Vehicular Ad Hoc NETwork Application and Security: A study into the Economic and Legal implications

Int. J. Electronic Security and Digital Forensics, Vol. 6, No. 2, 2014 115

Copyright © 2014 Inderscience Enterprises Ltd.

Vehicular ad hoc network applications and security: a study into the economic and the legal implications

Patrice Seuwou*, Dilip Patel and George Ubakanma Department of Informatics, London South Bank University, SE1 OAA, London, UK E-mail: [email protected] E-mail: [email protected] E-mail: [email protected] *Corresponding author

Abstract: Vehicular ad hoc networks (VANETs) are an important component of intelligent transportation systems. In this context, vehicles are equipped with complex systems and advanced technologies such as communication systems, computing platforms with numerous processors, artificial intelligence and automatic control. This emerging technology is attracting more and more attention as it combines multiple academic disciplines and the latest technologies representing developing trends of future automobile technology. The main benefit of VANET communication is the development of active safety systems that increase passenger safety by exchanging life critical warning messages between vehicles. In this paper, we discuss the background of VANETs, its application and the current security issues. Furthermore, we study a number of key elements related to the economic and legal aspects to be considered before VANETs can be successfully deployed.

Keywords: vehicular ad hoc network; VANET; application; security; economic; legal.

Reference to this paper should be made as follows: Seuwou, P., Patel, D. and Ubakanma, G. (2014) ‘Vehicular ad hoc network applications and security: a study into the economic and the legal implications’, Int. J. Electronic Security and Digital Forensics, Vol. 6, No. 2, pp.115–129.

Biographical notes: Patrice Seuwou received his Master’s in Innovative Technology from the University of East London. He is currently pursuing his PhD in the area of Vehicular Ad Hoc Network Security, Authentication and Privacy at the Centre for Information Systems and Management, Department of Informatics at the London South Bank University. He is a Course Leader for a portfolio of computing programmes at Williams College in London and also a member of BCS and IET. His research interest includes network security, wireless networks and IT law.

Dilip Patel is a Pro Dean External, Professor of Information Systems at London South Bank University. He has a wide range of research, teaching and consultancy experience in the areas of information management and modelling, data mining, knowledge management, ontologies, social aspects of computing and key performance indicators. He is also an International Associate Editor for the International Journal of Information Technology and Web Engineering and an editorial board member for The International Journal of Cognitive Informatics and Natural Intelligence. His specialist areas include information system, information assurance, knowledge transfer and higher education policy.

116 P. Seuwou et al.

George Ubakanma is currently a Senior Lecturer delivering lectures in the areas of systems analysis and design, business intelligence and database systems: including web and mobile database technologies at London South Bank University. He has developed and co-authored various MSc courses and is a Course Director for several of the postgraduate (MSc) courses in the Department of Informatics. Furthermore, he maintains an active cross-faculty role as a Departmental and Faculty Academic Integrity Officer.

1 Introduction

In today’s world, road traffic activities play a very important role in everyday life. Intelligent transportation systems (ITSs) have been deployed in order to: continuously improve safety and efficiency of the transportation systems, to provide innovative services relating to different modes of transport and traffic management and to enable drivers to be better informed and make more coordinated and safer decisions on the road. In various national plans, a vehicular ad hoc network also known as a VANET is recognised as an important component of ITS (US DOT, 2013) and could be a solution to decrease the number of accidents on the road. Indeed, despite the introduction of seat belts, airbags and anti-lock braking systems (ABS), there are still many people who die because of road accidents. According to the Annual Statistical Report 2010 published by the European Road Safety Observatory, road traffic accidents in the members states of the European Union annually claim about 35,000 lives and leave more than 1.6 million people injured (ERSO, 2010). VANET is an emerging technology and is also a subset of mobile ad hoc networks (MANETs) that uses moving cars as nodes in a network to create mobile networks. This means that every node can move freely within the network coverage area and remain connected with each other. In this type of network, nodes could be vehicles or roadside units (RSUs) and they can communicate with other nodes in single hop or multi hop. However, a VANET is differentiated from a MANET by differing aspects such as: dynamic topology changes and high mobility of the nodes (De Fuentes and González-Tablas, 2011).

