A comprehensive survey of V2X cybersecurity mechanisms and future research paths

Recent advancements in vehicle-to-everything (V2X) communication have notably improved existing transport systems by enabling increased connectivity and driving autonomy levels. The remarkable benefits of V2X connectivity come inadvertently with challenges which involve security vulnerabilities and breaches. Addressing security concerns is essential for seamless and safe operation of mission-critical V2X use cases. This paper surveys current literature on V2X security and provides a systematic and comprehensive review of the most relevant security enhancements to date. An in-depth classification of V2X attacks is first performed according to key security and privacy requirements. Our methodology resumes with a taxonomy of security mechanisms based on their proactive/reactive defensive approach, which helps identify strengths and limitations of state-of-the-art countermeasures for V2X attacks. In addition, this paper delves into the potential of emerging security approaches leveraging artificial intelligence tools to meet security objectives. Promising data-driven solutions tailored to tackle security, privacy and trust issues are thoroughly discussed along with new threat vectors introduced inevitably by these enablers. The lessons learned from the detailed review of existing works are also compiled and highlighted. We conclude this survey with a structured synthesis of open challenges and future research directions to foster contributions in this prominent field.This work is supported by the H2020-INSPIRE-5Gplus project (under Grant agreement No. 871808), the ”Ministerio de Asuntos Económicos y Transformacion Digital” and the European Union-NextGenerationEU in the frameworks of the ”Plan de Recuperación, Transformación y Resiliencia” and of the ”Mecanismo de Recuperación y Resiliencia” under references TSI-063000-2021-39/40/41, and the CHIST-ERA-17-BDSI-003 FIREMAN project funded by the Spanish National Foundation (Grant PCI2019-103780).Peer ReviewedPostprint (published version

What is a Blockchain? A Definition to Clarify the Role of the Blockchain in the Internet of Things

The use of the term blockchain is documented for disparate projects, from cryptocurrencies to applications for the Internet of Things (IoT), and many more. The concept of blockchain appears therefore blurred, as it is hard to believe that the same technology can empower applications that have extremely different requirements and exhibit dissimilar performance and security. This position paper elaborates on the theory of distributed systems to advance a clear definition of blockchain that allows us to clarify its role in the IoT. This definition inextricably binds together three elements that, as a whole, provide the blockchain with those unique features that distinguish it from other distributed ledger technologies: immutability, transparency and anonimity. We note however that immutability comes at the expense of remarkable resource consumption, transparency demands no confidentiality and anonymity prevents user identification and registration. This is in stark contrast to the requirements of most IoT applications that are made up of resource constrained devices, whose data need to be kept confidential and users to be clearly known. Building on the proposed definition, we derive new guidelines for selecting the proper distributed ledger technology depending on application requirements and trust models, identifying common pitfalls leading to improper applications of the blockchain. We finally indicate a feasible role of the blockchain for the IoT: myriads of local, IoT transactions can be aggregated off-chain and then be successfully recorded on an external blockchain as a means of public accountability when required

5G-based V2V broadcast communications: A security perspective

The V2V services have been specified by the 3GPP standards body to support road safety and non-safety applications in the 5G cellular networks. It is expected to use the direct link (known as the PC5 interface), as well as the new radio interface in 5G, to provide a connectivity platform among vehicles. Particularly, vehicles will use the PC5 interface to broadcast safety messages to inform each other about potential hazards on the road. In order to function safely, robust security mechanisms are needed to ensure the authenticity of received messages and trustworthiness of message senders. These mechanisms must neither add significantly to message latency nor affect the performance of safety applications. The existing 5G-V2V standard allow protection of V2V messages to be handled by higher layer security solutions defined by other standards in the ITS domain. However having a security solution at the 5G access layer is conceivably preferable in order to ensure system compatibility and reduce deployment cost. Accordingly, the main aim of this paper is to review options for 3GPP access layer security in future 5G-V2V releases. Initially, a summary of 5G-V2V communications and corresponding service requirements is presented. An overview of the application level security standards is also given, followed by a review of the impending options to secure V2V broadcast messages at the 5G access layer. Finally, paper presents the relevant open issues and challenges on providing 3GPP access layer security solution for direct V2V communication

Dynamic services in mobile ad hoc networks

The increasing diffusion of wireless-enabled portable devices is pushing toward the design of novel service scenarios, promoting temporary and opportunistic interactions in infrastructure-less environments. Mobile Ad Hoc Networks (MANET) are the general model of these higly dynamic networks that can be specialized, depending on application cases, in more specific and refined models such as Vehicular Ad Hoc Networks and Wireless Sensor Networks. Two interesting deployment cases are of increasing relevance: resource diffusion among users equipped with portable devices, such as laptops, smart phones or PDAs in crowded areas (termed dense MANET) and dissemination/indexing of monitoring information collected in Vehicular Sensor Networks. The extreme dynamicity of these scenarios calls for novel distributed protocols and services facilitating application development. To this aim we have designed middleware solutions supporting these challenging tasks. REDMAN manages, retrieves, and disseminates replicas of software resources in dense MANET; it implements novel lightweight protocols to maintain a desired replication degree despite participants mobility, and efficiently perform resource retrieval. REDMAN exploits the high-density assumption to achieve scalability and limited network overhead. Sensed data gathering and distributed indexing in Vehicular Networks raise similar issues: we propose a specific middleware support, called MobEyes, exploiting node mobility to opportunistically diffuse data summaries among neighbor vehicles. MobEyes creates a low-cost opportunistic distributed index to query the distributed storage and to determine the location of needed information. Extensive validation and testing of REDMAN and MobEyes prove the effectiveness of our original solutions in limiting communication overhead while maintaining the required accuracy of replication degree and indexing completeness, and demonstrates the feasibility of the middleware approach

