Owing to their safety applications, cooperative vehicle systems, which use sensors and wireless technologies to reduce traffic accidents, continue to be the focus of heavy research and development efforts around the world.

Foreword xv Ralf G. Herrtwich Foreword xvii Flavio Bonomi Foreword xix Adam Drobot Preface xxi Acknowledgments xxv 1 Traffic Safety 1 1.1 Traffic Safety Facts 1 1.1.1 Fatalities 2 1.1.2 Leading Causes of Crashes 3 1.1.3 Current Trends 5 1.2 European Union 5 1.3 Japan 7 1.4 Developing Countries 7 References 8 2 Automotive Safety Evolution 10 2.1 Passive Safety 10 2.1.1 Safety Cage and the Birth of Passive Safety 10 2.1.2 Seat Belts 11 2.1.3 Air Bags 11 2.2 Active Safety 12 2.2.1 Antilock Braking System 12 2.2.2 Electronic Stability Control 13 2.2.3 Brake Assist 13 2.3 Advanced Driver Assistance Systems 14 2.3.1 Adaptive Cruise Control 15 2.3.2 Blind Spot Assist 16 2.3.3 Attention Assist 16 2.3.4 Precrash Systems 16 2.4 Cooperative Safety 17 References 18 3 Vehicle Architectures 20 3.1 Electronic Control Units 20 3.2 Vehicle Sensors 21 3.2.1 Radars 21 3.2.2 Cameras 21 3.3 Onboard Communication Networks 22 3.3.1 Controller Area Network 23 3.3.2 Local Interconnect Network 23 3.3.3 FlexRay 24 3.3.4 Media Oriented Systems Transport 24 3.3.5 Onboard Diagnostics 24 3.4 Vehicle Data 25 3.5 Vehicle Data Security 26 3.6 Vehicle Positioning 27 3.6.1 Global Positioning System 27 3.6.2 Galileo 29 3.6.3 Global Navigation Satellite System 29 3.6.4 Positioning Accuracy 30 References 30 4 Connected Vehicles 32 4.1 Connected Vehicle Applications 32 4.1.1 Hard Safety Applications 32 4.1.2 Soft Safety Applications 33 4.1.3 Mobility and Convenience Applications 33 4.2 Uniqueness in Consumer Vehicle Networks 34 4.3 Vehicle Communication Modes 36 4.3.1 Vehicle-to-Vehicle Local Broadcast 36 4.3.2 V2V Multihop Message Dissemination 37 4.3.3 Infrastructure-to-Vehicle Local Broadcast 38 4.3.4 Vehicle-to-Infrastructure Bidirectional Communications 39 4.4 Wireless Communications Technology for Vehicles 39 References 42 5 Dedicated Short-Range Communications 44 5.1 The 5.9 GHz Spectrum 44 5.1.1 DSRC Frequency Band Usage 45 5.1.2 DSRC Channels 45 5.1.3 DSRC Operations 46 5.2 DSRC in the European Union 46 5.3 DSRC in Japan 47 5.4 DSRC Standards 48 5.4.1 Wireless Access in Vehicular Environments 48 5.4.2 Wireless Access in Vehicular Environments Protocol Stack 48 5.4.3 International Harmonization 50 References 50 6 WAVE Physical Layer 52 6.1 Physical Layer Operations 52 6.1.1 Orthogonal Frequency Division Multiplexing 52 6.1.2 Modulation and Coding Rates 53 6.1.3 Frame Reception 54 6.2 PHY Amendments 55 6.2.1 Channel Width 56 6.2.2 Spectrum Masks 56 6.2.3 Improved Receiver Performance 57 6.3 PHY Layer Modeling 57 6.3.1 Network Simulator Architecture 58 6.3.2 RF Model 59 6.3.3 Wireless PHY 61 References 62 7 WAVE Media Access Control Layer 64 7.1 Media Access Control Layer Operations 64 7.1.1 Carrier Sensing Multiple Access with Collision Avoidance 64 7.1.2 Hidden Terminal Effects 65 7.1.3 Basic Service Set 66 7.2 MAC Layer Amendments 66 7.3 MAC Layer Modeling 67 7.3.1 Transmission 68 7.3.2 Reception 68 7.3.3 Channel State Manager 68 7.3.4 Back-Off Manager 69 7.3.5 Transmission Coordination 70 7.3.6 Reception Coordination 71 7.4 Overhauled ns-2 Implementation 72 References 74 8 DSRC Data Rates 75 8.1 Introduction 75 8.2 Communication Density 76 8.2.1 Simulation Study 77 8.2.2 Broadcast Reception Rates 78 8.2.3 Channel Access Delay 81 8.2.4 Frames Reception Failures 83 8.3 Optimal Data Rate 85 8.3.1 Modulation and Coding Rates 85 8.3.2 Simulation Study 86 8.3.3 Simulation Matrix 87 8.3.4 Simulation Results 88 References 91 9 WAVE Upper Layers 93 9.1 Introduction 93 9.2 DSRC Multichannel Operations 94 9.2.1 