The network vehicle was a new technology initiative from Delphi Delco Electronics Systems and its partners (IBM, Netscape Communications and Sun Microsystems). Their aim was to offer more productivity tools, safety, convenience and entertainment to millions of drivers. It was designed to demonstrate how technology could be used to enhance vehicles. The network vehicle made its debut at COMDEX ‘97 and has since directed the attention of today research efforts (Lind et al., 1998). Integrating a network interface, GPS receiver, different sensors and on-board computer provide the opportunity to design a powerful car-safety system able to: gather, process and distribute information. In regards to their application in VANETs, they have been categorised into safety-related and comfort-related (commercial) applications (Jakubiak and Koucheryavy, 2008). VANET technology offers several benefits to organisations of any size. While such a network does pose certain safety concerns (for example, one cannot safely type an e-mail while driving), this does not limit VANET’s potential as a productivity tool.

The main contributions of this paper are as follows:

Vehicular ad hoc network applications and security 117

1 we provide grounds for the economic aspects to be considered for a successful VANET deployment

2 we identify a number of pieces of UK legislation that will require further updates with the introduction and the full implementation of VANETs.

The rest of this paper is organised as follows. In Section 2, we provide a background summary of VANET technology. In Section 3, VANET Applications are discussed. In Section 4, we focus on the security issues and challenges in VANETs. In Section 5, we look at the economic implications of VANET. In Section 6, the legal implications are discussed. Our concluding remarks and future work are presented in Section 7 of this paper.

2 Background of VANET

VANET is regarded as the first commercial version of MANETs as well as one of the most promising MANET application scenarios (Schoch et al., 2006; Zhang, 2010). MANETs are formed without any central administration and consist of mobile nodes that use a wireless interface to send packet data. The roots of ad hoc networking can be traced back as far as 1968 (Frodigh et al., 2000) with some early applications such as the DARPA packet radio network (PRNet) project in 1972 developed by the Defence Advanced Research Projects Agency (DARPA). It was predicted that in the near future, most new vehicles will be equipped with short-range radios capable of communicating with other vehicles or with highway infrastructure at distances of at least one kilometre (Parno and Perrig, 2005). Vehicles will require an authority to oversee and to govern these communications. Multiple ad hoc networking technologies such as: WiFi IEEE 802.11 b/g, WiMAX IEEE 802.16, Bluetooth. IRA and ZigBee are integrated within VANET to allow easy, effective, accurate and simple communication amongst vehicles with dynamic mobility (Singh et al., 2011). Therefore, a VANET could be defined as communication network composed of vehicles (cars, buses, trucks and so on) and roadside base stations. It is a network that enables communications between vehicles and RSUs, and the RSUs can be connected to a backbone network (Qian and Moayeri, 2008). This communication is ad hoc, meaning that each connected node can move freely, (no wires required) and the routers used in this context are called RSUs. Each vehicle will be equipped with an on-board unit (OBU) allowing connection of the vehicle with RSUs via dedicated short-range communications (DSRC) radios. Furthermore, a tamper proof device (TPD) holding all critical information about the vehicle such as vehicle secrets, trip details, drivers identity, speed and position will also be involved in that communication. OBUs are allowed to talk to other OBUs and the road-side infrastructure formed by RSUs. The OBUs and RSUs are equipped with on-board sensory, processing, and wireless communication modules, forming a self-organised network allowing many other network applications and services, including internet access to be provided to vehicles. Figure 1 shows a graphical depiction of a VANET identifying different types of communications including both vehicle-to-vehicle (V2V) communications and vehicle-to-roadside (V2R) communications.


Figure 1 A VANET consists of vehicles and roadside base stations that exchange primarily safety messages to give the drivers the time to react to life-endangering events (see online version for colours)

Source: Raya and Hubaux (2007)

In recent years, several projects have been launched in Europe, the USA and Japan with the unique goal of realising the dream of networking cars and a successful implementation of vehicular networks. Numerous projects held in Europe, involving partners from the automotive industry, governmental agencies and academia. Topics covered within these activities include: hazard warnings triggered by hazard flashers, elaborated within the inter-vehicle hazard warning (IVHW) project; cooperative driving addressed in CarTALK 2000; PROMOTE-Chauffeur, INVENT VLA projects; Driver information and warning issues are addressed by the PReVENT-WILLWARN, SAFESPOT and FleetNET projects.

