ImageVerifierCode 换一换
格式:PDF , 页数:86 ,大小:555.52KB ,
资源ID:736220      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-736220.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ETSI TR 102 893-2010 Intelligent Transport Systems (ITS) Security Threat Vulnerability and Risk Analysis (TVRA) (V1 1 1)《智能传输系统(ITS) 安全性 威胁 弱点和危险分析(TVRA)(版本1 1 1)》.pdf)为本站会员(bowdiet140)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ETSI TR 102 893-2010 Intelligent Transport Systems (ITS) Security Threat Vulnerability and Risk Analysis (TVRA) (V1 1 1)《智能传输系统(ITS) 安全性 威胁 弱点和危险分析(TVRA)(版本1 1 1)》.pdf

1、 ETSI TR 102 893 V1.1.1 (2010-03)Technical Report Intelligent Transport Systems (ITS);Security;Threat, Vulnerability and Risk Analysis (TVRA)ETSI ETSI TR 102 893 V1.1.1 (2010-03)2Reference DTR/ITS-0050005 Keywords ITS, security ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.

2、: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice Individual copies of the present document can be downloaded from: http:/www.etsi.org The present document may be made a

3、vailable in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF). In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept o

4、n a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at http:/portal.etsi.org/tb/status/status.asp If you fin

5、d errors in the present document, please send your comment to one of the following services: http:/portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No part may be reproduced except as authorized by written permission. The copyright and the foregoing restriction extend to reproduction

6、 in all media. European Telecommunications Standards Institute 2010. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTM, TIPHONTM, the TIPHON logo and the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members. 3GPPTM is a Trade Mark of ETSI registered for the benefit of its Membe

7、rs and of the 3GPP Organizational Partners. LTE is a Trade Mark of ETSI currently being registered for the benefit of its Members and of the 3GPP Organizational Partners. GSM and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI TR 102 893 V1.1.1 (2010-03)3Contents

8、Intellectual Property Rights 6g3Foreword . 6g31 Scope 7g32 References 7g32.1 Normative references . 7g32.2 Informative references 7g33 Definitions and abbreviations . 8g33.1 Definitions 8g33.2 Abbreviations . 8g34 The TVRA Method 9g35 The ETSI Intelligent Transport System 10g35.1 ITS architecture 10

9、g35.2 The Basic Set of Applications (BSA) . 11g35.2.1 BSA use case descriptions 11g35.2.1.1 Stationary vehicle warning 12g35.2.1.2 Traffic condition warning . 12g35.2.1.3 Signal violation warning . 12g35.2.1.4 Road work warning . 12g35.2.1.5 Collision risk warning from RSU 12g35.2.1.6 Decentralized

10、floating car data 12g35.2.1.7 Regulatory/contextual speed limits . 12g35.2.1.8 Traffic information Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (http:/webapp

11、.etsi.org/IPR/home.asp). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become,

12、 essential to the present document. Foreword This Technical Report (TR) has been produced by ETSI Technical Committee Intelligent Transport System (ITS). ETSI ETSI TR 102 893 V1.1.1 (2010-03)71 Scope The present document summarizes the results of a Threat, Vulnerability and Risk Analysis (TVRA) of 5

13、,9 GHz radio communications in an Intelligent Transport System (ITS). The analysis considers vehicle-to-vehicle and vehicle-to-roadside network infrastructure communications services in the ITS Basic Set of Applications (BSA) i.8 operating in a fully deployed ITS. The analysis in the present documen

14、t considers issues of privacy implicitly with confidentiality. It does not consider regulatory requirements for privacy The present document was prepared using the TVRA method described in TS 102 165-1 i.1. NOTE: Whilst the present document is a technical report it identifies requirements for future

15、 work. In all cases these requirements are considered indicative pending their ratification in formal ETSI Technical Specifications within the ETSI ITS Work Programme. 2 References References are either specific (identified by date of publication and/or edition number or version number) or non-speci

16、fic. For a specific reference, subsequent revisions do not apply. Non-specific reference may be made only to a complete document or a part thereof and only in the following cases: - if it is accepted that it will be possible to use all future changes of the referenced document for the purposes of th

17、e referring document; - for informative references. Referenced documents which are not found to be publicly available in the expected location might be found at http:/docbox.etsi.org/Reference. NOTE: While any hyperlinks included in this clause were valid at the time of publication ETSI cannot guara

18、ntee their long term validity. 2.1 Normative references The following referenced documents are indispensable for the application of the present document. For dated references, only the edition cited applies. For non-specific references, the latest edition of the referenced document (including any am