Asioiden Internetin tietoturva: ratkaisuja, standardeja ja avoimia ongelmia

Internet of Things (IoT) extends the Internet to our everyday objects, which enables new kind of applications and services. These IoT applications face demanding technical challenges: the number of ‘things’ or objects can be very large, they can be very con-strained devices, and may need to operate on challenging and dynamic environments. However, the architecture of today’s Internet is based on many legacy protocols and technology that were not originally designed to support features like mobility or the huge and growing number of objects the Internet consists of today. Similarly, many security features of today’s Internet are additional layers built to fill up flaws in the un-derlying design. Fulfilling new technical requirements set by IoT applications requires efficient solutions designed for the IoT use from the ground up. Moreover, the imple-mentation of this new IoT technology requires interoperability and integration with tra-ditional Internet. Due to considerable technical challenges, the security is an often over-looked aspect in the emerging new IoT technology. This thesis surveys general security requirements for the entire field of IoT applica-tions. Out of the large amount of potential applications, this thesis focuses on two major IoT application fields: wireless sensor networks and vehicular ad-hoc networks. The thesis introduces example scenarios and presents major security challenges related to these areas. The common standards related to the areas are examined in the security perspective. The thesis also examines research work beyond the area of standardization in an attempt to find solutions to unanswered security challenges. The thesis aims to give an introduction to the security challenges in the IoT world and review the state of the security research through these two major IoT areas

Efficient Distribution of Key Chain Commitments for Broadcast Authentication in V2V Communications

Road safety applications such as intersection collision warning, emergency brake warnings, etc., rely on the periodic broadcast of messages by vehicles and roadside infrastructure. PKI-based approaches ensuring the integrity of messages and the legitimacy of the sender are computationally expensive and result in long messages. Approaches based on hashed key chains such as Timed Efficient Stream Loss-tolerant Authentication (TESLA) offer an alternative solution. Because they use symmetric-key cryptography, the messages are shorter and less expensive to verify. However, they bring their own challenges. This paper focuses on one challenge, the problem of distributing key chain commitments required for message verification. We propose and evaluate two techniques, respectively involving periodic broadcast of commitment keys by the vehicles themselves and selective unicasting by a central V2X Application Server (VAS). We find that the VAS-centric solution has advantages over the vehicle-centric solution and a related solution proposed by other researchers

SoK: Diving into DAG-based Blockchain Systems

Blockchain plays an important role in cryptocurrency markets and technology services. However, limitations on high latency and low scalability retard their adoptions and applications in classic designs. Reconstructed blockchain systems have been proposed to avoid the consumption of competitive transactions caused by linear sequenced blocks. These systems, instead, structure transactions/blocks in the form of Directed Acyclic Graph (DAG) and consequently re-build upper layer components including consensus, incentives, \textit{etc.} The promise of DAG-based blockchain systems is to enable fast confirmation (complete transactions within million seconds) and high scalability (attach transactions in parallel) without significantly compromising security. However, this field still lacks systematic work that summarises the DAG technique. To bridge the gap, this Systematization of Knowledge (SoK) provides a comprehensive analysis of DAG-based blockchain systems. Through deconstructing open-sourced systems and reviewing academic researches, we conclude the main components and featured properties of systems, and provide the approach to establish a DAG. With this in hand, we analyze the security and performance of several leading systems, followed by discussions and comparisons with concurrent (scaling blockchain) techniques. We further identify open challenges to highlight the potentiality of DAG-based solutions and indicate their promising directions for future research.Comment: Full versio

Automatic system supporting multicopter swarms with manual guidance

[EN] Currently, there are some scenarios, such as search and rescue operations,where the deployment of manually guided swarms of UAVs can be necessary. In such cases, the pilot's commands are unknown a priori (unpredictable), meaning that the UAVs must respond in near real time to the movements of the leader UAV in order to maintain swarm consistency. In this paper we develop a protocol for the coordination of UAVs in a swarm where the swarm leader is controlled by a real pilot, and the other UAVs must follow it in real time to maintain swarm cohesion. We validate our solution using a realistic simulation software that we developed (ArduSim), testing flights with multiple numbers of UAVs and different swarm configurations. Simulation results show the validity of the proposed swarm coordination protocol, detailing the responsiveness limits of our solution, and finding the minimum distances between UAVs to avoid collisions.This work was partially supported by the "Programa Estatal de Investigation, Desarrollo e Innovation Orientada a Retos de la Sociedad, Proyecto TEC2014-52690-R", Spain, the "Universidad Laica Eloy Alfaro de Manabi," and the "Programa de Becas SENESCYT de la Republica del Ecuador."Fabra Collado, FJ.; Zamora, W.; Masanet, J.; Tavares De Araujo Cesariny Calafate, CM.; Cano, J.; Manzoni, P. (2019). Automatic system supporting multicopter swarms with manual guidance. Computers & Electrical Engineering. 74:413-428. https://doi.org/10.1016/j.compeleceng.2019.01.0264134287