Best Practices for Deploying Devices Integrated with Secure Credential Management Systems (SCMS)

The CV Pilot programs have been at the forefront of deploying devices integrated with an SCMS and have identified best practices for integrating devices with an operational SCMS. These best practices are based on the experiences of the CV Pilots programs; however, they are broadly applicable to any organization deploying CV devices. These are best practices are also applicable to both onboard unit and roadside unit deployments.

Background

The SCMS is a public key infrastructure (PKI) system that provides credentials and certificates to CV devices to enable trusted communications. CV devices, such as onboard units (OBU) in vehicles and roadside units (RSU) within the infrastructure will sign their messages with the certificates received from the SCMS. When other devices receive these messages, they can validate those signatures and ensure they are coming from a trusted source so that applications within the device can act on those messages. An OBU will validate messages from other OBUs to ensure they can provide safety of live warnings such as forward collision warnings. RSUs will validate signal request messages from vehicles such as buses to enable transit signal priority applications. The SCMS provides the backend systems for OBUs and RSUs to request and download certificates over the devices lifetimes, as these certificates are typically only valid for one week increments and need to be updated over time. Additional resources on SCMS can be found at: https://www.its.dot.gov/resources/scms.htm

The CV Pilot programs were some of the first deployments to utilize devices fully connected to the SCMS. The goals of this effort were to demonstrate that the key concepts of the SCMS were feasible and that there were SCMS providers capable of meeting the certificate needs of deployed CV devices. Although successful, the integration of the CV Pilots devices with the SCMS have generated several best practices for deployment agencies, CV device vendors and SCMS providers. The following are the most recent best practices from the CV Pilot deployments.

  • Best Practice 1: Conduct Development and Testing of CV Devices with the SCMS Preproduction Environment. The SCMS vendor provides a Preproduction environment for device development and testing and a Production environment, which should only be used for operationally deployed devices. The Preproduction environment is functionally identical to the Production environment and devices will utilize the same requests and interfaces when interacting with it. The Preproduction Environment provides additional error codes and logging that can help troubleshoot issues that devices may have in development and testing. The Production environment removes many of the error codes and logging to reduce security risks and maintain anonymity for users, making it more difficult to troubleshoot specific problems with a device’s requests to the SCMS.
  • Best Practice 2: Ensure Devices are Tested Against Service Specific Profiles (SSPs) and Are Not Using Default Scripts and Configurations. As shown in Issue 4 above, the use of default or example scripts or configurations may cause issues in operation deployments. Devices should ensure that they are using the scripts and configurations that are proper for their specific deployment environment. Additionally, each CV application has its’ own SSP, which defines the privileges of specific user certificates as well as different validity checks that a specific message may require. These can all be tied to pseudonym and/or application certificates and should be a part of the devices testing before they are deployed operationally.
  • Best Practice 3: Consider Observing SCMS Manager Meetings. Deployment agencies should consider becoming an Observer at SCMS Manager Meetings or reviewing the notes from those meetings on a regular basis. The SCMS Manager meets monthly and at these meetings, they plan for new SCMS policies, procedures, and features. This can be a valuable forum for deployment agencies to voice their needs and help ensure that the SCMS policies and procedures meet their operational processes and goals.