Search

KR-20260066862-A - Method for physical security of standalone Vehicle to Everything base station

KR20260066862AKR 20260066862 AKR20260066862 AKR 20260066862AKR-20260066862-A

Abstract

A physical security system for a standalone V2X base station comprises: a first storage unit provided inside a V2X communication terminal device for a standalone V2X base station, in which general files necessary for the operation of the standalone V2X base station are stored; a second storage unit physically or software-separated from the first storage unit, in which security files necessary for the operation of the standalone V2X base station are stored; and a processor provided inside the V2X communication terminal device, in which tasks necessary for the operation of the standalone V2X base station are performed using the first storage unit and the second storage unit; wherein the first storage unit and the second storage unit are implemented as non-volatile memory.

Inventors

  • 진성근
  • 정한균

Assignees

  • 한국전자기술연구원

Dates

Publication Date
20260512
Application Date
20241105

Claims (12)

  1. A first storage unit provided inside a V2X communication terminal device for a standalone V2X base station, in which general files necessary for the operation of the standalone V2X base station are stored; A second storage unit physically or software-separated from the first storage unit, in which security files necessary for the operation of an independent V2X base station are stored; and A processor provided inside the above-mentioned V2X communication terminal device, which performs tasks necessary for the operation of an independent V2X base station by utilizing a first storage unit and a second storage unit; The first storage unit and the second storage unit are, Physical security system of a standalone V2X base station characterized by being implemented with non-volatile memory.
  2. In claim 1, The processor, A physical security system for an independent V2X base station characterized by encrypting the security file and storing it in the second storage unit when storing the security file in the second storage unit.
  3. In claim 2, The processor, A physical security system for a standalone V2X base station characterized by storing the encryption key used for encrypting the above security file in a volatile memory separately provided inside the V2X communication terminal device.
  4. In claim 3, The above-mentioned separately provided volatile memory is, A physical security system for a standalone V2X base station characterized by storing the encryption key used for encrypting the security file only while power is supplied.
  5. In claim 4, A physical security system for an independent V2X base station, characterized by further including a power supply unit provided inside the V2X communication terminal device and supplying power to the volatile memory.
  6. In claim 5, The power supply unit, A physical security system for an independent V2X base station, characterized by being equipped with a supercapacitor or battery to supply power to the volatile memory for a certain period of time even if no separate charging is performed after the initial charging.
  7. In claim 5, A physical security system for an independent V2X base station, further comprising a sensor unit installed in the V2X communication terminal device and detecting physical intrusion into the V2X communication terminal device.
  8. In claim 7, The sensor part is, A light sensor that detects light entering the interior of the V2X communication terminal device when the case of the V2X communication terminal device is damaged; and A physical security system for an independent V2X base station characterized by including a case open detection sensor that detects when the above case is forcibly opened.
  9. In claim 7, A physical security system for an independent V2X base station, characterized by further including a switch unit that controls the power supply unit to stop supplying power to the volatile memory so that the encryption key is deleted when a physical intrusion into the V2X communication terminal device is detected through the sensor unit.
  10. A step of separating a first storage unit and a second storage unit software-wise through a system provided inside a V2X communication terminal device for an independent V2X base station; The system stores general files required for the operation of a standalone V2X base station in a first storage unit, and encrypts and stores security files required for the operation of a standalone V2X base station in a second storage unit; and A physical security method for a standalone V2X base station comprising the step of the system storing the encryption key used for encrypting the security file in a volatile memory separately provided inside the V2X communication terminal device.
  11. A first storage unit provided inside a V2X communication terminal device for a standalone V2X base station, in which general files necessary for the operation of the standalone V2X base station are stored; A second storage unit physically or software-separated from the first storage unit, in which security files necessary for the operation of an independent V2X base station are stored; and A processor provided inside the above-mentioned V2X communication terminal device, which performs tasks necessary for the operation of an independent V2X base station by utilizing a first storage unit and a second storage unit; The processor, A physical security system for an independent V2X base station characterized by encrypting the security file and storing it in the second storage unit when storing the security file in the second storage unit.
  12. A system provided inside a V2X communication terminal device for a standalone V2X base station stores general files required for the operation of the standalone V2X base station in a first storage unit, and encrypts security files required for the operation of the standalone V2X base station and stores them in a second storage unit that is software-separated from the first storage unit; and The system includes the step of storing the encryption key used for encrypting the security file in a volatile memory separately provided inside the V2X communication terminal device; The system, A physical security method for an independent V2X base station, characterized by supplying power to the volatile memory, but stopping the supply of power to the volatile memory when a physical intrusion into the V2X communication terminal device is detected, thereby causing the encryption key to be deleted.

