VANET Applications Use-Cases

VANET communications (V2V and V2I) can be used for dozens of potential applications
with highly diverse requirements. Below we identify the most representative VANET
applications and analyze their requirements through use-cases.

1. Assist driver with signage

1.1. Traffic Signal/Stop Sign/Rail Crossing Violation
Warning
Use Case Traffic Signal/Stop Sign Violation Warning
Goal Warn the driver that he/she is about to violate a traffic signal prescribing a
stop (red light, flashing red light, stop sign, rail road crossing etc.).
Preconditions 1 .Traffic light/Stop sign/RRC (an instance of infrastructure) is equipped
with DSRC devices capable to communicate their location, status, and
timing
2. Traffic light/Stop sign/RRC (an instance of infrastructure)
communication system is operational (up and running)
3. Vehicle communication system, computing devices and information
processing units are operational
4. Communication link between the traffic light/stop sign/RRC can be
established
Involved pieces of information source of components
components information
(any logical Traffic signal status Traffic light Controller circuitry with
components both and timing controller parameters such as
h/w and s/w 1. Type (e.g. 3-state, 4-state,
involved in dedicated permissive or
application protective)
implementation 2. Signal phases, their
sequence and duration of
cycles (phases φ1 − φ1 can
be used to determine the
directions controlled with
respect to the vehicle
heading)

3. splits, gaps, offsets and

their characteristics
 (normally 4 cycles, 4 splits
and 3 offsets define all
possible plans of operation)
4. Time-of-Day or Traffic
Responsive Settings
5. Preemption capability and
schedule (e.g. smooth,
dwell, add only, etc.)
Traffic signal or stop Traffic light GPS location of the
sign stopping location controller intersection controlled by a
traffic light controller
Distance from the car vehicle GPS + sensors + software
to the stopping capable of calculating
location and the estimated time to the sign given
vehicle’s direction its GPS coordinates and data
from the sensors (speed,
acceleration, heading)
Type of road surface vehicle Either vehicle sensors (how
bumpy the road is) or digital
map (if detailed enough to
include this information)
Weather conditions vehicle Either vehicle sensors (wipers
activity, traction control,
outside thermometer, etc.); if
not available/reliable, weather
information can be
updated/requested by an
application via DSRC
Type of brakes and vehicle Read-only data sitting on the
their characteristics bus; readily available and not
(sensitivity) requiring computation
Participants 1. Traffic light controller (circuitry controlling the intersection, i.e.
not individual light plates)
2. Vehicle
a. Has preemption authority (ambulance, fire truck, police
car)
b. Regular vehicle
Success End 3. Warning is issued to the driver
Condition 4. Warning is aborted (only in case of traffic light):
a. if calculations indicate the distance is safe provided that
the traffic light is about to change to green
b. if established that it was the “wrong” traffic light
(perpendicular to the heading of the vehicle, down below
the bridge, etc.)
Failed End Warning is not issued to the driver
Condition 1. Communication failure
a. communication dropped
b. message cannot be processed
c. message cannot be verified or there is a property violation
(cannot verify it was sent by a stop sign etc.)
 2. Sensor failure/ambiguous data
a. location (GPS), speed, acceleration, heading
3. Software failure
a. unable to complete computation
b. unable to complete computation within time constraints
4. Other
Trigger A beacon broadcasted from the traffic light/stop sign/RRC is received
within the communication range.
Operation 1. When within communications range, a car receives a beacon
description broadcasted from the infrastructure signage (traffic signal, stop
sign, or RRC).
2. Upon receipt, this information is processed for relevance (distance
and heading) and validity (authentication and property check).
3. Calculations are carried out to estimate braking distance given
information received from the infrastructure, collected from the
sensors and GPS.
4. If estimating location of a complete stop is ahead (based on
vehicle heading) of the stopping point broadcasted by the traffic
sign/stop sign and the timing of the traffic sign indicates it will be
orange/red when the vehicle will be crossing the stopping point, a
warning message is issued.
5. Otherwise the warning is aborted
Safety relation Not safety related Safety x Safety x
relevant critical
In-car system
Driver Involvement
Communication C2C C2I x I2C x
One-way x Two-way x
Unicast x Broadcast x
Timing Timing constraints 1 sec Periodically sent x

Security
Requirements
Authentication ID required Location required Property required
Integrity Required
Confidentiality Not required
Privacy ID required Location Not required Other??
Auditability Required
Threats
Motivation Joke, harm
Target Vehicle safety
Attacker’s skill Low - high
Technical effort Wireless access to car or road side unit, manipulate sensors, disable traffic
signs

The following communication patterns are anticipated for this application:

Case 1: Asynchronous
broadcast from a stationary traffic light controller
vehicle
(intersection)
node (traffic light controller) to
all mobile nodes (vehicles) in the
transmission range within the broadcast message
intersection controlled by a (location, phase, cycle, etc.)
traffic light controller. The
information broadcasted will
include minimal amount of fail
information sufficient for authenticate

determination of vehicle
stopping distance such as GPS discard
coordinates, current cycle, cycle pass
length, phasing, etc.)
determine irrelevant
relevance
Advisory decision is not solely
based on the traffic light current
cycle in the direction coinciding
relevant
with the vehicle heading (i.e.
“green light” might not be
verify fail
enough). Stopping distance and
integrity
time are calculated based on the
vehicle sensor values (weight,
acceleration, position) adjusted pass
for weather conditions (wind,
road surface). If the current cycle
determine if
is “go”, the stopping time will be no
need to
compared to the duration of the advise to
stop
current cycle to assert the cycle
will not change to “stop” without
yes
allowing enough time for the
vehicle to come to a complete
stop. If the current cycle is
issue
“stop”, the stopping distance will warning
be compared to the distance to
the intersection (or prescribed
location to stop)
Case 2: Synchronous unicast
priveleged traffic light controller
from/to a stationary node (traffic vehicle (intersection)
light controller) to a privileged
mobile node in case of
request
preemption is needed. In this preemption
case, the normal traffic light request right of the way message
cycle is suspended and replaced
by the preemption sequence fail
authenticate
supported by the traffic light
controller (smooth, dwell, add pass
only) followed by resumption of log for audit discard
the normal traffic light cycle. It
should be noted that the latest irrelevant determine
relevance
regulations prohibit ‘all red”
cycle for preemption. relevant
fail

Preemption procedures are fail trigger

internally handled by the preemption
controller circuit logic(e.g. how
much time is allocated per phase succeed
in preemption mode, split
distribution, delay and response issue ACK
time are defined out of the scope
of this application).
preemption success message

Priority of preemption (two or

more distinct emergency succeed
issue success/
trigger
authenticate proceed with
vehicles are approaching the causion message rebroadcast

intersection) might or might not

be handled by the traffic light message broadcast as defined in case 1
controller and may need to be
handled separately (proximity
based).

Irrespectively of whether or not

an emergency vehicle cleared the
intersection, the traffic light
controller will exit preemption
mode unconditionally after
preemption sequence is complete
(even thought preemption
requests are queued, upon
completion of the preemption
phase, the normal regime of
operation is always enforced
prior to handling the next
request).

Security requirements for the above communication patterns include:

1. authenticity of the received messages including assertion of certain attributes and
rights (make sure that a message indeed comes from a traffic light or an
authorized emergency response vehicle)
2. anonymity (make sure that identities of the communicating parties are not
disclosed).
3. integrity (make sure replay attacks are prevented)