Vehicle Service Center --> Vehicle:
vehicle software install/upgrade
Definitions
vehicle software install/upgrade (Information Flow): This flow supports installation and update of software residing in vehicle on-board equipment. It supports download of the software installation files, including executable code and associated support files.
Vehicle Service Center (Source Physical Object): 'Vehicle Service Center' represents vehicle service centers that collect vehicle diagnostic information from vehicles and provide service options for drivers of these vehicles. The physical object also includes centers operated by vehicle manufacturers that can coordinate with connected vehicles to obtain vehicle operating data and provide software or data updates to connected vehicles that they have manufactured.
Vehicle (Destination Physical Object): This 'Vehicle' physical object is used to model core capabilities that are common to more than one type of Vehicle. It provides the vehicle-based general sensory, processing, storage, and communications functions that support efficient, safe, and convenient travel. Many of these capabilities (e.g., see the Vehicle Safety service packages) apply to all vehicle types including personal vehicles, commercial vehicles, emergency vehicles, transit vehicles, and maintenance vehicles. From this perspective, the Vehicle includes the common interfaces and functions that apply to all motorized vehicles. The radio(s) supporting V2V and V2I communications are a key component of the Vehicle. Both one-way and two-way communications options support a spectrum of information services from basic broadcast to advanced personalized information services. Advanced sensors, processors, enhanced driver interfaces, and actuators complement the driver information services so that, in addition to making informed mode and route selections, the driver travels these routes in a safer and more consistent manner. This physical object supports all six levels of driving automation as defined in SAE J3016. Initial collision avoidance functions provide 'vigilant co-pilot' driver warning capabilities. More advanced functions assume limited control of the vehicle to maintain lane position and safe headways. In the most advanced implementations, this Physical Object supports full automation of all aspects of the driving task, aided by communications with other vehicles in the vicinity and in coordination with supporting infrastructure subsystems.
Included In
This Triple is in the following Service Packages:
This triple is associated with the following Functional Objects:
This Triple is described by the following Functional View Data Flows:
This Triple has the following triple relationships:
None |
Communication Solutions
- Uptane - Secure Wireless Internet (ITS) (1)
- X.1373 - Secure Wireless Internet (ITS) (10)
- (None-Data) - Secure Wireless Internet (EU) (32)
- (None-Data) - OASIS MQTT over Wireless (42)
- (None-Data) - OASIS AMQP over Wireless (45)
Selected Solution
Solution Description
ITS Application Entity
Development needed |
Click gap icons for more info.
|
||
Mgmt
Apache Zookeeper |
Facilities
Apache Kafka Apache Zookeeper |
Security
IETF RFC 8446 |
|
TransNet
|
|||
Access
|
Note that some layers might have alternatives, in which case all of the gap icons associated with every alternative may be shown on the diagram, but the solution severity calculations (and resulting ordering of solutions) includes only the issues associated with the default (i.e., best, least severe) alternative.
Characteristics
Characteristic | Value |
---|---|
Time Context | Static |
Spatial Context | National |
Acknowledgement | True |
Cardinality | Unicast |
Initiator | Source |
Authenticable | True |
Encrypt | False |
Interoperability | Description |
---|---|
National | This triple should be implemented consistently within the geopolitical region through which movement is essentially free (e.g., the United States, the European Union). |
Security
Information Flow Security | ||||
---|---|---|---|---|
Confidentiality | Integrity | Availability | ||
Rating | Low | High | Moderate | |
Basis | Equipment software could be sensitive, however this flow is local, meaning the Field Support Equipment is proximate to the TSE. Thus the risk of interception should be low. There may also be constraints on this flow that require this information to be transmitted in the clear. If it includes any authentication data however, this should be MODERATE. | Software updates to the Vehicle OBE must be authenticated as having come from a source entitled to provide that software, or roadway equipment may be comprimised. Similarly, such software must be guaranteed to being the intent of the originator; not manipulated midstream or corrupted, or the OBE may be mis-configured or compromised. | Without the ability to locally diagnose, operate, update and configure the Vehicle OBE, the OBE is effectively out of control and would have to be taken out of service. Marked MODERATE and not HIGH however because a vehicle system is presumed to be able to operate without a connection to a backoffice service. For specific instances where this flow is used as part of a local, in-person configuration or maintenance service, would be HIGH. |
Security Characteristics | Value |
---|---|
Authenticable | True |
Encrypt | False |