Cooperative, connected and automated mobility (CCAM) is a growing trend in the EU that could play an important role in creating safer, and more efficient and comfortable transportation systems. The EU-funded CONNECT project will focus on the convergence of safety and security in CCAM. CONNECT will facilitate cyber-secure data-sharing between data sources in the CCAM ecosystem that lack an established trust relationship, and will outsource tasks to multi-access edge computing (MEC) and cloud in a trustworthy manner. It will strengthen the Zero Trust concept, which continuously validates every stage of a digital interaction, for MEC and cloud environments. CONNECT’s work will impact the future of smart transportation.
CONNECT addresses the convergence of security and safety in CCAM by assessing dynamic trust relationships and defining a trust reasoning framework based on which involved entities can establish trust for cooperatively executing safety-critical functions. This will enable both a) cyber-secure data sharing between data sources in the CCAM ecosystem that had no or insufficient pre-existing trust relationship, and b) outsourcing tasks to the MEC and cloud in a trustworthy way. Beyond the needs of functional safety, trustworthiness management should be included in CCAM’s security functionality solution for verifying trustworthiness of transmitting stations and infrastructure.
CONNECT will build upon and expand the Zero Trust concept to tackle the issue of how to bootstrap vertical trust from the application, the execution environment and device hardware from the vehicle up to MEC and cloud environments. This includes measuring the system when instantiating network functions and determining the integrity and origin of software. Trusted Execution Environments (TEEs), as sw- or hw-based security elements, will be essential to establish a verifiable chain of trust throughout the entire application stack of the host vehicle, as well as protecting data in transit, at rest and in use. By coupling the Zero Trust security principle with the need of “Never Trust, Always Verify”, CONNECT bootstraps vertical trust for all users, devices and systems in the CCAM ecosystem by enabling continuous authorization and authentication prior to be granted access to data or resources. Through TEE-enabled “Chip-to-Cloud"" assurances and verifiable chain of trust, CONNECT reaches its full potential: not only does it mitigates risks stemming from the Zero Trust CCAM environment but also ensures resilience. This can make CONNECT the cornerstone of future smart transportation as it will usher new levels of safety and connectivity and bring vehicles even close to autonomy."