Journal of Physics: Conference Series

PAPER • OPEN ACCESS You may also like

- Network Security Risk Assessment Based
Design of Network Security Protection System for on Node Correlation
Zengguang Wang, Yu Lu and Jindong Li
Internet of Vehicles under Electric Internet of - Design and Development of GreedLea
Routing Protocol for Internet of Vehicle
Things Background (IoV)
Normaliza Omar, Naimah Yaakob, Zulkifli
Husin et al.
To cite this article: Xueer Wang and Min Jin 2022 J. Phys.: Conf. Ser. 2224 012085
- A rapid review of influential factors and
appraised solutions on organ delineation
uncertainties reduction in radiotherapy
Sogand Sadeghi, Zahra Siavashpour,
Alireza Vafaei Sadr et al.
View the article online for updates and enhancements.

This content was downloaded from IP address 199.244.57.150 on 10/12/2022 at 18:22

ISAIC-2021 IOP Publishing
Journal of Physics: Conference Series 2224 (2022) 012085 doi:10.1088/1742-6596/2224/1/012085

Design of Network Security Protection System for Internet of

Vehicles under Electric Internet of Things Background

Xueer Wang, Min Jin

State Grid Chongqing Information & Tele communion Company, 20 North Qingfeng
St., Block D Fenghuang, Chongqing, China
Email: [email protected]

Abstract. At present, China's Internet of Vehicles (IoV) industry is booming and constantly
promoting the society to the intelligent era. However, the development of network technology
not only brings the opportunity of technology promotion for the IoV, but also brings new
network security risks. Therefore, it is urgent to further strengthen the construction of the
protection system for the IoV. Based on the original architecture of the IoV, this paper first
analyses the security risks of the terminal layer, the network layer, the platform layer and the
application layer under the background of the electric internet of things. According to the new
security threats faced by the four layers of the IoV, the network security protection system is
constructed, which strictly follows the overall information security protection strategy of the
State Grid Corporation of China and the new requirements of “network security level
protection 2.0”. Deepening the construction of the intelligent defence system of the IoV would
be significant for the development of coordinated network security and the IoV, and would
continuously improve the protection ability of the IoV.

1. Introduction
The Internet of Vehicles (IoV) is an industry-specific application of the electric internet of things (IoT)
in intelligent transportation [1-3]. The role of IoV is to realize the all-around network interconnection
between vehicles, power grid and cloud platform, which can enhance the intelligent level and
autonomous driving ability of vehicles and improve traffic efficiency and driving feeling [4-6]. At
present, China has completed the test demonstration areas of IoV basically covering urban roads, rural
roads and other scenes. The United States, the European Union and Japan respectively issued a series
of documents in order to promote the development of local IoV.
While IoV inherits and innovates the traditional Internet technology, the security problems of the
traditional Internet still exist in IoV [7]. In addition, with the construction of IoT, more and more
terminals and applications have been incorporated into IoV, which has brought new threats to the
security of IoV. Therefore, IoV has become a key attack object of various hacker organizations and
illegal groups. These attackers exploit various security holes in IoV to launch malicious attacks and
steal information, which may bring serious economic losses to enterprises and individuals [8-10].
At present, the establishment of the security protection system of IoV is still in an initial stage [11].
The United States, the European Union and Japan have developed the corresponding security
framework of IoV. However, these security protection frameworks are all based on the traditional
Internet technology, without considering the new threats to IoV caused by the IoT construction.
China's Internet of Vehicles platform has formed basic safety protection norms in the early
construction and applied process. However, there are still deficiencies in safety monitoring and

Content from this work may be used under the terms of the Creative Commons Attribution 3.0 licence. Any further distribution
of this work must maintain attribution to the author(s) and the title of the work, journal citation and DOI.
Published under licence by IOP Publishing Ltd 1
ISAIC-2021 IOP Publishing
Journal of Physics: Conference Series 2224 (2022) 012085 doi:10.1088/1742-6596/2224/1/012085

network access management means, which have brought great challenges to the overall management,
strict regulation and operation maintenance of the IoV.
To guarantee the safe and reliable operation of IoV and promote the construction of the security
protection system, this paper firstly analyses the security threats faced by IoV according to the
terminal layer, network layer, platform layer and application layer respectively, and focuses on the
new threats under the background of the IoT. Then, on the basis of the requirements of Level
Protection of Information Systems 2.0, the security protection system is designed to deal with the
threats at all layers of IoV. This study has an important guiding significance for improving the safety
and reliability of the IoT and ensuring the future development of the IoV.