Time Synchronization 94 9.2.2 Synchronization Intervals 95 9.2.3 Guard Intervals 96 9.2.4 Channel Switching 96 9.2.5 Channel Switching State Machine 96 9.3 Protocol Evaluation 97 9.3.1 Simulation Study 98 9.3.2 Simulation Scenarios 99 9.3.3 Simulation Results 99 9.3.4 Protocol Enhancements 102 9.4 WAVE Short Message Protocol 103 References 104 10 Vehicle-to-Infrastructure Safety Applications 106 10.1 Intersection Crashes 106 10.2 Cooperative Intersection Collision Avoidance System for Violations 107 10.2.1 CICAS-V Design 107 10.2.2 CICAS-V Development 110 10.2.3 CICAS-V Testing 116 10.3 Integrated Safety Demonstration 118 10.3.1 Demonstration Concept 118 10.3.2 Hardware Components 120 10.3.3 Demo Design 121 References 124 11 Vehicle-to-Vehicle Safety Applications 126 11.1 Cooperation among Vehicles 126 11.2 V2V Safety Applications 127 11.3 V2V Safety Applications Design 128 11.3.1 Basic Safety Messages 129 11.3.2 Minimum Performance Requirements 129 11.3.3 Target Classifi cation 131 11.3.4 Vehicle Representation 132 11.3.5 Sample Applications 133 11.4 System Implementation 135 11.4.1 Onboard Unit Hardware Components 135 11.4.2 OBU Software Architecture 135 11.4.3 Driver–Vehicle Interface 137 11.5 System Testing 138 11.5.1 Communications Coverage and Antenna Considerations 138 11.5.2 Positioning 139 References 140 12 DSRC Scalability 141 12.1 Introduction 141 12.2 DSRC Data Traffic 142 12.2.1 DSRC Safety Messages 142 12.2.2 Transmission Parameters 143 12.2.3 Channel Load Assessment 144 12.3 Congestion Control Algorithms 145 12.3.1 Desired Properties 145 12.3.2 Transmission Power Adjustment 146 12.3.3 Message Rate Adjustment 147 12.3.4 Simulation Study 148 12.4 Conclusions 148 References 149 13 Security and Privacy Threats and Requirements 151 13.1 Introduction 151 13.2 Adversaries 151 13.3 Security Threats 152 13.3.1 Send False Safety Messages Using Valid Security Credentials 152 13.3.2 Falsely Accuse Innocent Vehicles 153 13.3.3 Impersonate Vehicles or Other Network Entities 153 13.3.4 Denial-of-Service Attacks Specific to Consumer Vehicle Networks 154 13.3.5 Compromise OBU Software or Firmware 155 13.4 Privacy Threats 155 13.4.1 Privacy in a Vehicle Network 155 13.4.2 Privacy Threats in Consumer Vehicle Networks 156 13.4.3 How Driver Privacy can be Breached Today 158 13.5 Basic Security Capabilities 159 13.5.1 Authentication 159 13.5.2 Misbehavior Detection and Revocation 160 13.5.3 Data Integrity 160 13.5.4 Data Confidentiality 160 13.6 Privacy Protections Capabilities 161 13.7 Design and Performance Considerations 161 13.7.1 Scalability 162 13.7.2 Balancing Competing Requirements 162 13.7.3 Minimal Side Effects 163 13.7.4 Quantifi able Levels of Security and Privacy 163 13.7.5 Adaptability 163 13.7.6 Security and Privacy Protection for V2V Broadcast 163 13.7.7 Security and Privacy Protection for Communications with Security Servers 164 References 165 14 Cryptographic Mechanisms 167 14.1 Introduction 167 14.2 Categories of Cryptographic Mechanisms 167 14.2.1 Cryptographic Hash Functions 168 14.2.2 Symmetric Key Algorithms 169 14.2.3 Public Key (Asymmetric Key) Algorithms 170 14.3 Digital Signature Algorithms 172 14.3.1 The RSA Algorithm 172 14.3.2 The DSA Algorithm 178 14.3.3 The ECDSA Algorithm 184 14.3.4 ECDSA for Vehicle Safety Communications 194 14.4 Message Authentication and Message Integrity Verifi cation 196 14.4.1 Authentication and Integrity Verifi cation Using Hash Functions 197 14.4.2 Authentication and Integrity Verifi cation Using Digital Signatures 198 14.5 Diffi e–Hellman Key Establishment Protocol 200 14.5.1 The Original Diffie–Hellman Key Establishment Protocol 200 14.5.2 Elliptic Curve Diffie–Hellman Key Establishment Protocol 201 14.6 Elliptic Curve Integrated Encryption