‹#›
September
25, 2012
Summary
1.The OBE requirements are technically
feasible, but automotive hardware for the security components is not yet available. Suppliers
estimate that the cost for the security portion is less than 20% of the total
cost for the OBE.
2.With secure hardware, the team believes that
connectivity is not required for the first three years.
After that, more frequent connectivity is likely to be required but is increasingly difficult to
estimate, since it depends upon the number of attackers and the magnitude of the
attacks.
3.Mitigations for SCMS technical risks are
well-understood from similar implementations.
SCMS costs, funding and organization are being examined in a follow-on study.
4.Privacy and tracking attacks can most likely
be addressed by using short-duration certificates.
Having the appropriate policies and procedures in place will help prevent the perception that
the system will be used for “big brother” tracking.
Concerns about the use of this system for traffic enforcement need further technical and
policy study.
Next Step:
Analyze alternative
connectivity options
Next Step: Analyze SCMS architectures and potential OEM roles