Endpoint
2/6/2014
03:51 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Security Innovation Applauds U.S. DOT Decision To Move Forward With 'Talking Cars' Program

US DOT research indicates that safety applications using V2V technology can reduce the majority of crashes

Wilmington, Mass., February 5, 2014 – Dr. William Whyte, principal advisor of the US DOT-sponsored VII Proof of Concept project for secure vehicle communications, is proud to have played a part in developing the technology behind yesterday's announcement by the US DOT's National Highway Traffic Safety Administration (NHTSA) to enable vehicle-to-vehicle (V2V) communication technology for light vehicles. The technology will improve safety by allowing vehicles to "talk" to each other and avoid collisions by exchanging data such as speed and position hundreds of times per second.

Before this life-saving technology can be widely adopted, it has to be reliable and secure. As co-author of the IEEE 1609.2 standard for connected vehicle security, Dr. Whyte and his team have been working within the Intelligent Transportation Systems (ITS) community to ensure privacy and security are guaranteed and that communication between vehicles cannot be maliciously altered or used to track driver behavior or location. "We are thrilled that the US Government has taken this bold step to significantly reduce fatalities and serious injury through the adoption of robust technology," said Dr. Whyte. "With this announcement, Security Innovation will accelerate our collaboration with chip designers, wireless providers, on-board equipment manufacturers, infrastructure providers and car makers to ensure that security and privacy remain the number one priority."

US DOT research indicates that safety applications using V2V technology can reduce the majority of crashes, with survivability improvements expected to be even greater than from the introduction of seatbelts. When widely deployed, secure vehicle communications could prevent 80% of unimpaired driver accidents. Additionally, a recent DOT safety pilot program concluded that V2V standards and technologies are mature enough to work in full-scale production. Security Innovation's AeroLink&trade secure communications product was a key element in this success.

As an active and influential practitioner in this field, Security Innovation's understanding of the technical specifications and interoperability required to provide highly secure platforms for V2V will help improve automobile safety worldwide. The company does this through independent research and as a contributing member to organizations such as ITS America, OmniAir, ETSI (European Telecommunications Standards Institute), CAMP (Collision Avoidance Metrics Partnership), and the European Car2Car Consortium.

About Aerolink&trade

Aerolink&trade is the industry-leading implementation of high-speed communications security for connected vehicles based on the IEEE 1609.2 standard. It is the result of years of research and development in anticipation of the day when vehicles travelling at highway speed can communicate effectively while their occupant's remain confident of information security and privacy.

About Security Innovation

Security Innovation specializes in Software Security and Data Privacy for the world's most demanding environments. For over a decade, the company has helped organizations build and deploy more secure software systems and harden their data protection efforts. Security Innovation is privately held and is headquartered in Wilmington, MA USA. Visit the company at www.securityinnovation.com or on Twitter @SecInnovation.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6306
Published: 2014-08-22
Unspecified vulnerability on IBM Power 7 Systems 740 before 740.70 01Ax740_121, 760 before 760.40 Ax760_078, and 770 before 770.30 01Ax770_062 allows local users to gain Service Processor privileges via unknown vectors.

CVE-2014-0232
Published: 2014-08-22
Multiple cross-site scripting (XSS) vulnerabilities in framework/common/webcommon/includes/messages.ftl in Apache OFBiz 11.04.01 before 11.04.05 and 12.04.01 before 12.04.04 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in a (1)...

CVE-2014-3525
Published: 2014-08-22
Unspecified vulnerability in Apache Traffic Server 4.2.1.1 and 5.x before 5.0.1 has unknown impact and attack vectors, possibly related to health checks.

CVE-2014-3563
Published: 2014-08-22
Multiple unspecified vulnerabilities in Salt (aka SaltStack) before 2014.1.10 allow local users to have an unspecified impact via vectors related to temporary file creation in (1) seed.py, (2) salt-ssh, or (3) salt-cloud.

CVE-2014-3587
Published: 2014-08-22
Integer overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. NOTE: this vulnerability exists bec...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Three interviews on critical embedded systems and security, recorded at Black Hat 2014 in Las Vegas.