19、endments) applies. Not applicable. 2.2 Informative references The following referenced documents are not essential to the use of the present document but they assist the user with regard to a particular subject area. For non-specific references, the latest version of the referenced document (includi

20、ng any amendments) applies. i.1 ETSI TS 102 165-1: “Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN); Methods and protocols; Part 1: Method and proforma for Threat, Risk, Vulnerability Analysis“. i.2 ETSI TS 102 637-1: “Intelligent Transport Systems (

21、ITS); Vehicular Communications; Basic Set of Applications; Part 1: Functional Requirements. ETSI ETSI TR 102 893 V1.1.1 (2010-03)8i.3 ETSI TS 102 637-2: “Intelligent Transport Systems (ITS); Vehicular Communications; Basic Set of Applications; Part 2: Specification of Co-operative Awareness Basic Se

22、rvice“. i.4 ETSI TS 102 637-3: “Intelligent Transport Systems (ITS); Vehicular Communications; Basic Set of Application; Part 3: Specification of Decentralized Environmental Notification Basic Service“. i.5 ETSI EN 302 665: “Intelligent Transport Systems (ITS); Communications Architecture“. i.6 ETSI

23、 TS 102 731: “Intelligent Transportation Systems (ITS); Security; Security Services and Architecture“. i.7 Brown, C. (Aalborg. 2007): “Vehicles as Sensors for Cooperative Systems“. Presentation on ITS in Europe i.8 ETSI TR 102 638: “Intelligent Transport Systems (ITS); Vehicular Communications; Basi

24、c Set of Applications; Definitions“. i.9 IEEE 802.11 IEEE Standard for Information technology-Telecommunications and information exchange between systems-Local and metropolitan area networks-Specific requirements - Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specificat

25、ions“. i.10 ITU-T Recommendation X.509: “Information technology - Open Systems Interconnection - The Directory: Public-key and attribute certificate frameworks“. i.11 ETSI TS 102 637-4: “Intelligent Transport Systems (ITS); Vehicular Communications; Basic set of applications; Part 4: Operational Req

26、uirements.“. i.12 IETF RFC 4120: “The Kerberos Network Authentication Service (V5)“. NOTE: Available at http:/tools.ietf.org/html/rfc4120. 3 Definitions and abbreviations 3.1 Definitions For the purposes of the present document, the following terms and definitions apply: beaconing: network layer ser

27、vice which retransmits requested information End user: functional agent directly representing the human user of the ITS or the ITS service provider geo-addressing: Network layer service that enables the addressing a specific geographic region. ITS use case: specific scenario in which ITS messages ar

28、e exchanged ITS user: any ITS application or functional agent sending, receiving or accessing ITS-related information ITS application: entity that defines and implements an ITS use case or a set of ITS use cases local dynamic map: dynamically maintained information on driving and environmental condi

29、tions in the vicinity of the ITS-S restricted local ITS station data: data to be shared only with authorized parties unrestricted local ITS station data: data that may be shared without requiring authorization from the recipient 3.2 Abbreviations For the purposes of the present document, the followi

30、ng abbreviations apply: AA Attribute Authority AC Attribute CertificateETSI ETSI TR 102 893 V1.1.1 (2010-03)9BSA Basic Set of Applications CAM Cooperative Awareness Message CCH Control CHannel CDMA Code Division Multiple Access DNM Decentralized environmental Notification Message FA Functional Asset

31、 GNSS Global Navigation Satellite System I2V Infrastructure to Vehicle ITS Intelligent Transport System ITS-G5A ITS radio signalling in the 5,875 GHz to 5,905 GHz frequency range ITS-S ITS Station LDM Local Dynamic Map OS Operating SystemOSI Open Systems Interconnection PKC Public Key Cryptography P

32、KI Public Keying Infrastructure PMI Privilege Management Infrastructure PMI Privilege Management Infrastructure RSU Road Side Unit SAML Security Assertion Markup Language SCH Service CHannel ToE Target of Evaluation TTP Trusted Third PartyTVRA Threat, Vulnerability and Risk Analysis UTC Universal Co

33、ordinated Time V2I Vehicle to Infrastructure V2V Vehicle to Vehicle VIN Vehicle Identification Number 4 The TVRA Method Without an understanding of the threats posed to a system it is impossible to select or devise appropriate measures to counter these threats. The ETSI Threat, Vulnerability and Ris