2. Architecture of IoV
The architecture of IoV is composed of terminal layer, network layer, platform layer and application
layer [12, 13].
The terminal layer is responsible for collecting and acquiring intelligent information of vehicles
and perceiving driving state and environment, etc.. Equipment of the terminal layer include on-board
devices and roadside facilities. On-board devices include car body sensors and electronic identification
devices installed on vehicles, etc., which are responsible for communication with other on-board
devices, user devices, roadside devices and application layer systems. Roadside facilities include
intelligent charging stations, roadside units, card readers, traffic facilities, etc., which are responsible
for charging vehicles, collecting and analysing traffic information, and providing traffic information,
business information and entertainment information to on-board devices.
The network layer is responsible for the interconnection of vehicle-to-IoV platform, vehicle-to-
vehicle, vehicle-to-road, vehicle-to-application, including public telecommunication network, Internet,
short-range wireless communication, industry private network, etc., to realize the effective
transmission of data.
The platform layer is responsible for the asset management, operation and maintenance, charging
services of the infrastructure of IoV, and also the aggregation, calculation, monitoring and
management of information from various terminals, vehicles and users. The platform layer is the data
center and management center of IoV. The platform layer is connected with the system of external
units to realize the information interconnection of charging pile, vehicle rental, third-party payment
and other services between platforms.
The application layer mainly includes the applications of extranet server, mobile terminal and IoT
terminal. Extranet server application provides the business personnel with asset management,
operation and maintenance, sorting and settlement, and other services. Mobile terminal application
provides charging, car renting, charging pile operation and maintenance for social users and internal
employees of the grid. On the other hand, the IoT terminal application provides users with car
charging and charging card payment service.

3. Security Risk Analysis for IoV under Electric IoT Background

In this section, according to the existing deficiencies in the security architecture of IoV, the security
threat analysis is carried out. The main security threats that remain at all layers of IoV are as follows.

3.1. Security Threats in the Terminal Layer

In the environment of electric IoV, the risks of intelligent resource terminals such as charging piles,
station-level terminals, data collectors and on-board sensing devices of the IoV still exist [14]. At the
same time, a large number of computing and storage limited terminals are connected to the IoV
through the IoT, which brings new security risks. The main threats of IoV from the terminal layer are
as follows:
(1) Risk of terminal data theft: Intelligent vehicles contain various types of sensor devices, storage
modules, smart cards, etc., which store a variety of sensitive data of vehicles or owners. Such data is

2
ISAIC-2021 IOP Publishing
Journal of Physics: Conference Series 2224 (2022) 012085 doi:10.1088/1742-6596/2224/1/012085

easy to be illegally collected by attackers, and there are risks such as user privacy leakage and
unauthorized interaction.
(2) Risk of malicious exploitation of terminal vulnerabilities: with the deep integration of the
electric IoV and IoT, attackers can exploit vulnerabilities of the IoV terminal as a springboard to
attack the state grid, illegally obtain or tamper with electricity production data, and further break
through the professional protection to launch a global attack, which can cause huge economic losses
and social impact.
(3) Risk of terminal identity counterfeited: A large number of terminals with limited computing and
storage resources are connected to IoV. The current identity authentication system is mainly aimed at
intelligent terminals such as charging piles and station-level terminals, which cannot fully cover the
terminals poor performance. Meanwhile, it is difficult for safety monitoring measures to fully cover
with the terminals of IoV. There is a risk of identity counterfeiting and failure to discover terminal
hidden dangers in time.
(4) Risk of terminals manipulated physically: charging piles, station-level terminals, on-board
terminals and other devices are usually deployed in unsupervised or uncontrollable environments, and
attackers are easy to physically contact the devices to destroy and replace hardware and software.

