Cybersecurity and trust: the key to connected mobility

The essence of connected mobility

'Connected mobility is the ability for vehicles and infrastructure to communicate with each other', Seipel explains. 'It's about what needs to happen to ensure a safe mode of transport. Practical examples can already be found in the area of prioritizing emergency vehicles or local public transport. Through connected mobility, vehicles can exchange real-time information about their position, speed, and expected arrival time at intersections. This allows us to prioritize any type of movement that public transport or emergency vehicles need to make for reasons of punctuality, reducing emissions or increasing the protection of road users. Think about an approaching ambulance. The ambulance communicates with the traffic lights, is given priority and all other road users must pay increased attention to the traffic. This early communication between vehicles and infrastructure can help reduce potential hazards. All of this happens with data that is continuously exchanged.'

Privacy and data minimization

What if all these networked mobility systems collect and misuse personal data? Seipel: ‘The concern that everyone knows where you are coming from and where you are going is unfounded. We can't tell who you are on the street. Every identity is changed within a few seconds so that you cannot be traced. SWARCO adheres to the strict principle of data minimization. We only use the data that is necessary to give vehicles right of way or to make traffic routing safer,’ emphasizes Seipel. The data in the C-ITS system is not personalized and cannot be traced back to individuals.

Cyber threats and security

The biggest risk for connected mobility systems lies in the manipulation of priority signals. 'Imagine: a hacker at an intersection tells an ambulance that it has priority, when it doesn't’, Seipel illustrates. 'If the ambulance then drives at high speed across the intersection while it doesn't have priority, this creates dangerous situations.'

To prevent this, SWARCO uses a PKI (Private Key Infrastructure) to certify messages. ‘This allows each vehicle in our C-ITS systems to certify its own communication point and every other communication point in the system’, Seipel explains. 'These communication points, in technical terms called 'stations', can be vehicles, traffic lights, roadside equipment, or other infrastructure elements that are part of the connected mobility network. This differs fundamentally from conventional traffic infrastructure, where a hacked priority system could send misleading messages.’

Security by design

SWARCO builds security into connected mobility systems from the start. 'We are part of various certification and standardization committees,' says Seipel. 'That's why we promote traffic safety ourselves, not only by implementing it in our systems but by directly incorporating it into a standard.' A concrete example of this is the collaboration with competitors in highway projects, where SWARCO aims for the highest level of security requirements at the EU level. 'The safety of both the road user and the system is central,' Seipel emphasizes.

For governments and road operators, SWARCO offers a cost-effective solution. 'In Germany, for example, SWARCO collaborates with the ‘Bundesdruckerei’, a government agency specialized in secure documents and digital identities. This collaboration should make it possible in future to offer standardized security solutions that are also affordable and manageable for small municipalities.

The balance between innovation and safety

According to Seipel, innovation and cybersecurity cannot exist without each other. 'Usually, technological developments progress faster, and the security aspects are addressed simultaneously or shortly afterward,' he explains. 'So, before the public can use a system, safety must always be guaranteed first.' With an eye on the future of autonomous mobility, Seipel believes creating trust among road users is essential: 'Connected mobility systems are there to guide road users safely through traffic. In a world where vehicles and infrastructure are increasingly connected, these connections must be not only smart but also secure.'