The provision of targeted in-vehicle advice to road users essentially requires the exchange of data. That exchange process works in two directions: road users receive information but at the same time they transmit data themselves.
At present, users receive Talking Traffic services via smartphones, devices in the dashboard and navigation systems. These services are carrying out essential groundwork for highly-automated vehicles; for the time being, drivers themselves have to respond on the basis of the displayed advice but within the foreseeable future the vehicle itself will act on the information it receives. In both situations, the requirements for accuracy, up-to-dateness, completeness and reliability of the underlying data are high, to ensure that the information provided can be used safely and effectively.
Security has been given maximum priority within the Partnership Talking Traffic. Data may never be allowed to fall into the wrong hands or be manipulated by third parties. Users must be able to rely on the fact that all the information they receive is safe, secure and complete. Incorrect or manipulated information could, after all, have huge consequences that go far beyond arriving late at your destination, taking unnecessary detours or suffering a dent in your image. When it comes to granting priority to ambulances at traffic lights, human live could even be put at risk.
Within the Partnership, strict requirements have been imposed for the protection of systems and the exchange of data. These requirements have been laid down as preconditions for qualification for participation, and have been made measurable. Every participant must submit its own security plan, which is then actively monitored. The government regularly carries out audits to monitor the information security and enforcement of security standards (ISO27001) of all parties. Above all, every participant is expected to demonstrate a proactive approach to maintaining security at the very highest level. All partners within Talking Traffic actively promote that goal. The security requirements imposed within the Partnership Talking Traffic in fact in no way deviate from the requirements that are viewed as self-evident in modern society, for commercial performance.
Combining different worlds
The Partnership Talking Traffic focuses its attention on organising security at the transition points (interfaces) between the three clusters [link to clusters and expertise pages]. Until now, each of these clusters represented a unique world or did not even exist as a form of service provision. This is changing thanks to the Partnership Talking Traffic. For the first time ever, large groups of road users are able to communicate wirelessly and ultrafast, with a large number of traffic lights. For emergency vehicles, too, communication from their communication equipment, which until now formed a closed system, is new. Right across the Talking Traffic chain, an extensive set of technical measures and organisational agreements, measuring systems and performance reviews guarantee that all the links are and remain as secure and reliable as possible.
Multiple security stages
The way in which security is organised within the Partnership is best illustrated by a clear example: the use case of an ambulance on its way to the hospital with its emergency lights flashing. The in-vehicle communication system constantly transmits its position, speed, direction and the status ‘priority journey’ to the cloud. Via the TLEX [link to separate TLEX page], the cloud party then passes on this information in time, to the relevant set of traffic lights. The traffic light – the iTLI – in question receives the priority request and confirms the request to the ambulance, in reverse order. The driver then knows that he will be able to safely pass the junction controlled by the traffic lights, as soon as he arrives. All other road users will be informed in time of the approaching ambulance. All these steps will be taken within milliseconds, in a completely secure environment.
Talking Traffic distinguishes between three layers:
The exchange of data between the various clusters and the accompanying subsystems within the Partnership is partially achieved via Internet technology. Security is guaranteed by a combination of encryption (including IPSEC), firewalls, secure access and other organisational measures. In addition, the data is exchanged via direct, secured ‘tunnel connections’.
Access to the various systems (cloud, TLEX, TLIs) is only granted to other duly authorised subsystems from the value chain. Protocols have been established and measures taken for access security, access management and access control (password, PIN code). In addition, all of the subsystems must be designed to be so robust that they comply with the requirements imposed on resistance to external attacks. To ensure that these systems are and remain secure, they are tested for security compliance by an independent third party, and the test process is periodically repeated before they are operationally deployed.
Authentication and authorisation
Talking Traffic aims to prevent individuals and/or organisations unlawfully obtaining a priority notice or inputting other incorrect data or information into the system. Within the Partnership, measures have been taken for data authentication (for example ‘Are you actually an ambulance?’) and authorisation (‘Is the ambulance entitled to be given priority at a junction?’). These processes take place via a so-called public key infrastructure (PKI), which uses digital certificates that are transmitted alongside the message. The certificate guarantees the identity of the holder and the accuracy and reliability of the message.
The Partnership Talking Traffic also imposes strict requirements on verification and traceability. Detailed logging guarantees that it is possible at all times to retrace who obtained access to which data, when and where, and precisely what was done with that information.
Within the Partnership Talking Traffic, the Technology and Parameters working groups are responsible for the further elaboration and refinement of all the necessary security measures and agreements. Within these working groups, the latest developments are also discussed and wherever necessary action is taken and agreements laid down at organisational level. After all, security is not all about technology!
Use of hackers
The starting point for security within Talking Traffic involved an analysis of the entire chain. This included an inventory of all conceivable risks and of everything that could possibly go wrong. To manage those risks, careful processes and measures were elaborated that are naturally confidential in nature. Nonetheless, in theory it remains possible that one or more potential security issues has been forgotten or that new developments emerge that represent a threat to security. Security has after all always been an ‘arms race’ in which security providers operate as proactively as possible in tackling the latest techniques that turn out to be available to attackers. To trace such potential remaining loopholes, the Partnership Talking Traffic regularly deploys ethical hackers who are instructed for example to attempt to hack into the TLIs, apps and other system components. The outcome of these penetration tests can lead to new insights, and give grounds for additional measures. At the same time, external audits are regularly held that examine the technology, processes and organisation, to ascertain whether they are still compliant or require further adjustment or reinforcement.
Security versus privacy
Security and privacy are often bundled together, and although not exactly the same thing, they can certainly influence one another. Potential security incidents, for example, can result in the unintentional accessibility to otherwise secured personal details. Unlawful access to personal details can in turn potentially result in a new security risk (for example via blackmail). To prevent this happening, the Talking Traffic partners have reached joint agreements on security and privacy, and similar agreements are laid down by the individual (public and private) partners.