3.2. Security Threats in Network Layer

The main threats to IoV from the network layer are as follows:(1) Risk of illegal network access: on
the one hand, attackers can affect the normal state of the vehicle or directly control the vehicle by
tampering or forging attack signals into the vehicle to inject attack instructions, threatening the
personal and property safety of users. On the other hand, the number of nodes is huge and which exist
in a cluster mode. The attacker can use the controlled nodes to send malicious packets to the network
and launch charging pile denial-of-service attack, resulting in network congestion, paralysis and
service interruption. (2) Risk of channel transmission: information is transmitted through wireless link
(Wi-Fi, Bluetooth, 5G, dedicated short-range communication technology and bus network, etc.). Due
to the vulnerability and unreliability of wireless link, there are security threats such as illegal
tampering of information, data loss, replay attack, and wireless eavesdropping. (3) Network boundary
security threat: the horizontal interaction demand is prominent in IoT business, which leads to the
network region boundaries more blurred. The security boundary is constantly expanding and difficult
to define. The original isolation based on IoV protection system is difficult to meet the IoT demand.

3.3. Security Threats in Platform Layer

The main threats to IoV from the platform layer are as follows: (1) Platform access security risk:
Attackers can fake user identity, bypassing the interface authentication and authority control at the
boundary between Internet, public network, and platform, carrying out illegal and unauthorized access
to IoV, and stealing user information and privacy. (2) Platform data storage security risk: all kinds of
data of IoV system are uniformly managed by the platform. Due to the data concentration, the
platform is the prime target for hackers. Once platform is invaded, data leakage, system business
control and other security problems will happen. In addition, the platform data damage caused by
disasters will also cause serious social and economic impacts. (3) Platform data interaction security
risk: There are complex data interaction scenarios between the IoV platform and external systems,
these data interaction behaviours may be intercepted and eavesdropped by attackers, and then the data
may be interfered, destroyed, or tampered with.

3.4. Security Threats in Application Layer

The main threats to IoV from the application layer are as follows:(1) Application vulnerability risk:
Attackers can exploit the vulnerabilities of the application itself, such as the open application
programming interface in IoT, to acquire the sensitive data in bulk, with consuming system resources,
and carrying out illegal control and unauthorized access. (2) Application host system vulnerability risk:

3
ISAIC-2021 IOP Publishing
Journal of Physics: Conference Series 2224 (2022) 012085 doi:10.1088/1742-6596/2224/1/012085

Attackers can also exploit the vulnerabilities in the application host system, bypass the existing system
security policies, and illegally obtain business information and permissions.

4. Design of Network Security Protection System for IoV under Electric IoT Background
According to the security threats at all layers of IoV, the overall strategy of information security
protection of State Grid Corporation of China, GB/T25070-2019 and GB/T22239-2019[15,16], The
security protection system of the IoV is designed from the perspectives of terminal security, network
security, platform security and application security, as shown in figure 1.

Design of Network Security Protection System for IoV under Electric IoT Background

Terminal Layer Network layer Platform layer Application layer

Security Security Security Security

Platform Connectivity Security

Cloud Platform Security

IoT terminal Application

Situational Awareness
Dynamic Monitoring

Mobile Application
Server Application
Channel Security
General Security

Access Security
Border Security
Trusted Access
Data Security

Host Security

Data Security

Figure 1. Design of Network Security Protection System for IoV under Electric IoT Background.

4.1. Terminal Layer

(1) General security: Charging piles should be selected as terminal equipment that has passed the
quality inspection of the approved testing institutions, mainly including physical and environmental
security, network and communication security, equipment and computing security, and application and
data security. Specific security protection requirements and measures refer to "Safety Protection Plan
for Internet of Vehicles Platform of Electric Vehicles" drawn by State Grid Corporation of China.
(2) Data security: Charging pile data transmission and data storage security need to be conformed
to the three levels of data protection requirements: The secret algorithm should be adopted to ensure
confidentiality and integrity of data transmission and storage. The reliability measures should be
adopted to ensure the safe storage of the key. The security of charging pile needs to be regularly
scanned and reinforced. In addition, third-party security tool should be used to enhance the security of
the charging pile system.
(3) Trusted access: The charging pile with safe and trusted chip and operating system should be
used to ensure the identity and data security of the terminal. For some charging piles that cannot be
equipped with hardware-trusted chips, edge IoT agents should be deployed to achieve unified and
secure access. A unified trusted software stack supporting interface should be provided for specific
upper layer applications, which can realize the consistent access control mechanism of application
kernel layer.
(4) According to the relevant requirements of "Case Collection of Industrial Internet Typical
Security Solutions" drawn by the Ministry of Industry and Information Technology of China, the TCU
key and SIM card of the charging pile should be uniformly managed, and the TCU port, process and
other objects should be dynamically monitored.

