|
Work item:
|
X.ivkm-sec
|
|
Subject/title:
|
Security requirements and guidelines for the in-vehicle key management
|
|
Status:
|
Under study
|
|
Approval process:
|
TAP
|
|
Type of work item:
|
Recommendation
|
|
Version:
|
New
|
|
Equivalent number:
|
-
|
|
Timing:
|
2027-11 (Medium priority)
|
|
Liaison:
|
ISO/TC 22, ISO/IEC JTC1/SC 27, ITU C-ITS
|
|
Supporting members:
|
Korea (Republic of), Hyundai Motor Company, ETRI, Soonchunhyang University, Luxembourg
|
|
Summary:
|
As autonomous vehicles, connected cars, and connected-autonomous vehicles (CAVs) evolve into software-defined vehicles (SDVs), the integration of numerous software systems increases the risk of cyberattacks. To mitigate these risks, various security measures are implemented, including secure boot and secure flash for ECUs, AUTOSAR Secure Onboard Communication (SecOC) for inter-ECU communication, MACsec for Ethernet-based in-vehicle network, in-vehicle intrusion detection systems (IDS) for E/E architecture, and TLS, OTA security, and V2X security for external communications. These measures rely on cryptographic techniques, with key management playing a crucial role. For example, AUTOSAR SecOC requires symmetric keys for message authentication, while secure flash relies on digital certificates for firmware verification.
Unlike traditional IT environments, in-vehicle networks present unique challenges that necessitate specialized key management approaches. Real-time constraints limit the feasibility of conventional key exchanges, while restricted external connectivity hinders key updates. ECUs have limited computational resources, restricting cryptographic algorithm selection, and specialized communication protocols such as controller area network (CAN), CAN-FD, FlexRay, local interconnect network (LIN), media-oriented system transport (MOST), and automotive Ethernet impose data transmission constraints. Additionally, frequent communication requirements, such as CAN messages transmitted every 10 milliseconds, make session-based key exchanges impractical. It's important to consider many constraints in the automotive environment. Unlike traditional IT environments, the automotive industry faces significant challenges in managing cryptographic keys at scale due to its massive production volume, hardware-centric systems, and limited connectivity. Global vehicle production reaches approximately 90 million units annually, and many of these vehicles still lack communication capabilities. Furthermore, replacing legacy systems with secure, software-based infrastructure demands substantial time, cost, and expertise.
Given these constraints, dedicated key management guidelines tailored to in-vehicle networks are essential to ensure robust vehicular security.
This Recommendation provides security requirements and guidelines for the in-vehicle key management. This Recommendation includes an ecosystem of in-vehicle key management, lifecycle, security threats, security requirements, and implementation guidelines.
|
|
Comment:
|
-
|
|
Reference(s):
|
|
|
Historic references:
|
|
Contact(s):
|
|
| ITU-T A.5 justification(s): |
|
|
|
|
First registration in the WP:
2025-04-16 17:35:50
|
|
Last update:
2025-12-10 14:39:55
|
|
