10.1.5.5: Provide Center Misbehavior Detection
This process shall support the security of connected vehicle applications running in a center or back-office environment. This process shall periodically receive a list of known misbehaving devices, applications, or system users; typically in the form of certificate revocation list (CRL). This process shall receive reports of suspicious behavior from other processes internal to the same center in which this process is running. This process shall compare the credentials used on the suspicious incoming message with list of known bad credentials. If the suspicious sender is on the list this process shall inform the other center process that it should ignore or treat as suspect any incoming data from that sender. If the suspicious sender is not on the list the information may be presented to a center operator in order to determine the course of action (ignore or flag the data or continue to process it). This process shall then send the information concerning the new misbehaving application, device, or user onto the security and credential management system for further processing.
This process is associated with the Center physical object.
This process is associated with the following application objects:
This process is associated with the following data flows:
- center_misbehavior_action - Out
- center_misbehavior_report_charactertistics - Out
- center_misbehavior_reporter_identity - Out
- center_misbehavior_suspect - In
- center_misbehavior_suspicious_message - Out
- center_misbehavior_suspicious_sender_identity - Out
- center_security_certificate_revocation_list - In
- center_security_policy_revocation_data - In