< < VS01 : VS02 : VS03 > >

VS02: V2V Basic Safety

This service package exchanges basic safety messages with surrounding Connected Vehicles to support and augment the safety warning and control automation features identified in VS01. These exchanges support Connected Vehicle safety applications defined in SAE J2945/1: Emergency Electronic Brake Lights, Forward Crash Warning, Blind Spot Warning/Lane Change Warning, Intersection Movement Assist, Left Turn Assist, and Control Loss Warning. It also supports Do Not Pass Warning, Motorcycle Approaching indication, Tailgating Advisory, Stationary Vehicle, and Pre-Crash Actions applications from CVRIA.

Enterprise

Development Stage Roles and Relationships

Installation Stage Roles and Relationships

Operations Stage Roles and Relationships
(hide)

Source Destination Role/Relationship
Basic Vehicle Maintainer Basic Vehicle Maintains
Basic Vehicle Manager Basic Vehicle Manages
Basic Vehicle Manager Basic Vehicle Operator System Usage Agreement
Basic Vehicle Manager Driver System Usage Agreement
Basic Vehicle Operator Basic Vehicle Operates
Basic Vehicle Owner Basic Vehicle Owns
Basic Vehicle Owner Vehicle OBE Owner Expectation of Data Provision
Basic Vehicle Supplier Basic Vehicle Owner Warranty
Driver Basic Vehicle Operates
Driver Vehicle OBE Operates
Driver Vehicle OBE Owner System Usage Agreement
Other Vehicle OBEs Maintainer Other Vehicle OBEs Maintains
Other Vehicle OBEs Manager Other Vehicle OBEs Manages
Other Vehicle OBEs Manager Other Vehicle OBEs Operator System Usage Agreement
Other Vehicle OBEs Operator Other Vehicle OBEs Operates
Other Vehicle OBEs Owner Other Vehicle OBEs Owns
Other Vehicle OBEs Owner Vehicle OBE Owner Expectation of Data Provision
Other Vehicle OBEs Supplier Other Vehicle OBEs Owner Warranty
Vehicle OBE Maintainer Vehicle OBE Maintains
Vehicle OBE Manager Driver System Usage Agreement
Vehicle OBE Manager Vehicle OBE Manages
Vehicle OBE Manager Vehicle OBE Operator System Usage Agreement
Vehicle OBE Operator Vehicle OBE Operates
Vehicle OBE Owner Basic Vehicle Owner Expectation of Data Provision
Vehicle OBE Owner Other Vehicle OBEs Owner Expectation of Data Provision
Vehicle OBE Owner Vehicle OBE Owns
Vehicle OBE Supplier Vehicle OBE Owner Warranty

Maintenance Stage Roles and Relationships

Physical

The physical diagram can be viewed in SVG or PNG format and the current format is SVG.
SVG Diagram
PNG Diagram


Display Legend in SVG or PNG

Includes Physical Objects:

Physical Object Class Description
Basic Vehicle Vehicle 'Basic Vehicle' represents a complete operating vehicle. It includes the vehicle platform that interfaces with and hosts ITS electronics and all of the driver convenience and entertainment systems, and other non-ITS electronics on-board the vehicle. Interfaces represent both internal on-board interfaces between ITS equipment and other vehicle systems and other passive and active external interfaces or views of the vehicle that support vehicle/traffic monitoring and management. External interfaces may also represent equipment that is carried into the vehicle (e.g., a smartphone that is brought into the vehicle). Internal interfaces are often implemented through a vehicle databus, which is also included in this object. Note that 'Vehicle' represents the general functions and interfaces that are associated with personal automobiles as well as commercial vehicles, emergency vehicles, transit vehicles, and other specialized vehicles.
Driver Vehicle The 'Driver' represents the person that operates a vehicle on the roadway. Included are operators of private, transit, commercial, and emergency vehicles where the interactions are not particular to the type of vehicle (e.g., interactions supporting vehicle safety applications). The Driver originates driver requests and receives driver information that reflects the interactions which might be useful to all drivers, regardless of vehicle classification. Information and interactions which are unique to drivers of a specific vehicle type (e.g., fleet interactions with transit, commercial, or emergency vehicle drivers) are covered by separate objects.
Other Vehicle OBEs Vehicle 'Other Vehicle OBEs' represents other connected vehicles that are communicating with the host vehicle. This includes all connected motorized vehicles including passenger cars, trucks, and motorcycles and specialty vehicles (e.g., maintenance vehicles, transit vehicles) that also include the basic 'Vehicle OBE' functionality that supports V2V communications. This object provides a source and destination for information transfers between connected vehicles. The host vehicle on-board equipment, represented by the Vehicle OBE physical object, sends information to, and receives information from the Other Vehicle OBEs to model all connected vehicle V2V communications in ARC-IT.
Vehicle OBE Vehicle The Vehicle On-Board Equipment (OBE) provides the vehicle-based sensory, processing, storage, and communications functions that support efficient, safe, and convenient travel. The Vehicle OBE includes general capabilities that apply to passenger cars, trucks, and motorcycles. Many of these capabilities (e.g., see the Vehicle Safety service packages) apply to all vehicle types including personal vehicles, commercial vehicles, emergency vehicles, transit vehicles, and maintenance vehicles. From this perspective, the Vehicle OBE includes the common interfaces and functions that apply to all motorized vehicles. The radio(s) supporting V2V and V2I communications are a key component of the Vehicle OBE. Both one-way and two-way communications options support a spectrum of information services from basic broadcast to advanced personalized information services. Route guidance capabilities assist in formulation of an optimal route and step by step guidance along the travel route. Advanced sensors, processors, enhanced driver interfaces, and actuators complement the driver information services so that, in addition to making informed mode and route selections, the driver travels these routes in a safer and more consistent manner. This physical object supports all six levels of driving automation as defined in SAE J3016. Initial collision avoidance functions provide 'vigilant co-pilot' driver warning capabilities. More advanced functions assume limited control of the vehicle to maintain lane position and safe headways. In the most advanced implementations, this Physical Object supports full automation of all aspects of the driving task, aided by communications with other vehicles in the vicinity and in coordination with supporting infrastructure subsystems.

Includes Functional Objects:

Functional Object Description Physical Object
Vehicle Basic Safety Communication 'Vehicle Basic Safety Communication' exchanges current vehicle location and motion information with other vehicles in the vicinity, uses that information to calculate vehicle paths, and warns the driver when the potential for an impending collision is detected. If available, map data is used to filter and interpret the relative location and motion of vehicles in the vicinity. Information from on-board sensors (e.g., radars and image processing) are also used, if available, in combination with the V2V communications to detect non-equipped vehicles and corroborate connected vehicle data. Vehicle location and motion broadcasts are also received by the infrastructure and used by the infrastructure to support a wide range of roadside safety and mobility applications. This object represents a broad range of implementations ranging from basic Vehicle Awareness Devices that only broadcast vehicle location and motion and provide no driver warnings to advanced integrated safety systems that may, in addition to warning the driver, provide collision warning information to support automated control functions that can support control intervention. Vehicle OBE
Vehicle Control Automation 'Vehicle Control Automation' provides lateral and/or longitudinal control of a vehicle to allow 'hands off' and/or 'feet off' driving, automating the steering, accelerator, and brake control functions. It builds on the sensors included in 'Vehicle Safety Monitoring' and 'Vehicle Control Warning' and uses the information about the area surrounding the vehicle to safely control the vehicle. It covers the range of incremental control capabilities from driver assistance systems that take over steering or acceleration/deceleration in limited scenarios with direct monitoring by the driver to full automation where all aspects of driving are automated under all roadway and environmental conditions. Vehicle OBE
Vehicle Control Warning 'Vehicle Control Warning' monitors areas around the vehicle and provides warnings to a driver so the driver can take action to recover and maintain safe control of the vehicle. It includes lateral warning systems that warn of lane departures and obstacles or vehicles to the sides of the vehicle and longitudinal warning systems that monitor areas in the vehicle path and provide warnings when headways are insufficient or obstacles are detected in front of or behind the vehicle. It includes on-board sensors, including radars and imaging systems, and the driver information system that provides the visual, audible, and/or haptic warnings to the driver. Vehicle OBE

Includes Information Flows:

Information Flow Description
driver input Driver input to the vehicle on-board equipment including configuration data, settings and preferences, interactive requests, and control commands.
driver input information Driver input received from the driver-vehicle interface equipment via the vehicle bus. It includes configuration data, settings and preferences, interactive requests, and control commands for the connected vehicle on-board equipment.
driver update information Information provided to the driver-vehicle interface to inform the driver about current conditions, potential hazards, and the current status of vehicle on-board equipment. The flow includes the information to be presented to the driver and associated metadata that supports processing, prioritization, and presentation by the DVI as visual displays, audible information and warnings, and/or haptic feedback.
driver updates Information provided to the driver including visual displays, audible information and warnings, and haptic feedback. The updates inform the driver about current conditions, potential hazards, and the current status of vehicle on-board equipment.
host vehicle status Information provided to the ITS on-board equipment from other systems on the vehicle platform. This includes the current status of the powertrain, steering, and braking systems, and status of other safety and convenience systems. In implementations where GPS is not integrated into the Vehicle On-Board Equipment, the host vehicle is also the source for data describing the vehicle's location in three dimensions (latitude, longitude, elevation) and accurate time that can be used for time synchronization across the ITS environment.
vehicle control Control commands issued to vehicle actuators that control steering, throttle, and braking and other related commands that support safe transition between manual and automated vehicle control. This flow can also deploy restraints and other safety systems when a collision is unavoidable.
vehicle control event Notification that the vehicle has performed an emergency action that could impact the safety of surrounding vehicles. This includes hard braking and activation of traction/stability control systems or other actions that warrant immediate notification of surrounding vehicles. The information flow conveys the vehicle's position, heading, speed, acceleration, transmission, steering wheel angle, braking status, size information, and trajectory.
vehicle location and motion Data describing the vehicle's position, heading, speed, acceleration, transmission, steering wheel angle, braking status, size information, and trajectory.

Goals and Objectives

Associated Planning Factors and Goals

Planning Factor Goal
B. Increase the safety of the transportation system for motorized and nonmotorized users; Achieve a significant reduction in traffic fatalities and serious injuries on all public roads

Associated Objective Categories

Objective Category
Safety: Vehicle Crashes and Fatalities

Associated Objectives and Performance Measures

Objective Performance Measure
Reduce crashes due to driver errors and limitations Number of crashes and fatalities related to driver inattention and distraction
Reduce crashes due to driver errors and limitations Number of crashes and fatalities related to driving while intoxicated
Reduce crashes due to unexpected congestion Number of crashes and fatalities related to unexpected congestion
Reduce crashes due to unsafe drivers, vehicles and cargo on the transportation system Number of crashes and fatalities due to commercial vehicle safety violations
Reduce lane departure crashes Number of crashes and fatalities related to inappropriate lane departure, crossing or merging
Reduce secondary crashes Number of secondary crashes
Reduce the number of speeding-related fatalities by X percent by year Y. Number of speeding-related fatalities
Reduce the rate fatalities in the region by X percent by year Y. Rate of fatalities (rate per vehicle miles travelled (VMT))
Reduce the rate of severe injuries in the region by X percent by year Y. Rate of serious injuries (rate per VMT)
Reduce the total number of crashes in the region by X percent by year Y. Total crashes per X VMT.
Reduce the total number of fatalities and severe injuries in the region by X percent by year Y. Total fatalities per X VMT.
Reduce the total number of fatalities and severe injuries in the region by X percent by year Y. Total severe injuries per X VMT.
Reduce the total number of fatalities in the region by X percent by year Y. Number of fatalities
Reduce the total number of severe injuries in the region by X percent by year Y. Number of serious injuries


 
Since the mapping between objectives and service packages is not always straight-forward and often situation-dependent, these mappings should only be used as a starting point. Users should do their own analysis to identify the best service packages for their region.