Description

Physical security method for standalone V2X base station The present invention relates to a physical security method for a communication terminal device, and more specifically, to a physical security method for a V2X communication terminal device for a standalone V2X (Vehicle to Everything) base station. C-ITS (Cooperative-Intelligent Transport Systems) is a cooperative intelligent transport system that integrates electronic control technology and advanced transportation technology into transportation means and facilities to provide traffic information and customized services. In such C-ITS systems, base stations have centralized roles, resulting in high unit costs and low utility; therefore, the installation of unmanaged, standalone V2X base stations is being considered. These unmanaged standalone V2X base stations can lead to security issues, such as hijacking and exploitation of standalone base stations not connected to infrastructure, so it is necessary to explore measures to prevent this. FIG. 1 is a drawing provided for the description of the configuration of a physical security system of an independent V2X base station according to an embodiment of the present invention. FIG. 2 is a drawing provided for the description of the first storage unit and the second storage unit illustrated in FIG. 1. FIG. 3 is a drawing provided for the description of additional configurations of a physical security system of a standalone V2X base station according to an embodiment of the present invention. FIG. 4 is a drawing provided for a more detailed configuration description of the sensor unit illustrated in FIG. 4, and FIG. 5 is a flowchart provided to describe a physical security method for an independent V2X base station according to one embodiment of the present invention. The present invention will be described in more detail below with reference to the drawings. To clearly explain the invention, parts unrelated to the description have been omitted from the drawings, and in the drawings, the width, length, thickness, etc., of the components may be exaggerated for convenience. FIG. 1 is a drawing provided for the description of the configuration of a physical security system of an independent V2X base station according to one embodiment of the present invention, and FIG. 2 is a drawing provided for the description of the first storage unit (100) and the second storage unit (200) shown in FIG. 1. The physical security system of a standalone V2X base station according to the present embodiment (hereinafter collectively referred to as the "system") is provided to prevent any user or predator from modifying and exploiting the installed standalone base station when converting an existing infrastructure-based base station to a non-infrastructure-type standalone base station. To this end, the system may be provided inside a V2X communication terminal device for a standalone V2X base station and may include a first storage unit (100), a second storage unit (200), and a processor (300). The first storage unit (100) and the second storage unit (200) may be physically separated from each other in hardware or configured as a single piece of hardware, but may be separated software-wise (e.g., partitioned) by the processor (300). In addition, the first storage unit (100) and the second storage unit (200) can be implemented as non-volatile memory. Specifically, the first storage unit (100) is provided inside a V2X communication terminal device for an independent V2X base station, and general files required for the operation of an independent V2X base station can be stored. Here, general files required for the operation of a standalone V2X base station may include boot code files, OS files, other general utility files, etc. The second storage unit (200) is physically or software-separated from the first storage unit (100) and can store security files necessary for the operation of an independent V2X base station. Security files required for the operation of a standalone V2X base station may include V2X certificate files, V2X-related library files, V2X-related utility files, etc. The processor (300) is an information processing means provided inside the V2X communication terminal device and performs tasks necessary for the operation of an independent V2X base station by utilizing the first storage unit (100) and the second storage unit (200). And the processor (300) can process software tasks to prevent any user or predator from physically intruding into the V2X communication terminal device of a standalone base station, stealing data from the V2X communication terminal device, or modifying and exploiting the V2X communication terminal device. Specifically, when the processor (300) stores a security file in the second storage unit (200), it can encrypt the security file and store it in the second storage unit (200). And at this time, the processor (300) can store the encryption key used for encrypting the security file in a volat