Endpoint
2/6/2014
03:51 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Security Innovation Applauds U.S. DOT Decision To Move Forward With 'Talking Cars' Program

US DOT research indicates that safety applications using V2V technology can reduce the majority of crashes

Wilmington, Mass., February 5, 2014 – Dr. William Whyte, principal advisor of the US DOT-sponsored VII Proof of Concept project for secure vehicle communications, is proud to have played a part in developing the technology behind yesterday's announcement by the US DOT's National Highway Traffic Safety Administration (NHTSA) to enable vehicle-to-vehicle (V2V) communication technology for light vehicles. The technology will improve safety by allowing vehicles to "talk" to each other and avoid collisions by exchanging data such as speed and position hundreds of times per second.

Before this life-saving technology can be widely adopted, it has to be reliable and secure. As co-author of the IEEE 1609.2 standard for connected vehicle security, Dr. Whyte and his team have been working within the Intelligent Transportation Systems (ITS) community to ensure privacy and security are guaranteed and that communication between vehicles cannot be maliciously altered or used to track driver behavior or location. "We are thrilled that the US Government has taken this bold step to significantly reduce fatalities and serious injury through the adoption of robust technology," said Dr. Whyte. "With this announcement, Security Innovation will accelerate our collaboration with chip designers, wireless providers, on-board equipment manufacturers, infrastructure providers and car makers to ensure that security and privacy remain the number one priority."

US DOT research indicates that safety applications using V2V technology can reduce the majority of crashes, with survivability improvements expected to be even greater than from the introduction of seatbelts. When widely deployed, secure vehicle communications could prevent 80% of unimpaired driver accidents. Additionally, a recent DOT safety pilot program concluded that V2V standards and technologies are mature enough to work in full-scale production. Security Innovation's AeroLink&trade secure communications product was a key element in this success.

As an active and influential practitioner in this field, Security Innovation's understanding of the technical specifications and interoperability required to provide highly secure platforms for V2V will help improve automobile safety worldwide. The company does this through independent research and as a contributing member to organizations such as ITS America, OmniAir, ETSI (European Telecommunications Standards Institute), CAMP (Collision Avoidance Metrics Partnership), and the European Car2Car Consortium.

About Aerolink&trade

Aerolink&trade is the industry-leading implementation of high-speed communications security for connected vehicles based on the IEEE 1609.2 standard. It is the result of years of research and development in anticipation of the day when vehicles travelling at highway speed can communicate effectively while their occupant's remain confident of information security and privacy.

About Security Innovation

Security Innovation specializes in Software Security and Data Privacy for the world's most demanding environments. For over a decade, the company has helped organizations build and deploy more secure software systems and harden their data protection efforts. Security Innovation is privately held and is headquartered in Wilmington, MA USA. Visit the company at www.securityinnovation.com or on Twitter @SecInnovation.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-5211
Published: 2015-01-27
Stack-based buffer overflow in the Attachmate Reflection FTP Client before 14.1.433 allows remote FTP servers to execute arbitrary code via a large PWD response.

CVE-2014-8154
Published: 2015-01-27
The Gst.MapInfo function in Vala 0.26.0 and 0.26.1 uses an incorrect buffer length declaration for the Gstreamer bindings, which allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors, which trigger a heap-based buffer overf...

CVE-2014-9197
Published: 2015-01-27
The Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware before 1.60 IR 04 stores rde.jar under the web root with insufficient access control, which allows remote attackers to obtain sensitive setup and configuration information via a direct request.

CVE-2014-9198
Published: 2015-01-27
The FTP server on the Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware through 1.60 IR 04 has hardcoded credentials, which makes it easier for remote attackers to obtain access via an FTP session.

CVE-2014-9646
Published: 2015-01-27
Unquoted Windows search path vulnerability in the GoogleChromeDistribution::DoPostUninstallOperations function in installer/util/google_chrome_distribution.cc in the uninstall-survey feature in Google Chrome before 40.0.2214.91 allows local users to gain privileges via a Trojan horse program in the ...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
If you’re a security professional, you’ve probably been asked many questions about the December attack on Sony. On Jan. 21 at 1pm eastern, you can join a special, one-hour Dark Reading Radio discussion devoted to the Sony hack and the issues that may arise from it.