On Security and Privacy in Vehicle Speed Limiting Services in the Internet of Vehicles

Currently, the number of vehicles in road traffic is increasing, which enhances the variety of traffic situations and needs related to road traffic and safety. Cooperative Intelligent Transport System (C-ITS) could improve road safety and benefit drivers and traffic participants. The C-Roads specification defines many different use cases for informing road vehicles about speed limits, impending danger, road works, signalized intersections, and more. In this paper, we propose a new use case targeting the need for integrated rescue system services to slow down or stop selected vehicles that are violating rules. Unlike most use cases in C-Roads, in our case, it is not enough to only notify the driver's vehicle but also to slow it down or stop it completely. This intervention requires addressing issues from a technical and a procedural/legal point of view. In this work, we define the use case itself, following the templates of the specification in C-Roads. Then, we discuss the issues in terms of secure communication between vehicles and privacy. We also analyze existing protection security techniques against typical cybersecurity attacks and privacy countermeasures. Next, we propose a system architecture concerning appropriate C-ITS messages and communication between vehicles and present an On-Board Diagnostics (OBD-II) simulator implementing the proposed architecture for the core needs of a given use case. Furthermore, we create a practical demonstrator of our proposal based on real vehicle components. Finally, we discuss open research questions and the ongoing development of the use case before the application on the Internet of Vehicles (IoV).