10.1.5.7: Provide Vehicle Misbehavior Detection
This process shall support the security of connected vehicle applications running in or on vehicle based onboard equipment (OBE). This process shall periodically receive a list of known misbehaving devices, applications, or system users; typically in the form of certificate revocation list (CRL). This process shall receive reports of suspicious behavior from other processes internal to the same device in which this process is running. This process shall compare the credentials used on the suspicious incoming message with the list of known bad credentials. If the suspicious sender is on the list this process shall inform the other process that it should ignore or treat as suspect any incoming data from that sender. If the suspicious sender is not on the list the information this process shall then send the information concerning the new misbehaving application, device, or user onto the security and credential management system for further processing. (there may need to be a decision on what to do locally even if the suspected id isn't on the CRL - you may still want to ignore it).
This process is associated with the Vehicle OBE physical object.
This process is associated with the following application objects:
This process is associated with the following data flows:
- vehicle_misbehavior_action - Out
- vehicle_misbehavior_report_characteristics - Out
- vehicle_misbehavior_reporter_identity - Out
- vehicle_misbehavior_suspect - In
- vehicle_misbehavior_suspicious_message - Out
- vehicle_misbehavior_suspicious_sender_identity - Out
- vehicle_security_certificate_revocation_list - In
- vehicle_security_policy_revocation_data - In