices with capabilities to enable them to obtain digital certificate(s) in a secure and automated way and by using the communication protocols that these devices speak