Why use PKI to secure connected vehicles?
New technologies for vehicle-to-vehicle (V2V, Car2Car) and vehicle-to-everything (V2X, Car2X) communication enable assisted and autonomous driving, road safety applications, better road utilization and environment protection. Security is crucial for this communication, for safety and privacy reasons. Cyber attacks can threaten the privacy of the driver, damage the physical equipment, and even risk the lives of persons in and around the vehicle.
A trusted digital identity is the foundation for securing connected cars and trucks. A public-key infrastructure (PKI) provides cryptographically secure, unforgeable, theft-safe identities and is the best available security technology for large-scale distributed systems. PKI also enables creating anonymous, but verifiable identities, which help hide the real identity of vehicles and thereby protect the privacy of the driver.
Who is it for?
Car and truck manufacturers (OEMs) and their suppliers face challenges when they implement security functions in connected vehicles. They need to:
- Follow international standards for plug & charge (ISO 15118) or for V2X (IEEE 1609.2), which rely on PKI technology.
- Protect drivers’ privacy by complying with requirements, such as C-ITS.
- Issue an extremely high volume of certificates for the V2X use case.
- Authenticate vehicles to protect unauthorized access to the backend services.
- Protect software by code-signing to avoid manipulations during upgrades to the vehicle.
- Prevent malware from executing in the embedded computers of the vehicles.
Do you recognize these challenges?
Nexus’ platform for automotive PKI has the following key benefits:
- Guaranteed high performance with a proven capacity to issue 10,000 certificates per second. Offered as a service, guaranteed SLA and capacity as you grow.
- Fulfills automotive requirements by supporting standards, such as the IEEE 1609-2 and ETSI TS 103 097 (V2X) for digital certificate formats and interfaces, C-ITS for vehicle-to-grid (V2G), and ISO 15118 for plug & charge.
- Proven security as Nexus’ quality-assured PKI platform is being certified according to Common Criteria EAL4+, and Nexus’ organization comply with ISO 27001.
- Based on standard products you can rely on a mature, scalable, highly reliable, continuously tested and maintained, and future-safe software.
- The multi-CA and multi-tenancy enabled platform helps you adapt the PKI hierarchy, administration, and reporting, to your needs.