The Car2Car Communication Consortium is a non-profit industry driven organisation initiated by European car manufacturers in 2004 that is supported by: equipment suppliers, research organisations and other partners. Its goal is to create a European industrial standard for car-to-car communications extending across all brands (C2C CC, 2013). FleetNet was a programme which ran from 2000 to 2003, their research was dominated by efforts to standardise MANET protocols, focusing on the network layer (Fussler et al., 2007). Furthermore, the project network on wheels (NOW) a German research project initiated in 2004 and funded by the German Government, with the main partners including academia, automotive and IT industries which adopt an IEEE 802.11 standard for wireless access adapted to the European market. Their main objectives were to solve technical issues related to communication protocols and data security for car-to-car communications (Abdalla and Senouci, 2007). The radio used for the communication in these systems was DSRC. In 1999, the United States Federal Communications Commission (FCC) in the USA allocated 75 MHz of spectrum in the


5.9 GHz band for DSRC to be used by ITSs. Also, in Europe in August 2008, the European Telecommunications Standards Institute (ETSI) has allocated 30 MHz of spectrum in the 5.9 GHz band for ITS. Although the IEEE 802.11 standards family was initially developed for the use of laptops and PDAs in hot-spots, it is relatively easily converted for vehicular use, moving to a different, licensed frequency band, common for all participating countries. Despite the amount of publication done in this area, economical, legal and institutional issues remain unresolved. After they are dealt with, the deployment phase can begin (Jakubiak and Koucheryavy, 2008).

3 VANET applications

Driving is a skill that requires full attention to safely control the vehicle and respond to events happening on the road ahead. Distraction occurs when the driver focus moves from the road to other activities. In order to maintain the driver’s awareness of his/her environment and decrease the number of accidents on the road, the rapid deployment of VANET enabled technologies became a necessity. The main purpose of VANET was to provide ubiquitous connectivity while on the road to mobile users, who are otherwise connected to the outside world through other networks (Wang and Li, 2009). Integrating a network interface, GPS receiver, different sensors and on-board computer gives the opportunity to build a powerful car-safety system, capable of gathering, processing and distributing high volumes of information (Jakubiak and Koucheryavy, 2008). A vehicular network model normally consists of three layers: data traffic, vehicular traffic, and road network. While the first two are dynamic, the last is naturally fixed. Communications between nodes can be either single-hop or multi-hop and RSUs are assumed to be connected with each other. Researchers are currently working on VANET technologies to make transportation systems more intelligent so they can provide drivers with crucial information like traffic congestion, road closures, weather conditions, their current position and other data on the surrounding traffic. The movement of vehicles is very fast and vehicles act as transceivers. They send and receive signals simultaneously creating an extremely dynamic network which changes continuously. Furthermore, the concentration of vehicles varies from point to point and also depends of the time of day. For instance, the density might decrease at night and increase during peak commuting hours.

The ITS concept includes the integration of advanced communication technologies into the traffic infrastructure as a means to improve driving safety, efficiency and awareness. Thus, ITS is more focused on the upgrade of infrastructure, and the potential applications supported by the upgraded infrastructures. VANETs are generally more autonomous, allowing individual vehicles to interact and function. Each vehicle can adopt the role of a sender, receiver, and router to broadcast information to the vehicular network or transportation agency, which then uses the information to ensure the safe, free-flow of traffic. For communication to occur between vehicles and RSUs, vehicles must be equipped with a radio interface or OBU that enables short-range wireless ad hoc networks to be formed. Vehicles must also be fitted with hardware that permits detailed position information such as a global positioning system (GPS) receiver. Figure 2 shows a graphical depiction of a VANET. The unloading vehicle blocks a route and the surrounding vehicles can adopt alternative routes to avoid disruption.


Figure 2 A graphical depiction of a VANET (see online version for colours)

Note: The unloading vehicle blocks a route and the surrounding vehicles can adopt alternative routes to avoid disruption.

Source: C2C CC (2013)

In practice, a good system design depends on understanding the applications that will be carried in the network. These applications exhibit different communication patterns such as one-to-one, one-to-many, many-to-many and also have diverse requirements such as bandwidth, delay, security and reliability. VANET enabled systems will support a number of applications including traffic signal, vision enhancement, weather conditions, safety and entertainment. Safety warning applications, life-critical safety applications, electronic toll collection, internet access, group communications, and roadside service finders. Most of these applications are proposed by vehicle manufacturers and can be divided into two major categories which are safety-related applications and (commercial) comfort-related applications (Raya and Hubaux, 2007).

