Secure-By-Design Architectures for Cooperative Intelligent Transport Systems: A Standards-Aligned Approach
摘要
Cooperative Intelligent Transport Systems (C-ITS) bring together vehicles, roadside infrastructure, and service platforms into a continuously interacting environment. The diversity and scale of these systems create persistent challenges for both security and interoperability. This paper introduces a standards-based methodology for designing C-ITS with security built in from the outset. The approach combines a structured decomposition of system assets and message flows with a goal-oriented security workflow, allowing concrete safeguards, such as authenticated communication, protected data exchange, resilient message delivery, and traceable logging, to be derived at an early stage, without depending on past incident data. The result is a solution architecture that is both traceable and interoperable, reducing the need for scarce security expertise and accommodating different communication technologies. The method is illustrated with a vehicle-to-infrastructure (V2I) case study, where roadside units broadcast roadworks warnings and movement data to vehicles. Our contribution is twofold: (i) a standards-aligned method for secure-by-design C-ITS architecture, and (ii) its application to a realistic deployment scenario, offering a practical path toward more resilient and adaptable transport systems.