OmniAir Consortium’s Cybersecurity Working Group Makes Strides
OmniAir Consortium®, the leading industry association promoting interoperability and certification for ITS, tolling, and connected vehicles, is developing cybersecurity test specifications for DSRC based Connected Vehicle devices. OmniAir’s® Cybersecurity Working Group, launched in January of this year, has a goal of incorporating additional cybersecurity testing into OmniAir’s existing DSRC-V2X Certification Program.
Since October of 2017, OmniAir has offered independent, third-party testing and certification for DSRC-V2X devices, which include conformance and interoperability testing. OmniAir’s Cybersecurity Working Group, chaired by Jimmy Upton, of INTEGRITY Security Solutions, is developing test cases, grounded in requirements of the existing standards development organizations.
It is important that a level of trust across all connected vehicles and the infrastructure be established and that trust is earned through OmniAir Certification. In fact, OmniAir Certification is expected to be the gateway through which all connect vehicle devices will ultimately obtain keying material from the Security Credential Management System (SCMS).”
Cybersecurity for Connected Vehicles and Connected Infrastructure has been the subject of much policy discussion. Just last week, the Wilson Center for International Affairs in Washington, DC hosted a roundtable discussion on Security and the Connected Vehicle, illuminating industry and government efforts to address this issue through information sharing and best practices. OmniAir’s Working Group provides a forum for industry to collaborate on addressing this problem at a technical level.
The Working Group’s efforts are aimed at extending the current conformance tests to include checks for various potential security failures and to add tests to confirm all security features have been properly included in the product. Active participants in the Working Group include representatives from OmniAir member automotive OEMs, tier one suppliers, device manufacturers, and leading automotive cybersecurity experts; Major contributors are Aptiv, BlackBerry, DEKRA, ESCRYPT, GM, INTEGRITY Security Services, Marvell, OnBoard Security, Panasonic, Penta Security, Savari, TUV SUD and UL.
“Proper operation of the entire ecosystem requires that devices not only conform to communications protocols but also properly protect critical security information throughout the lifecycle of the device,” said Jimmy Upton, Senior Security Consultant for INTEGRITY Security Services.
The Working Group’s initial deliverable will be to produce a small suite of validations for testing at OmniAir’s upcoming Plugfest in October. The security validations may take several forms – communications protocols, attestations by the vendors, and inspection of the device under testing. This will allow OmniAir to incorporate feedback from test laboratories, test tool providers, and from vendors on the best ways to perform these validations.
If you are interested in learning more about OmniAir’s Cybersecurity Working Group, or in OmniAir Consortium membership, please contact Kate Oldham, OmniAir’s Director of Member Services.
OmniAir Consortium is the leading industry association promoting interoperability and certification in ITS, tolling, IoT technologies and connected vehicles. OmniAir’s membership includes public agencies, private companies, research institutions and independent test laboratories. Learn more about OmniAir at www.omniair.org.