3.1 Safety-related applications

Safety-related applications such as collision avoidance, cooperative driving may prevent life-endangering accidents. Signals transmitted from a roadside base station to a vehicle could warn a driver of potential danger while entering an intersection. Communication between vehicles and communication between vehicles and the roadside can save many lives and prevent injuries. Therefore, the security of this category is mandatory, since the proper operation of any of these applications should be guaranteed even in the presence of attackers. Jakubiak and Koucheryavy (2008) have grouped safety-related applications in three main classes which are: assistance (navigation, cooperative collision avoidance and lane-changing); information (speed limit or work zone info); and warning (post-crash, obstacle or road condition warnings). VANETs are believed to improve


traffic safety and transportation management while lowering costs. Various safety and traffic information, including road hazard, accident notification and collision avoidance can be shared via VANETs. Most information within VANET applications has real-time requirements, such as end-to-end delay. For instance, a succession crash could be avoided if the message delay is less than 0.1 seconds, while a delay of 0.4 seconds is not sufficient. In DSRC, the end-to-end delay for critical applications is required to be within 1 second, or even less, within 100 ms. However, the delay of 802.11p, which is part of the VANET protocol stack, is usually over 1 second. Many VANET applications have either delay constraints or other quality of service (QoS) requirements. A solution to providing QoS and reliability in VANET routing is still a challenging problem. For instance, when a brake event happens, the message should be transferred and should arrive in a certain time in order to avoid an accident (Li and Chigan, 2010). These types of signals are life critical therefore demand direct communication due to their delay-critical nature.

3.2 Non-safety-related applications (comfort-related)

The purpose of these applications is to improve passenger comfort and traffic efficiency. Applications in this category will include weather information, instant messaging, online games, and internet access allowing passengers on board the vehicle to have access to internet services. Furthermore, some business will be able to advertise their products using the technology. It is important that non-safety-related applications do not interfere with safety-related applications, therefore possible solutions may be to use separate physical channels for each category of signal or to prioritise the safety-related signals.

4 Security analysis

In order for VANETs to become a ‘real’ technology that can be deployed and guarantee public safety, there is a need for an appropriate security architecture that will protect them from different types of security attacks. In this section, we will identify possible attacks that could be perpetrated against VANET systems.

Furthermore, we will discuss different dimensions of attackers and identify the security requirements for VANETs.

4.1 Possible attacks

The security of VANETs is vital, as the reason of their very existence relates to significant life threatening situations. Due to the nature of open wireless transmission mediums used in VANETs, there are high numbers of attacks that can be mounted against VANET systems. Here, we elaborate some of these attacks.

• Malware: This type of attack (including viruses and worms) is more likely to be carried out by insiders rather than outsiders. Typically, attacks of this type can be injected into the network when the OBUs and RSUs are performing software updates.


• Spamming: Due to the lack of infrastructure and the decentralised nature of VANETs, spam messages are difficult to control. Their very existence within the network increases the possibility of transmission delay, thus affecting the real-time guarantee requirement.

• Denial of service (DoS) attack: Overloads the communication channels and makes the network unavailable for authentic users. These attacks can be carried out internally or externally using techniques such as flooding and jamming.

• Black hole attack: This form of attack takes place when an invader refuses to play its part in the network, by dropping out signals after an established communication, leading to a failure of message propagation.

• Broadcast tampering: An attacker may inject false safety messages into the network. This type of attack can be carried out internally or externally. It allows the suppression of critical warning messages resulting in accidents.

• Replay attack: In this attack, a previously received signal is re-injected back into the network at a later time or in a different location.

• Position faking: Attackers may diffuse false information in the network to affect the behaviour of other drivers. Reliable and accurate reporting of vehicle position information must be guaranteed. Vehicles are exclusively responsible for providing their location information and impersonation must be intolerable. Unsecured communication can allow attackers to modify or falsify their own position information to other vehicles, create additional vehicle identifiers (also known as a Sybil Attack) or block vehicles from receiving vital safety messages.

• GPS spoofing: Attackers may fool vehicles into thinking that they are in a different location. This is done by using GPS satellite simulator generating signals by producing false readings in the GPS positioning system devices. This is possible through the use of a GPS satellite simulator generating signals stronger than those produced by the genuine satellite. The GPS satellite maintains a location table with the identity of all vehicles on the network and their geographic location.

• Masquerading: An attacker actively pretends to be another vehicle by posing as a legitimate vehicle in the network using false identities and can be motivated by rational or malicious objectives. They are then able to launch a multiplicity of attacks including production of false messages or the formation of black holes.

• Sybil attack: This occurs when the attacker uses different identities at the same time and pretends to be multiple vehicles concurrently. Networks are especially vulnerable if each vehicle holds multiple keys.

• Certificate replication/key management: Certification authorities (CA) will be responsible for issuing key certificates to vehicles. An attacker could undermine the system by duplicating a vehicle’s identity across several other vehicles. The objective of such an attack would be to confuse authorities and prevent identification of vehicles in hit-and-run events. Advantages of using a public key infrastructure (PKI) for VANET are accompanied by some challenging problems, notably certificate revocation.


