Intelligent Transport Systems (ITS) are an increasingly important factor for future mobility, especially in combination with automated driving. The increase of automated driving functions implies that more decisions are made by machines instead of human drivers. Driving decisions will rely on machine perception of the environment and digital information. This digitalisation transformation also involves infrastructure in the form of digital maps, digital road signs, information about environmental situations, traffic information and so on. Information is conveyed from the infrastructure to vehicles via communication interfaces, leading to a complex and interconnected system. As an unwanted side-effect, these new interfaces carry the risk of cyber-attacks, with effects which cannot be neglected.
In order to approach cyber-security in the complex environment of Intelligent Transport Systems, we propose a reference architecture that captures all the stakeholders involved, the corresponding data exchange, as well as the cyber-security requirements. We also consider legal implications, reflecting societal and governmental principles.
The objective of this white paper is to present this reference architecture and to provide a modelling methodology for the identification of important ITS elements as a fundamental basis for further security analyses.