Experiences from Implementing the ETSI ITS SecuredMessage Service
Paper in proceeding, 2014
Cooperative intelligent transport systems supporting
secure vehicle to vehicle and vehicle to infrastructure
communications, is becoming a very important topic. The aim
of this paper is to share our experiences from implementing
the ETSI Intelligent Transport System (ITS) SecuredMessage
and sign/verify services on an existing ETSI ITS communication
stack (ITSC). We have followed the new ETSI TS 103 097 v1.1.1
standard when implementing the security services, and have
made our best to create a robust and secure implementation.
Our goal has been to identify flaws and vulnerabilities in our
implementation that are caused by weaknesses or deficiencies
in the standard and in its description of services.
We have then performed an analysis of the protocol, its
headers and created test cases used to test our implementation.
Several problems were found, and we have also repeated the
tests with another, supposedly very stable implementation,
provided by Fraunhofer FOKUS. To our surprise, this system
also showed unexpected behavior as our system. We show that
these problems are the result of weaknesses and complexities
in the design of the standard.
We present the problems found in our implementation and
show what part in the standard was causing the problems.
We show that several problems in the standard, mainly due
to their complexity, open up for misinterpretation leading
to various types of implementation errors. We conclude the
paper with proposing changes to the standard to prevent other
implementations from repeating the same mistakes.
ETSI TS 103 097 V1.1.1