• Message tampering/manipulation: An attacker may inject forged or fabricated messages and is able to suppress or alter transmitter messages. In this case, an attacker either physically disables inter-vehicle communication or changes the application to prevent it from sending to, or responding from application beacons. In general, an attacker can modify packet information including vehicle status, location, emergency braking and other special events. A threat to authenticity can result from an attacker modifying the messages exchanged in V2V or vehicle-to-infrastructure (V2I) communication.

• Tunnelling: Due to the fact that GPS signals disappear temporarily when vehicles enter a tunnel, attackers may exploit this momentary loss of positioning information by injecting false data once vehicles are out of the tunnel and before reception of updated location information.

4.2 Attackers

Attacker creates problems in the network by getting full access of communication medium, e.g., DSRC. Raya and Hubaux (2007) classify attackers as having four dimensions: ‘insider versus outsider’, ‘malicious versus rational’, ‘active versus passive’ and ‘local versus extended’. The ideal solution should allow drivers to distinguish genuine members of the network from malicious individuals, by determining the liability of each driver while maintaining their privacy. The inspiration behind VANET was to merge various disciplines involving engineers, computer scientists, psychologists, legislators and many others professionals together with car manufacturers, in order to make driving more secure and comfortable. Attackers have their own role in this network and predicting their dynamic behaviour is difficult. If an attacker works on safety applications and changes the content of safety messages then it will create very difficult situations on the road where many users may be affected. For example, an attacker can selectively drop packets from the network, these packets may hold critical information for the receiver. The attacker suppresses these packets and can use them again at another time. The purpose of such an attacker may be to prevent registration and insurance authorities from learning about collisions involving his vehicle or to avoid delivering collision reports to roadside access points. An advantage of VANETs over the more common ad hoc network is that they provide sufficient computational and power resources. Indeed, a typical vehicle may possibly host numerous microprocessors.

4.3 Security requirement

Security is amongst the essential user requirements in VANETs and it will be difficult to convince drivers to use this new technology unless it is made secure at an acceptable level. The problem at hand is to secure the operation of VANET systems by designing protocols that mitigate attacks and thwart deviations from the implemented protocols to the greatest possible extent. This section includes some of the basic security requirements for VANET systems based on application needs as discussed in Seuwou et al. (2012).

• Authentication: Authentication is the core security requirement in VANET. Vehicles reactions to events should be based on legitimate messages. This service is concerned with assuring that the origin of a message is correctly identified.


• Integrity: This is a service assuring that system assets and information transmitted over the network cannot be altered by unauthorised parties. Indeed, these modifications may include writing, changing, altering the status, deleting or injecting transmitted messages. Therefore, it is important to highlight that integrity is related to active attacks as well as technical errors.

• Confidentiality (sometimes misleadingly called privacy): In VANETs, vehicles send and receive safety as well as non-safety messages on either a V2V or V2I basis. This service ensures that the transported information is kept secret from all unauthorised parties and cannot be eavesdropped on its way between the sender and the receiver.

• Privacy: Privacy is an important factor for the public’s acceptance and successful deployment of VANETs as people are increasingly concerned about Big Brother enabling technologies. In a vehicle context, it is achieved when two related goals are satisfied (untraceability and unlinkability). This service ensures the user is able to maintain control of personal data and his/her location. This service also secures other information related to the vehicle from unauthorised parties. This may include information such as identity of the driver, the driving behaviour, Electronic License Plate (ELP), speed of the vehicle, internal car sensor data, the past and present location of the vehicle. Therefore, privacy can be of various types: 1 user data privacy 2 location privacy 3 route privacy.

• Availability: This service requires every node to be able to send information at any time. As mentioned above, the main purpose of VANETs was to serve users by making driving more secure and comfortable. For that reason, if the network is not available for communication, then VANET becomes useless. Vehicular networks must be available at all times, as many applications require real-time communications with fast response times. Any delay, even a few milliseconds may make a specific message become meaningless. This may increase the likelihood of serious accidents occurring.

• Access control: This service provides users with the ability to restrict access to resources reserved for privileged entities. Access control policies can be implemented on RSUs allowing limited access to other vehicles infrastructure and application data through communication channels.

• Non-repudiation: This requirement is also called auditability. This service prevents the server or receiver from denying receipt of a transmitted message. Moreover, senders and receivers can prove that a particular message has been received or sent.

