California-based Integrity Security Services (ISS) has delivered the world’s first production-grade hosted Security Credential Management System (CMS) that is based on IEEE 1609.2 standards, with the new system providing security for Vehicle-to-Everything (V2X) connectivity across Ohio.
The new CMS System is tied to the company’s Root CA that was created under the WebTrust for Certification Authorities auditing framework, the same framework used to assure the secure and safe operations of the underlying security of internet e-commerce activity. This Root CA together with the ISS CMS, collectively known as the Security Credential Management System (SCMS), will serve the needs of the Ohio Department of Transportation (ODOT) DriveOhio initiative’s Connected Vehicle and Traffic Management Systems. The DriveOhio CMS will provide the security underpinning needed to deploy V2X technology along roadways and in vehicles throughout Ohio, creating a statewide Cooperative Intelligent Transportation System (C-ITS).
The ISS CMS provides a highly scalable system for issuing security credentials to C-ITS components that include On-Board Units (OBUs) and Roadside Units (RSUs), as well as tools used by traffic management authorities. The ISS CMS has become the de facto standard and global leader, serving more Connected Vehicle (CV) projects than any other SCMS in the world, with the system being the only SCMS scalable to meet global needs for production. The ISS CMS can scale to 150B certificates annually, making it the largest Public Key Infrastructure (PKI) ever conceived in the world.
The company’s CMS has now been used to create two national-level credential management systems. In 2017, ISS delivered the Root CA and Certificate Management System that actively serves North American connected vehicle projects. This Root CA has attained and maintained the WebTrust for Certification Authorities Trust Services Seal. And now in 2019, ISS has delivered the Australian state of Queensland’s C-ITS Security Credential Management System (AU CCMS). In addition to these production-grade systems, ISS provides the SCMS/CCMS infrastructures used throughout the world in various pilots, trials, and research projects.
“Confidence in the security of connected vehicles is key to their successful introduction onto our roads. The creation of a world-class V2X EcoSystem in Ohio creates vital protection for vehicle communications now and into the future,” said Luke Stedke, DriveOhio’s managing director. “DriveOhio is excited to be working with local municipalities across the state of Ohio and ISS to help pave the way for secure connected transport on our roads.”
David Sequino, co-founder and president of ISS, commented, “DriveOhio has now taken a leadership role in the deployment of secure V2X technologies and we look forward to supporting Ohio’s rollout of this life saving technology. Ohio’s experiences and learnings can help inform the use of secure V2X systems across the USA and around the world, as well as help guide global technical and operational standards. This will help ensure that the needs of Ohio are covered in IEEE 1609.2 standards that are followed by automobile manufacturers.”
ISS’ chief security officer, Bill Lattin, added, “We are pleased to work with Ohio to assure that its V2X system provides its citizens with a secure, reliable and scalable V2X ecosystem, while providing the necessary privacy protections.”