Needs and Requirements

Need Functional Object Requirement
01 The Connected Vehicle needs to be able to send data to and receive data from other connected vehicles in order to provide safety warnings to the driver or control actions to the vehicle. Vehicle Basic Safety Communication 01 The vehicle shall provide its location with lane-level accuracy to on-board applications.
02 The vehicle shall provide its location with road-level accuracy to on-board applications.
04 The vehicle shall calculate vehicle paths in order to determine if an impending collision is detected.
05 The vehicle shall exchange location and motion information with roadside equipment and nearby vehicles.
08 The vehicle shall determine when its host Vehicle is braking in an emergency fashion and broadcast an Emergency Electronic Brake Light (EEBL) notification.
11 The vehicle shall analyze its own applications' performance and enter fail-safe mode (a mode such that the application cannot provide information or perform actions that affect its host) when critical components fail.
12 The vehicle shall notify the driver when onboard components or safety applications are offline.
Vehicle Control Automation 03 The vehicle shall evaluate the likelihood of a collision between two vehicles or a vehicle and a stationary object, based on the proximity of other objects to the vehicle and the current speed and direction of the vehicle.
04 The Vehicle shall provide its location with lane-level accuracy to on-board applications.
05 The Vehicle shall provide its location with lane-level accuracy to on-board applications.
Vehicle Control Warning 10 The vehicle shall determine the trajectory of the host vehicle.
02 The Driver needs to be receive warnings from the vehicle in order to avoid a safety compromising situations with nearby remote vehicles. Vehicle Basic Safety Communication 07 The vehicle shall warn the driver of an Emergency Electronic Brake Light (EEBL) Event.
Vehicle Control Automation 07 The vehicle shall provide position warnings to the driver when an object gets close enough to the vehicle to become a hazard if no action is taken by the driver.
10 The vehicle shall present information to the driver in audible or visual forms without impairing the driver's ability to control the vehicle in a safe manner.
Vehicle Control Warning 03 The vehicle shall provide position warnings to the driver when an object gets close enough to the vehicle to become a hazard if no action is taken by the driver.
04 The vehicle shall present information to the driver in audible or visual forms without impairing the driver's ability to control the vehicle in a safe manner.
11 The vehicle shall determine if a crash between the host vehicle and a remote vehicle is imminent.
12 The vehicle shall determine if approaching vehicles are of type motorcycle.
13 The vehicle shall provide warnings to the driver that a motorcycle is approaching the driver's vehicle.
14 The vehicle shall acquire the current location and motion of remote vehicles to determine any slow moving vehicles which the host vehicle is approaching.
03 The Driver needs the connected vehicle to be able to perform vehicle control actions toavoid safety compromising situations with nearby remote vehicles. Vehicle Control Automation 08 The vehicle shall provide an interface through which a vehicle driver can initiate, monitor and terminate automatic control of the vehicle.
09 The vehicle shall send appropriate control actions to the vehicle's steering actuators.
12 The vehicle shall perform pre-crash actions, including seatbelt tightening, brake assist, airbag pre-arming, bumper raising/extension.

Related Sources

Document Name Version Publication Date
Vehicle Safety Communications Applications (VSC-A) Final Report Final 9/1/2011


Security

In order to participate in this service package, each physical object should meet or exceed the following security levels.

Physical Object Security
Physical Object Confidentiality Integrity Availability Security Class
Basic Vehicle
Other Vehicle OBEs Low High Moderate Class 3
Vehicle OBE Low High Moderate Class 3



In order to participate in this service package, each information flow triple should meet or exceed the following security levels.