34、k Analysis (TVRA) i.1 is used to identify risks to a system by isolating the vulnerabilities of the system, assessing the likelihood of a malicious attack on that vulnerability and determining the impact that such an attack will have on the system. The TVRA method involves the following seven steps:

35、 1) Identify security objectives. 2) Identify security requirements. 3) Produce an inventory of system assets. 4) Classify system vulnerabilities and threats. 5) Quantify the likelihood and impact of attack. 6) Determine the risks involved. 7) Specify detailed security requirements (countermeasures)

36、. The present document summarizes the results from each of these steps in the analysis of the ETSI Intelligent Transport System (ITS) standards. ETSI ETSI TR 102 893 V1.1.1 (2010-03)10 5 The ETSI Intelligent Transport System 5.1 ITS architecture Intelligent Transport Systems comprise the following c

37、ommunicating entities (as shown in Figure 1): Vehicles Roadside units A network infrastructure Figure 1: Communicating ITS entities This simplified architecture can be represented in functional terms by the overlay shown in Figure 2. Figure 2: ITS functional entities For the purpose of the TVRA, ref

38、erence points are named and mapped to the ITS functional model as shown in Figure 3. The physical interface at reference point K may be implemented in a number of ways but, within the ITS functional model, the reference point itself represents the direct management relationship that an in-vehicle IT

39、S station may have with the ITS infrastructure for the purpose of maintaining security parameters such as cryptographic keys. ETSI ETSI TR 102 893 V1.1.1 (2010-03)11 Figure 3: ITS functional model with reference points The reference points indicated in Figure 3 are defined as follows: A describes th

40、e temporary relationship between two vehicles. B describes the temporary relationship between a vehicle and a roadside station. J describes the relationship between an ITS roadside station and the ITS network infrastructure. K describes the relationship between an ITS vehicle station and the ITS net

41、work infrastructure. For the purpose of this TVRA, the interfaces at A and B are assumed to use communications in the 5,9 GHz band. It is also assumed that the interface at K could be routed to the ITS infrastructure indirectly through a roadside station, also in the 5,9 GHz band. 5.2 The Basic Set

42、of Applications (BSA) The Basic Set of Applications (BSA) i.1 represents the mandatory set of services to be deployed in an ITS station. The BSA is described as a collection of traffic and transport use cases. For the purposes of the TVRA, these have been re-specified in clause 5.3 as a much smaller

43、 set of communications services. The use cases in the BSA and, thus, included in the TVRA are as follows: 1) Stationary vehicle warning - accident/vehicle problem. 2) Traffic condition warning (includes traffic jam ahead warning). 3) Signal violation warning (includes stop sign violation). 4) Road w

44、ork warning. 5) Collision Risk Warning from RSU. 6) Decentralized Floating Car Data - Precipitations/Road Adhesion/Visibility/Wind. 7) Regulatory/Contextual speed limits. 8) Traffic information or contextual, e.g. reduced limit due to rain. NOTE: Use cases 5.2.1.7 and 5.2.1.10 are the same. 5.2.1.8

45、Traffic information I2V, DNM, geo-addressed; V2V, CAM, in network layer beacons; I2V, CAM, in network layer beacons; V2I, CAM, in network layer beacons. The following major ITS communication services are defined regardless of originator or receiver type (vehicle or infrastructure): a periodic status

46、 update service (CAM); an event notification service (DNM); a local service announcement service; an internet-based service announcement service; a transparent communication service. NOTE: The transparent communication service is not specified in EN 302 665 i.5 and is not included in the scope of th

47、e present document. ETSI ETSI TR 102 893 V1.1.1 (2010-03)15 EN 302 665 i.5 describes a layered model for ITS communications as shown in Figure 4. Access TechnologyLayerApplication LayerFacilities LayerNetwork and Transport LayerApplicationTelematics / sensor dataDNM/CAM message constructionNetwork e

48、ntityApplicationLocal dynamic mapDNM/CAM message receiptNetwork entityTelematics / sensor dataFigure 4: ITS architectural model from EN 302 665 This model ascribes functional capabilities to the layers which would not be permitted in an OSI model. As an example, it would not normally be possible for

49、 application-specific message contents to be interpreted or modified by a lower layer in the stack. Such capabilities represent a significant security vulnerability to an ITS station in that the integrity of the higher layer message cannot be fully assured. Security can be improved by using the combined processing and protocol model shown in Figure 5 and, consequently, this is the one that is assumed in the TVRA. This shows the relationships between the ITS protocol stack, the ITS applications and the

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1