The scope of the present document is to provide security and privacy analysis of eV2X system architecture, derive potential security and privacy requirements, and evaluate security and privacy solutions for protection of it. The security aspects to be considered are as follows:
Security and privacy for new interfaces in 5G eV2X system architecture, compared to TS 23.285
Security and privacy for eV2X unicast over PC5
Security and privacy for eV2X group communication over PC5
Other security and privacy issues related to eV2X services, if there is any
The following documents contain provisions which, through reference in this text, constitute provisions of the present document.
References are either specific (identified by date of publication, edition number, version number, etc.) or non specific.
For a specific reference, subsequent revisions do not apply.
For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document.
: "Vocabulary for 3GPP Specifications".
: "Architecture enhancements for V2X services".
: "Enhancement of 3GPP support for V2X scenarios; Stage 1".
: "Architecture enhancements for 5G System (5GS) to support Vehicle-to-Everything (V2X) services".
: "Study on architecture enhancement for EPS and 5G System to support advanced V2X services".
: "Proximity-based Services (ProSe); Security aspects".
: "Proximity-based services (ProSe); Stage 2".
: "Security architecture and procedures for 5G system".
: "Study on application layer support for V2X services".
"Elliptic Curve-Based Certificateless Signatures for Identity-Based Encryption (ECCSI)".
"Sakai-Kasahara Key Encryption (SAKKE)."
: "Security aspect for LTE support of Vehicle-to-Everything (V2X) services".
: "Procedures for the 5G System (5GS)".
For the purposes of the present document, the terms given in TR 21.905
and the following apply. A term defined in the present document takes precedence over the definition of the same term, if any, in TR 21.905
For the purposes of the present document, the abbreviations given in TR 21.905
and the following apply. An abbreviation defined in the present document takes precedence over the definition of the same abbreviation, if any, in TR 21.905
Access and Mobility management Function
Access Stratum layer
Direct Communication Accept
Direct Communication Request
Direct Security Mode
enhancement of 3GPP support for V2X
Intelligent Transport Systems
ITS Application Identifier
Layer 2 Identity
Next Generation RAN
NG Application Protocol
New Radio (5G)
Policy Control Function
Packet Data Convergence Protocol
Protocol Data Unit
Provider Service Identifier
Radio Access Network
Radio Access Technology
Unified Data Management
Advanced V2X services of 3GPP, in the context of the present document, include several V2X scenarios such as Vehicles Platooning, Advanced Driving, Extended Sensors, Remote Driving, Vehicle quality of service Support, and other general aspects (e.g. interworking), as specified in TS 22.186
, with service requirements. To support them, TS 23.287
provides architectural enhancements to the 5G system for V2X communications over the reference points - NR PC5 RAT, LTE PC5 RAT, NR Uu, and E-UTRA Uu (connected to 5GC).
V2X communication over NR based PC5 reference point supports broadcast mode, groupcast, mode and unicast mode, while V2X communication on E-UTRA based PC5 reference point (connected to EPS) is connectionless, i.e. broadcast mode at AS layer. In this release, V2X communication over Uu reference point is only unicast. Architectural reference model is specified in clause 4.2 of TS 23.287
, where 5G System architecture applies in general and V3 (PC3) is missing because PCF takes places the role of configuration and provisioning for UE, in addition to external V2X application server.
Potential security impact mostly comes from unicast and groupcast mode of communication over NR PC5, since only broadcast mode is supported over PC5 for V2X communication in previous releases. Unicast mode over PC5 involves signalling over control plane in V2X layer and AS layer, and this might need security protection. Group management for groupcast is handled by application layer, and it still might need consideration of security and privacy aspects. However, security for broadcast mode should still be considered based on changes in the new release. Lastly provisioning of UE configuration for V2X communication and interworking with EPS may require security consideration, whether or not existing 5G security can cover it.