Please select a language

Please select the country/region where you would like to introduce your business.

Contact Us
Contact Us

Please select a language

Please select the country/region where you would like to introduce your business.

Knowledge Nov 15, 2024 Embracing the Future: Enhancing Security for Connected Vehicles - The Role of 3GPP Specification

KDDI America


As the demand for connected vehicles and advanced in-car experiences continues to rise, automotive manufacturers face the challenge of ensuring robust cybersecurity in an increasingly complex digital landscape. OEMs have invested in AI supercomputers and data centers to collect data from fleets and build models1, enabling continuous improvements in the performance of deployed systems. This shift marks the evolution from early innovations, such as the safety belt in 1957, to today’s data-driven advancements. Recognizing this need for enhanced security, the 3rd Generation Partnership Project (3GPP) released TS 33.536, a comprehensive specification that addresses the security aspects of Vehicle-to-Everything (V2X) services in the 5G ecosystem. This specification is particularly significant as it supports the transition toward software-defined vehicles and AI-driven services, ensuring that automotive innovations remain both advanced and secure.

Overview of 3GPP TS 33.536 Specification

The 3GPP TS 33.5362 specification focuses on securing communications between vehicles and the surrounding infrastructure. It covers V2X services, which facilitate communication between vehicles, infrastructure, and other devices using the 5G system. The specification outlines security requirements for different communication interfaces, such as the NR-based PC5 (direct communication between devices) and the Uu (vehicle-to-network) reference points. It provides a framework for encryption, integrity protection, and secure key establishment processes to ensure the confidentiality, integrity, and authenticity of data transmitted over these interfaces.

Key Security Features for Connected Vehicles

  1. Securing Direct Communication (PC5 Interface): The specification details the measures required to secure the PC5 interface, which is essential for direct communication between vehicles (V2V), as well as between vehicles and roadside units (V2I). This includes encryption of messages using keys like NRPEK (encryption key) and NRPIK (integrity key) to protect data from being intercepted or tampered with.
  2. Identity Privacy: 3GPP TS 33.536 addresses the need for privacy in vehicle communications by implementing mechanisms to prevent tracking and identity linking. This is critical to protect drivers from potential cyber threats that exploit identity data, especially in scenarios where vehicles frequently communicate with the surrounding environment.
  3. Cross-Radio Access Technology (RAT) Security: The specification ensures secure communication across different network technologies (e.g., LTE and 5G), providing a seamless and secure transition between network types for vehicles on the move.
  4. Robust Key Management: The document outlines procedures for key establishment and rekeying to ensure that secure sessions remain resilient against potential attacks. This is particularly important for maintaining the integrity of over-the-air (OTA) updates, which are crucial for delivering new software features and patches to vehicles.

Benefits for the Automotive Industry

The 3GPP TS 33.536 specification is set to bring several advantages to automotive manufacturers and consumers in the connected vehicle market:

Enhanced Consumer Trust: By adhering to a standardized security framework, automotive OEMs can assure customers that their data and privacy are being protected, building trust in connected vehicle offerings.

Protection Against Evolving Cyber Threats: With AI increasingly being used by attackers for sophisticated cyber threats, the specification ensures that connected vehicles remain protected through advanced encryption and authentication mechanisms, minimizing risks such as man-in-the-middle attacks and data breaches.

Facilitating Regulatory Compliance: As regulatory bodies place stricter requirements on data security and privacy, 3GPP TS 33.536 helps automotive manufacturers stay compliant with these evolving standards, reducing the risk of legal issues and penalties.

Seamless In-Car Experiences: The specification ensures that advanced in-car experiences powered by AI and 5G connectivity—such as real-time navigation, autonomous driving, and personalized infotainment—remain secure, creating a safe digital environment for consumers.

Conclusion

With connected vehicles becoming a cornerstone of the future automotive market, the 3GPP plays a crucial role in supporting secure and seamless communication between vehicles and their digital ecosystems. By providing a robust framework for securing Vehicle-to-Everything (V2X) services, it enables automotive manufacturers to meet consumer demands for safety and innovation, paving the way for a more connected and secure driving experience.

The ongoing work within 3GPP Release 19 is further expanding this vision by establishing a standardized framework for User Equipment (UE) data collection. This is especially significant as it aims to support AI and Machine Learning (ML) use cases, which are becoming essential for advanced in-car experiences like predictive maintenance, autonomous driving, and real-time analytics. Additionally, 3GPP is aligning the Air Interface and the 5G Core Network to better integrate AI/ML capabilities3, ensuring that connected vehicles can securely leverage these advanced technologies.

With these efforts, 3GPP is not only addressing the current challenges of connected vehicle security but is also paving the way for future-proof solutions that will support evolving automotive needs and technologies. This approach ensures that as vehicles become more sophisticated, the underlying communication infrastructure will remain secure, adaptive, and ready to handle the complexities of a data-driven, AI-enabled automotive world.

KDDI Spherience is in the process of building out its online presence. For more information, please reach out to info@spherience.io

Disclaimer:
The opinions expressed in this newsletter are solely those of the author and do not necessarily reflect the views or opinions of KDDI America, Inc or any other companies or organizations.

Related Services

KDDI America, Inc.

 KDDI America is the US subsidiary of KDDI Corporation, a Fortune Global 500 company and is growing communications carrier with a proven track record in Japan and a longstanding reputation for quality and reliability. KDDI America provides a wide range of High Quality Services such as Communications, Data Centers and Solution Services throughout the world.

Please consult a KDDI consultant.

Writer / Interviewer

Dhiraj Kaushik

KDDI America

Dhiraj Kaushik
Service Delivery Manager | Operations | KDDI Spherience AB

Service Delivery Manager with decade-long experience in telecom, specializing in IoT, focused on driving customer success and building tailored solutions. His academic background in Electronics and Communication, paired with an MBA in Strategy and Marketing from IIM Kozhikode, India, has equipped him with a strategic approach to problem-solving and growth. In his free time, Dhiraj enjoys reading about startup strategy and exploring new technology trends.

Related Knowledge Articles

Cyber Security for 2024
Feb 28, 2024
Knowledge