4
ISAIC-2021 IOP Publishing
Journal of Physics: Conference Series 2224 (2022) 012085 doi:10.1088/1742-6596/2224/1/012085

4.2. Network Layer

4.2.1. Channel Security. The network channel of IoV is divided into Internet channel and IoT channel,
which adopts dual-link redundancy structure. The processing capacity of the main network equipment
should meet the demands in peak hours. The different subnet and network segment should be divided
according to the business and data importance.
(1) Internet channel: The HTTPS protocol should be used to provide initialization authentication
and encrypted communication channels. When important business systems interact through Internet
channels, VPN channels need to be used to ensure the security of data transmission.
(2) IoT channel: The IoT channel should adopt the operator's wireless APN/VPN private network.
At the same time, the information network security access gateway should be deployed to realize the
data transmission encryption of the IoT channel.

4.2.2. Boundary Security. The network boundary of IoV should possess security protection capabilities
such as network access control, network intrusion prevention, and security audit.
(1) Network access control: Firewalls should be deployed and port-level access control should be
enabled at the boundary between the Intranet and the Internet. When charging pile is connecting to the
Intranet, the safe access gateway needs to be used to realize data exchange between IoV and charging
pile.
(2) Network Intrusion Prevention: Boundary security protection equipment such as WAF, IPS, anti-
DDoS attack and attack traceability should be deployed on the boundary between the Intranet and the
Internet according to the actual demand. Network attacks should be monitored and recorded at the
boundary between the Intranet and the Internet, and intrusion incidents need to be alerted or blocked
(3) Security audit: The log audit should be deployed between the Intranet and the Internet to
centrally save, audit, and analyze the network traffic.

4.2.3. Access Security. Information network security access gateway, IDS, IPS and other devices
should be deployed to realize data encryption, terminal authentication, log audit, traffic analysis and
other functions in the security access region.
Part of the existing charging piles could not be safely modified, which are connected to the Intranet
through the edge IoT agent device. The security requirements of the edge IoT agent device are as
follows.
(1) When the edge IoT Agent directly access the Intranet ， it should conduct two-way
authentication and transmission encryption with the security access gateway of the information
network.
(2) Edge IoT agent should be integrated with hardware security chip or software cryptographic
module for data and transmission encryption.
(3) The Edge IoT Agent should be able to digitally sign and verify important program codes such
as its own application, firmware, vulnerability patch, as well as important operations such as
configuration parameters and control instructions. The Edge IoT Agent should support remote security
upgrades and version security updates, and possess a fallback function when the upgrade fails.
(4) The Edge IoT Agent should have built-in safety monitoring function and support software-
defined safety policy and automatic linkage disposal.
(5) The edge IoT agent should possess the ability to access and manage IoT terminals (including
field acquisition components, non-intelligent business terminals and intelligent business terminals)
(6) The Edge IoT Agent should realize physical security protection according to the requirements
of “network security level protection 2.0”. Device debugging interface (USB/JTAG/SWD interface,
etc.) should be closed to prevent the reverse engineering of software and hardware.

5
ISAIC-2021 IOP Publishing
Journal of Physics: Conference Series 2224 (2022) 012085 doi:10.1088/1742-6596/2224/1/012085

4.3. Platform Layer

4.3.1. Host Security. The host security of IoV mainly involves operating system security and database
security.
(1) Operating system security
It should be identified and authenticated when Users log into the operating system. The operating
system should follow the principle of minimum permissions, install necessary components and
applications only, and update the system patches in time. Host operating system log auditing should be
enabled. Install mainstream antivirus software and keep it updated. Perform regular security
vulnerability scanning and reinforcement for the operating system. Set the host access mode, network
address range and other conditions to restrict the host login.
(2) Database security
The database system should enable access control function in order to regulate the user's access to
resources according to the security policy. Change the default database account and password in time
to limit its access rights. According to the principle of separation of permissions, the database only
grants the minimum permissions required by the administrative user. Make regular data backups. The
unified database security audit equipment should be used to realize the database log recording and
audit functions. Periodic security vulnerability scanning and reinforcement of the database are
necessary.