5 Economic implications of VANET deployment

In the near future, vehicles are expected to be equipped with VANET technologies although it is likely to take a considerable time before all vehicles are fully VANET enabled (Weimerskirch et al., 2010). The costs for software and electronics are estimated to approach the 50% margin level in car manufacturing in 2015. Furthermore, amongst


the total number of vehicle innovations today, it is estimated that 90% are all centred on information technology software and hardware.

There are two mechanisms that lead to a successful market introduction for customer technologies:

• a visible added value of the technology for the customer

• a regulative order that does not leave alternatives requires its use.

Indeed, research shows that VANET is a necessity. Therefore, as a means of accelerating the process of VANET market penetration, collaboration among automotive manufacturers, government agencies, legal authorities and other third parties must be elaborated. In the USA alone, around 7 million vehicles are sold per year in a total number of about 243 millions (Jakubiak and Koucheryavy, 2008). There will be a need for supporting infrastructure made available in the form of RSUs. It was estimated that in order to make the network usable, penetration of at least 10% is needed. Provided that 50% of all newly produced vehicles are VANET enabled, reaching the 10% should take an average of 3 years (Jakubiak and Koucheryavy, 2008). The cost of security solutions is critical in any IT system. The risk involved in vehicular networks can be much larger than the risk in the conventional computing world. The hacking of an automotive safety-critical application system can have far more impact due to the life threatening aspect of the potential consequences. A possible scenario may be a VANET safety application successfully compromised by one or more threats of conventional IT systems such as hacking, phishing, pharming, etc… these security gaps may create disastrous effects in a VANET context.

Figure 3 A Smart vehicle’s onboard instrumentation

Notes: The computing platform supervises protocol execution, including those related to security. The communication facility supports wireless data exchange with other vehicles or fixed stations.

Source: Hubaux et al. (2004)

There is another cost issue related to various electronic components such as the event data recorder (EDR) which is an extra security system. The EDR is a logging mechanism to track and record events in an accident, similar to the idea of the black box in an airplane. Figure 3 represents a smart vehicle with various technologies which will be imbedded in future cars. This emerging technology is being introduced slowly into


society with equipment such as the GPS which is a space-based satellite navigation system that provides location and time information in all weather, anywhere on or near the Earth. Other technologies include the forward and rear radar systems.

EDR is a non-volatile tamper-proof storage hardware system used to record all the emergency-related information received through the VANET, including: speed data, time, vehicle location, acceleration data and so on. Data will be stored in the EDR but there will also be equipment called a TPD generating and receiving encrypted messages to be stored in the EDR. If someone tries to open a TPD by brute-force, there will be a security measure allowing all the stored keys in it to be erased to prevent them from being compromised; Similar to the concept of the Cryptex in The Da Vinci Code. Indeed all of the above equipment will be introduced with their various economic implications. Generally speaking, due to the familiar threats of conventional IT systems such as hacking, phishing, pharming…, there is an understanding of security in the computing world by end-users who are willing to invest in security solutions (firewall and anti-virus software …). On the other hand, there is little willingness by vehicle buyers to spend a lot on security. Research shows that the main challenge in providing security in VANET depends on privacy, trust, cost and gradual deployment. Therefore, it is crucial for any security solutions to be mainly cost effective. Despite all the economic problems related to VANET deployment, there is the potential to successfully introduce the technology into the market as long as there is cooperation among key parties.

6 Legal implication of VANET deployment

As society changes, its goals and values also change. It is believed that advancements in technology are not always closely followed by lawmakers as attackers are continuously looking for ways to escape the judicial system. Balancing privacy concerns with security needs will require codifying legal, societal and practical considerations. Most countries have widely divergent laws concerning their citizens’ right to privacy (Parno and Perrig, 2005). In today’s world, most car manufacturers operate at an international level in multinational markets, therefore they will require security solutions able to satisfy the most severe laws or that can be customised to meet their legal obligations. There are a number of pieces of UK legislation that may be relevant to information security in VANETs. These may include: the Telecommunications Regulations 2003; the Companies Act 2006; the Copyright, Designs and Patents Act 1988; the Computer Misuse Act 1990 (as updated by the Police and Justice Act 2006); the Data Protection Act 1998; the Human Rights Act 1998; the Electronic Communications Act 2000; the Regulation of Investigatory Powers Act 2000; the Freedom of Information Act 2000; and the software licensing regulations (Calder and Watkins, 2010).

