Cooperative intelligent transport systems (C-ITS). Guidelines on the usage of standards - Security

Cooperative intelligent transport systems (C-ITS). Guidelines on the usage of standards - Security

Regular price
£348.00
Sale price
£348.00
Regular price
£174.00
Sold out
Unit price
per 

What is ISO/TR 21186-3 about?  

ISO/TR 21186-3 is the third part of an international standard that covers cooperative intelligent transport systems (C-ITS). 

ISO/TR 21186-3 provides guidelines on security applicable in Intelligent Transport Systems (ITS) related to communications and data access. It provides and analyses best practice content for secure ITS connectivity using ISO/TS 21177. 

ISO/TR 21186-3 analyses and identifies issues related to application security, access control, device Security, and PKI for a secure ITS ecosystem. 

Who is ISO/TR 21186-3 for? 

ISO/TR 21186-3 on Cooperative intelligent transport systems is useful for: 

  • Heavy vehicle transport systems 
  • Traffic regulation authorities 
  • Heavy and Light commercial transport vehicles 
  • Local authorities dealing with traffic regulations  

Why should you use ISO/TR 21186-3 

The whole set of standards for deployment of C-ITS is difficult to understand by developers of equipment and software, especially ITS application software, thus, guidelines explaining a beneficial choice of standards (C-ITS Release) are very much needed.  

ISO/TR 21186-3 provides you with informative material of interest to implementers deploying secure systems to carry out ITS applications. It includes an overview of security considerations for application specification and deployment in ITS. This overview also provides a detailed rationale for the following sections. 

ISO/TR 21186-3 provides you with a use-case-driven threat model based roughly on common criteria processes in the establishment of threats, security objectives and SFR relative to three genericized ITS station data sensitivity and access control scenarios, to determine possible gaps in security controls that should be addressed when tailoring subsequent security targets or related protection profiles. 

ISO/TR 21186-3 implements an example of the development of an access control policy implementation for an ISO/TS 21177 conformant ITS station unit. The example access control policy is application-specific and depends on many factors, including the type of ITS station unit on which the access control policy is used. 

ISO/TR 21186-3 includes the inputs for the development of a CP governing the issuance of certificates for ITS station units. A CP is necessary for the deployment of a system to ensure consistent behaviour of different CAs (or, more generally, credential issuance actors) within the system. This consistent behaviour enables receiving devices to trust all received messages to the appropriate level, knowing that those devices have been through the same certificate-issuing process no matter where the certificates were obtained.  

ISO/TR 21186-3 concludes with a set of high-level gaps and potential mitigations for ITS PKI participants and implementers. These five areas of content significantly ease the process of deploying new ITS applications securely.