Credential Management Supporting V2X Commercial Deployments

Currently, for V2X direct communication, there is no available common policy (certificate policy for Public Key Infrastructure, or PKI, operators) for Security Credential Management System (SCMS) in the U.S. or Canada. A few SCMS providers created their own policies, which are not only incomplete but there are no published common policy documents feasible for SCMS PKI operation, hindering the widespread adoption of the technology. The Government of Canada sponsored an effort which resulted in a model for consideration.

A common Certificate Policy (CP) would help facilitate an ecosystem supporting interoperability and shared trust for V2X direct communication. The European Union addresses this issue by taking a central regulatory role, creating the CP, Security Policy (SP) and C-ITS Point of Contact (CPOC) documents that govern a V2X PKI for direct communication. North America need not duplicate what has been done elsewhere, though an accepted policy will build a greater ecosystem and support V2X direct deployment among a diverse set of automakers and other transport agencies.

The Certificate Policy Proposal contributing to this Work Item (WI) evolved into a Technical Report (TR) that develops a clear CP leveraging global best practices for security PKI and practical experience securing V2X direct communication, as well as common processes to facilitate an approach to SCMS.

For V2X mobile network communication, certificates are needed to authenticate interconnected backend systems and to protect communication between the systems. This Technical Report also elaborates on how to handle those certificates.

Download the Technical Report here.