The legal aspects of VANETs are related to the over-lapping areas of law and ITS. Existing transportation law must be changed or be adapted to reflect developments in the transportation industry. This change is due to the synergy of various academic disciplines and professionals, combined with the exponential growth of information technology. Information technology law (IT law) should not be confused with the IT aspects of law, although there is an overlap between the two concepts. There is a set of legal requirements currently in existence in several countries which govern transportation. These laws differ depending on the country. Cyber law or internet law is a term that encapsulates the legal issues related to use of the Internet.


Criminals, military, government and the public listen in on conversations, as well as Law enforcement agencies, but they do it legally. The Electronic Communications Privacy Act grants law enforcement agencies the right to tap phones if they can prove to a judge that they have probable cause. This may be due to an illegal activity, a matter of life or death, in order to enforce a law or to gain evidence on a criminal element. The courts normally limit the monitoring to a specific legal duration (Nichols and Lekkas, 2002). In the future, when VANET technologies are completely deployed, this law will be amended to incorporate the changes in the technology.

There are negative implications associated with distracted driving – especially in conjunction with a crash. Survey research shows that self-reporting of negative behaviour is lower than the actual occurrence of that type of negative behaviour. There is no reason to believe that self-reporting of distracted driving to a law enforcement officer would differ. The inference herein is that the reported driver distraction during crashes is lower than the actual occurrence (US DOT, 2010).

If a driver fatality occurs in the crash, law enforcement must rely on the crash investigation evidence in order to report on whether driver distraction was involved. Law enforcement may not have sufficient information to indicate distraction. These investigations may rely on witness accounts and often these accounts are not available (US DOT, 2010).

Through the ability to digitise any form of information, technology is changing everything. Boundaries between the various forms of surveillance are disappearing with the application of information technology linking surveillance techniques into a near seamless web of surveillance. Developments in data processing suggest that the distinction between informational and physical privacy is becoming more and more flimsy. Law is a vital institution through which society achieves its goals. The Traffic Law System (TLS) is an important concept within an ITS. Legislative requirements may force VANETs to provide strong security and privacy solutions. Notions of privacy have evolved and changed over time. The classic definition of the concept is that it consists of the ‘right to let alone’. In terms of isolation from the scrutiny of others, the average individual living in a town or city enjoys vastly more personal privacy than our ancestors who lived in small villages, where every action was known to and was a source of comment for neighbours. The right to privacy receives a measure of recognition in the European Convention on Human Rights which provides that ‘Everyone has the right to respect for their private, family life, their home and correspondence’. To a greater extent than with other basic human rights, the right to privacy must be subject to considerable qualification and, as epitomised in the on-going debate concerning the allegedly intrusive nature of media activities. The right to privacy has to be balanced against a basket of other rights.

As transportation systems develop, many new legal policy issues for which there is now little or inexistent precedent arises. Legislators may be required to generate laws prohibiting the activities presumed to be causing highway transportation system dysfunctions, also finding ways to reinforce these laws. An official determination of guilt for those accused of not complying with the laws, as well as an imposition of legal sanctions against those found guilty of disobeying the laws is required. Deployment of VANETs will create many novel and challenging problems for the transportation lawyer. It will require the development of new ideas and new approaches to accomplish new goals for our transportation systems.


7 Conclusions and future works

VANET is an emerging area in the field of networking, still in need of solutions and proposals. In this paper, we gave an overview of the technologies including the standard and the spectrum frequency allocation; we investigated its applications and identify the security issues related to the introduction of this emerging technology. Moreover, we have discussed the economic and legal implications of VANET market penetration. These issues remain unresolved and show that VANET deployment will start only after they are dealt with. VANET systems could become fully functional within a few years with sufficient roadside infrastructure being built. However, this is only if vehicle manufacturers, governmental agencies, legislators, transportation authorities and other third parties decide to work together to improve road safety and make driving more enjoyable. Future work may be to explore the ethical implications of VANET implementation.

References Abdalla, G.M.T. and Senouci, S.M. (2007) ‘Current trends in vehicular ad hoc networks’,

Proceedings of UBIROADS Workshop. C2C CC (2013) Car-to-Car Communications Consortium [online] http://www.car-2-car.org/

(accessed 16 August 2013). Calder, A. and Watkins S. (2010) IT Governance, A Manager’s Guide to Data Security and

ISO27001/ISO27002, 4th ed., pp.21–22, Kogan Page, London. De Fuentes, J.M. and González-Tablas, A.I. (2011) ‘Overview of security issues in vehicular

ad-hoc networks’, in Handbook of Research on Mobility and Computing: Evolving Technologies and Ubiquitous Impacts, pp.894–911.

