Establishing End-to-End Secure Channel for IoT Devices through an Untrusted C-ITS Network

Critical infrastructure is becoming increasingly connected, with tighter integration to the Internet of Things (IoT). Transportation systems in particular are getting smarter with increased cooperation between vehicles and the supporting infrastructure (V2X communications), and with intelligent devices introduced in the ecosystem, either tightly integrated to the vehicle (e.g. ECUs, cameras, ...) or external sensors (e.g. temperature sensor in an attached container, smart traffic light, ...). A number of communication and security protocols are being standardized for this Cooperative Intelligent Transport Systems (C-ITS). However, using the current C-ITS standards, the security of individual devices may terminate at the gateway of a vehicle, and consequently in most existing vehicles, individual systems leak sensitive data across vendors. In this paper, we propose an end-to-end security architecture between C-ITS devices and back-end servers, in which sensitive data from individual devices can be transmitted without trusting third-parties providing the communication infrastructure (e.g. proxies, vehicle gateways, routers). The proposed solution is a standard-based integrated system that exploits recent IoT security standards and ensures inter-operability between CITS protocols and conventional Internet protocols. We perform a formal analysis of our architecture using the Tamarin Prover and show that it guarantees the secrecy and authenticity of the communications under adversarial settings.