Information Flow Security
Source Destination Information Flow Confidentiality Integrity Availability
Basis Basis Basis
Basic Vehicle Vehicle OBE driver input information Moderate High High
Internal vehicle flow that if reverse engineered could enable third party vehicle control. Largely a competitive question, could be set LOW if manufacturer and operator are not concerned with this type of compromise. Includes vehicle control commands, which must be timely and accurate to support safe vehicle operation. Includes vehicle control commands, which must be timely and accurate to support safe vehicle operation.
Basic Vehicle Vehicle OBE host vehicle status Low Moderate High
Unlikely that this includes any information that could be used against the originator. This can be MODERATE or HIGH, depending on the application: This is used later on to determine whether a vehicle is likely going to violate a red light or infringe a work zone. This needs to be correct in order for the application to work correctly. Since this monitors the health and safety of the vehicle and that information is eventually reported to the driver, it should be available at all times as it directly affects vehicle and operator safety.
Driver Vehicle OBE driver input Moderate High High
Data included in this flow may include origin and destination information, which should be protected from other's viewing as it may compromise the driver's privacy. Commands from from the driver to the vehicle must be correct or the vehicle may behave in an unpredictable and possibly unsafe manner Commands must always be able to be given or the driver has no control.
Other Vehicle OBEs Vehicle OBE vehicle control event Low Moderate Moderate
This data is intentionally transmitted to everyone via a broadcast. It can also be determined via other visual indicators. This message is an indication of a potential hazard and should not be easy to forge. False messages here may lead to confusion that causes a traffic accident. From NYC: Integrity would need to be high if there were no mitigations against bad data in incoming BSMs. In fact, there are two mitigations: plausibility checking, and misbehavior reporting plus revocation. Taking these into account we believe, with [18], that the security requirements are met by requiring an integrity level of MODERATE on these information flows. RES: Sided with NYC due to mitigation documentation. This message is an indication of a potential hazard. If it isn't received it increases the risk to other road users. If a vehicle is infringing on an intersection, it must report this. From NYC: Even moderate availability of BSMs will enable a large majority of collisions between equipped vehicles to be avoided.
Other Vehicle OBEs Vehicle OBE vehicle location and motion Not Applicable High Moderate
This data is intentionally transmitted to everyone via a broadcast. Much of its information content can also be determined via other visual indicators BSM info needs to be accurate and should not be tampered with BSM must be broadcast regularly to make data available for other vehicle OBEs, but availability cannot be guaranteed over a wireless medium
Vehicle OBE Basic Vehicle driver update information Low Moderate Moderate
This information is all presented to the vehicle operator. Encrypting this information may make it harder to reverse engineer vehicle systems, and may defeat criminal tracking tools when the vehicle has already been compromised. Unless those scenarios are of concern to the operator or manufacturer, this can safely be set LOW. Any information presented to the operator of a vehicle should be both accurate and timely. By definition this includes safety information, but given that the driver has other means of learning about most threats, it seems difficult to justify HIGH. If HIGH is warranted, it should apply to both availability and integrity. Any information presented to the operator of a vehicle should be both accurate and timely. By definition this includes safety information, but given that the driver has other means of learning about most threats, it seems difficult to justify HIGH. If HIGH is warranted, it should apply to both availability and integrity.
Vehicle OBE Basic Vehicle vehicle control Moderate High High
Internal vehicle flow that if reverse engineered could enable third party vehicle control. Largely a competitive question, could be set LOW if manufacturer and operator are not concerned with this type of compromise. Includes vehicle control commands, which must be timely and accurate to support safe vehicle operation. Includes vehicle control commands, which must be timely and accurate to support safe vehicle operation.
Vehicle OBE Driver driver updates Not Applicable Moderate Moderate
This data is informing the driver about the safety of a nearby area. It should not contain anything sensitive, and does not matter if another person can observe it. This is the information that is presented to the driver. If they receive incorrect information, they may act in an unsafe manner. However, there are other indicators that would alert them to any hazards, such as an oncoming vehicle or crossing safety lights. If this information is not made available to the driver, then the system has not operated correctly.
Vehicle OBE Other Vehicle OBEs vehicle control event Low Moderate Moderate
This data is intentionally transmitted to everyone via a broadcast. It can also be determined via other visual indicators. BSM info needs to be accurate and should not be tampered with, suggesting HIGH. From NYC: Integrity would need to be high if there were no mitigations against bad data in incoming BSMs. In fact, there are two mitigations: plausibility checking, and misbehavior reporting plus revocation. Taking these into account we believe, with [18], that the security requirements are met by requiring an integrity level of MODERATE on these information flows. RES: Sided with NYC due to mitigation documentation. BSM must be broadcast regularly to make data available for other vehicle OBEs, but cannot guarantee wireless communication
Vehicle OBE Other Vehicle OBEs vehicle location and motion Not Applicable High Moderate
This data is intentionally transmitted to everyone via a broadcast. Much of its information content can also be determined via other visual indicators BSM info needs to be accurate and should not be tampered with BSM must be broadcast regularly to make data available for other vehicle OBEs, but availability cannot be guaranteed over a wireless medium