ERSO (2010) Annual Statistical Report, based on data from CARE/ES, SafetyNet project: Building the European Road Safety Observatory [online] http://www.dacota-project.eu/Deliverables/ DaCoTA_WP3_D3_1_final%20with%20Annex.pdf (accessed: 16 August 2013).

Federal Communications Commission (FCC) (1999) [online] http://transition.fcc.gov/Bureaus/Engineering_Technology/News_Releases/1999/ nret9006.html (accessed 16 August 2013).

Frodigh, M., Johansson, P. and Larsson, P. (2000) ‘Wireless ad hoc networking – the art of networking without a network’, Ericsson Review, No. 4, p.248.

Fussler, H., Schnaufer, S., Transier, M. and Effelsberg, W. (2007) ‘Vehicular ad-hoc networks: from vision to reality and back’, Proc. of IEEE Wireless on Demand Network Systems and Services.

Hubaux, J-P., Capkun, S. and Luo, J. (2004) ‘The security and privacy of smart vehicles’, IEEE Security and Privacy Magazine, Vol. 2, No. 3, pp.49–55.

Jakubiak, J. and Koucheryavy, Y. (2008) ‘State of the art and research challenges for VANETs’, Proceedings of the 5th Annual IEEE CCNC, pp.912–916.

Li, J. and Chigan, C. (2010) ‘Delay-aware transmission range control for VANETs’, IEEE Globecom 2010 Proceedings, USA.

Lind, R., Schumacher, R., Reger R., Olney, R., Yen, H. and Laur, M. (1998) ‘The network vehicle – a glimpse into the future of mobile multi-media’, IEEE Aerosp. Electron. Syst. Mag.

Nichols, R.K. and Lekkas, P.C. (2002) Wireless Security Models, Threats, and Solutions, pp.100–116, McGraw-Hill Telecom, London.

Parno, B. and Perrig, A. (2005) ‘Challenges in securing vehicular networks’, in Proceedings of the Workshop on Hot Topics in Networks (HotNets-IV).


Qian, Y. and Moayeri, N. (2008) ‘Design secure and application-oriented VANETs’, Proceedings of IEEE VTC’2008, Spring, Singapore.

Raya, M. and Hubaux, J.P. (2007) ‘Securing vehicular ad hoc networks’, Journal of Computer Security, Vol. 15, No. 1, pp.39–68.

Schoch, E., Kargl, F., Leinmuller, T., Schlott, S. and Papadimitratos, P. (2006) ‘Impact of pseudonym changes on geographic routing in VANETs’, in Proc. of the European Workshop on Security and Privacy in Ad hoc and Sensor Networks (ESAS), pp.43–57.

Seuwou, P., Patel, D., Protheroe, D. and Ubakanma, G. (2012) ‘Effective security as an ill-defined problem in vehicular ad hoc networks (VANETs)’, Road Transport Information and control (RTIC 2012), IET and ITS Conference, IEEE, London [online] http://ieeexplore.ieee.org/ (accessed 19 August 2013)

Singh, P.K., Lego, K. and Tuithung, T. (2011) ‘Network centric approach using MOVE & application centric approach using TraNS for protocols and safety in VANET’, International Journal of Research and Reviews in Computer Science (IJRRCS), Vol. 2, No. 1, p.104.

US Department of Transportation (US DOT) (2010) Distracted Driving 2009, Traffic Safety Facts Research Note, National Highway Traffic Safety Administration [online] http://www.distraction.gov/research/PDF-Files/Distracted-Driving-2009.pdf (accessed 18 August 2013)

US Department of Transportation (US DOT) (2013) US Department of Transportation Research and Innovative Technology Administration [online] http://www.its.dot.gov/index.htm/ (accessed 16 August 2013).

Wang, Y. and Li, F. (2009) ‘Vehicular ad hoc networks, guide to wireless ad hoc networks’, Computer Communications and Networks, p.504, Springer, London.

Weimerskirch, A., Haas, J.J., Hu, Y.C. and Laberteaux, K.P. (2010) ‘Data security in vehicular communication networks’, VANET Vehicular Applications and Inter-Networking Technologies.

Zhang, L. (2010) Research on Security and Privacy on Vehicular Ad Hoc Networks [online] http://www.tesisenxarxa.net/TESIS_URV/AVAILABLE/TDX-1215110-120259//tesi.pdf (accessed 16 August 2013).

Vehicular Ad Hoc NETwork Application and Security: A study into the Economic and Legal implications

Documents

Transcript of Vehicular Ad Hoc NETwork Application and Security: A study into the Economic and Legal implications