Scheme (ECIES) 202 14.6.1 The Basic Idea 202 14.6.2 Scheme Setup 202 14.6.3 Encrypt a Message 202 14.6.4 Decrypt a Message 204 14.6.5 Performance 204 References 206 15 Public Key Infrastructure for Vehicle Networks 209 15.1 Introduction 209 15.2 Public Key Certificates 210 15.3 Message Authentication with Certificates 211 15.4 Certifi cate Revocation List 212 15.5 A Baseline Reference Vehicular PKI Model 213 15.6 Confi gure Initial Security Parameters and Assign Initial Certificates 215 15.6.1 Vehicles Create Their Private and Public Keys 216 15.6.2 Certificate Authority Creates Private and Public Keys for Vehicles 217 15.7 Acquire New Keys and Certifi cates 217 15.8 Distribute Certifi cates to Vehicles for Signature Verifications 220 15.9 Detect Misused Certifi cates and Misbehaving Vehicles 222 15.9.1 Local Misbehavior Detection 223 15.9.2 Global Misbehavior Detection 224 15.9.3 Misbehavior Reporting 224 15.10 Ways for Vehicles to Acquire CRLs 226 15.11 How Often CRLs should be Distributed to Vehicles? 228 15.12 PKI Hierarchy 230 15.12.1 Certifi cate Chaining to Enable Hierarchical CAs 231 15.12.2 Hierarchical CA Architecture Example 231 15.13 Privacy-Preserving Vehicular PKI 233 15.13.1 Quantitative Measurements of Vehicle Anonymity 234 15.13.2 Quantitative Measurement of Message Unlinkability 234 References 235 16 Privacy Protection with Shared Certificates 237 16.1 Shared Certificates 237 16.2 The Combinatorial Certificate Scheme 237 16.3 Certificate Revocation Collateral Damage  239 16.4 Certified Intervals 242 16.4.1 The Concept of Certified Interval 242 16.4.2 Certified Interval Produced by the Original Combinatorial Certificate Scheme 242 16.5 Reduce Collateral Damage and Improve Certified Interval 244 16.5.1 Reduce Collateral Damage Caused by a Single Misused Certificate 245 16.5.2 Vehicles Become Statistically Distinguishable When Misusing Multiple Certificates 248 16.5.3 The Dynamic Reward Algorithm 250 16.6 Privacy in Low Vehicle Density Areas 253 16.6.1 The Problem 253 16.6.2 The Blend-In Algorithm to Improve Privacy 256 References 259 17 Privacy Protection with Short-Lived Unique Certificates 260 17.1 Short-Lived Unique Certificates 260 17.2 The Basic Short-Lived Certificate Scheme 261 17.3 The Problem of Large CRL 263 17.4 Anonymously Linked Certificates to Reduce CRL Size 264 17.4.1 Certificate Tags 264 17.4.2 CRL Processing by Vehicles 265 17.4.3 Backward Unlinkability 267 17.5 Reduce CRL Search Time 268 17.6 Unlinked Short-Lived Certificates 269 17.7 Reduce the Volume of Certificate Request and Response Messages 270 17.8 Determine the Number of Certificates for Each Vehicle 270 References 273 18 Privacy Protection with Group Signatures 274 18.1 Group Signatures 274 18.2 Zero-Knowledge Proof of Knowledge 275 18.3 The ACJT Group Signature Scheme and its Extensions 277 18.3.1 The ACJT Group Signature Scheme 277 18.3.2 The Challenge of Group Membership Revocation 282 18.3.3 ACJT Extensions to Support Membership Revocation 283 18.4 The CG Group Signature Scheme with Revocation 286 18.5 The Short Group Signatures Scheme 288 18.5.1 The Short Group Signatures Scheme 288 18.5.2 Membership Revocation 291 18.6 Group Signature Schemes with Verifier-Local Revocation 292 References 293 19 Privacy Protection against Certificate Authorities 295 19.1 Introduction 295 19.2 Basic Idea 295 19.3 Baseline Split CA Architecture, Protocol, and Message Processing 297 19.4 Split CA Architecture for Shared Certifi cates 301 19.5 Split CA Architecture for Unlinked Short-Lived Certificates 302 19.5.1 Acquire One Unlinked Certifi cate at a Time 302 19.5.2 Assign Batches of Unlinked Short-Lived Certifi cates 304 19.5.3 Revoke Batches of Unlinked Certifi cates 306 19.5.4 Request for Decryption Keys for Certificate Batches 307 19.6 Split CA Architecture for Anonymously Linked Short-Lived Certificates 308 19.6.1 Assign One Anonymously Linked Short-Lived Certificate at a Time 308 19.6.2 Assign Batches of Anonymously Linked Short-Lived Certificates 311 19.6.3 Revoke Batches of Anonymously Linked Short-Lived Certificates  312 19.6.4 Request for Decryption Keys for Certificate Batches  313 References 314 20 Comparison of Privacy-Preserving Certificate Management Schemes 315 20.1 Introduction 315 20.2 Comparison of Main Characteristics 316 20.3 Misbehavior Detection 320 20.4 Abilities to Prevent Privacy Abuse by CA and MDS Operators 321 20.5 Summary 322 21 IEEE 1609.2 Security Services 323 21.1 Introduction 323 21.2 The IEEE 1609.2 Standard 323 21.3 Certificates and Certificate Authority Hierarchy 325 21.4 Formats for Public Key, Signature, Certificate, and CRL 327 21.4.1 Public Key Formats 327 21.4.2 Signature Formats 328 21.4.3 Certificate Format 329 21.4.4 CRL Format 332 21.5 Message Formats and Processing for Generating Encrypted Messages 333 21.6 Sending Messages  335 21.7 Request Certifi cates from the CA 336 21.8 Request and Processing CRL 343 21.9 What the Current IEEE 1609.2 Standard Does Not Cover 344 21.9.1 No Support for Anonymous Message Authentication 344 21.9.2 Separate Vehicle-CA Communication Protocols Are Required 344 21.9.3 Interactions and Interfaces between CA Entities Not Addressed / 346 References 346 22 4G for Vehicle Safety Communications 347 22.1 Introduction 347 22.2 Long-Term Revolution (LTE) 347 22.3 LTE for Vehicle Safety Communications/ 353 22.3.1 Issues to Be Addressed 353 22.3.2 LTE for V2I Safety Communications 353 22.3.3 LTE for V2V Safety Communications 356 22.3.4 LTE Broadcast and Multicast Services 357 References 358 Glossary 360 Index 367

Provides an up-to-date, in-depth look at the current research, design, and implementation of cooperative vehicle safety communication protocols and technology Improving traffic safety has been a top concern for transportation agencies around the world and the focus of heavy research and development efforts sponsored by both governments and private industries. Cooperative vehicle systems—which use sensors and wireless technologies to reduce traffic accidents—can play a major role in making the world's roads safer. Vehicle Safety Communications: Protocols, Security, and Privacy describes fundamental issues in cooperative vehicle safety and recent advances in technologies for enabling cooperative vehicle safety. It gives an overview of traditional vehicle safety issues, the evolution of vehicle safety technologies, and the need for cooperative systems where vehicles work together to reduce the number of crashes or mitigate damage when crashes become unavoidable. Authored by two top industry professionals, the book: Summarizes the history and current status of 5.9 GHz Dedicated Short Range Communications (DSRC) technology and standardization, discussing key issues in applying DSRC to support cooperative vehicle safetyFeatures an in-depth overview of on-board equipment (OBE) and roadside equipment (RSE) by describing sample designs to illustrate the key issues and potential solutionsTakes on security and privacy protection requirements and challenges, including how to design privacy-preserving digital certificate management systems and how to evict misbehaving vehiclesIncludes coverage of vehicle-to-infrastructure (V2I) communications like intersection collision avoidance applications and vehicle-to-vehicle (V2V) communications like extended electronic brake lights and intersection movement assist Vehicle Safety Communications is ideal for anyone working in the areas of—or studying—cooperative vehicle safety and vehicle communications.