4.3.2. Data Security. Data security is mainly aimed at the platform's sensitive data (user account data,
business data, operation data, system configuration management data, etc.) in the process of
transmission and storage of tampering, data leakage and other risks for security protection. The
sensitive data should be stored in encryption.

4.3.3. Cloud Platform Security. Security checks should be carried out on the data flow between the
virtual machines of the cloud platform to ensure security between the virtual machines. Different
modules within the cloud platform should be connected through virtual security protection devices
such as virtual firewall and virtual Intrusion Detection System (IDS) to prevent intruders from
carrying out east-west network attacks. The cloud host should provide snapshot-based fast data backup
and recovery capabilities.

4.3.4. Platform Connectivity security. The IoV platform is connected with the system of external units
to realize the interconnection of charging pile information, vehicle rental information, third-party
payment and other services between platforms.
(1) The IoV platform should formulate access control policies at the boundary between the Internet
and the Intranet, and the system interface should be tested for security.
(2) When the IoV platform interacts with the external system for data, desensitization data should
be used, and HTTPS or VPN mode should be adopted to realize data transmission encryption and
integrity verification.

4.4. Application Layer

IoV includes extranet servers, mobile clients and IoT terminal business applications. This section
focuses on strengthening the security protection of external network server applications, mobile
applications and IoT terminal applications, and completing the design of security situation awareness.

4.4.1. Server Application. The server applications of IoV include the IoV management platform and
merchant platform, which adopts the micro service structure and provides asset management,
operation and maintenance, settlement, and other services for business personnel.
(1) The server side of the IoV should realize security functions such as identity authentication,
access control, business audit, residual information protection, communication integrity,

6
ISAIC-2021 IOP Publishing
Journal of Physics: Conference Series 2224 (2022) 012085 doi:10.1088/1742-6596/2224/1/012085

communication confidentiality, anti-repudiation, software fault tolerance, configuration management,

session management, resource control and so on.
(2) The server of the IoV should unify the login entry and use the certificate and password for
authentication. The certificate should be issued by the CA certification system to realize the whole life
cycle process management of the certificate.

4.4.2. Mobile Application. Mobile applications provide charging service, car rental service and
charging pile operation and maintenance service for social users and internal employees.
Mobile applications need to realize security functions such as identity authentication, password
policy, session management, software fault tolerance, application management, component security,
API (Application Programming Interface) security, permission management, input and output, security
reinforcement, data storage and so on.

4.4.3. IoT Terminal Applications. The IoT terminal application of the IoV is the charging pile
application, which provides users with charging service and charging card payment service.
(1) The IoV should realize real-time monitoring and alarm of the application port and process of
charging piles, and carry out vulnerability scanning and safety reinforcement for the operating system
of charging piles.
(2) The application data of charging pile should adopt the unified encryption algorithm, and
encrypt with ESAM chip.
(3) Charging cards should be CPU (Central Processing Unit) type cards according to "China
Financial Integrated Circuit (IC) Card Specification" (JR/T0025-2005) standard.
(4) The charging pile should be generated by hardware with asymmetric key, the public key should
be issued by digital certificate, and the private key should be stored in the hardware encryption card.
Symmetric keys should be generated through session negotiation and updated periodically

4.4.4. Situational Awareness. Electric vehicle situational awareness platform should be deployed to
realize the unified management of safety asset management and safety technology probe strategy,
monitoring of network, terminal, and station running state, as well as safety alarm and joint disposal
(1) Asset monitoring: The synchronous matching of electric vehicle safety asset data should be
supported through the asset synchronous interface to strengthen the correlation mapping between
assets and business, and the asset information is presented intuitively through topology and other
methods to facilitate the management of operation and maintenance personnel.
(2) network flow: the flow probe should be monitored by topology and other methods.
(3) Perceptual layer monitoring: secure and trusted technology should be carried out to built-in
security chip and installed security operating system. Dynamic measurement of kernel code, key data
structure and application code in the running system can ensure the monitoring of the running code of
the system. Through real-time monitoring of charging pile operation condition, charging pile online
condition, charging pile certification and admission-related conditions, the safety risk level should be
evaluated and abnormal status of charging pile should be tracked. Mobile application should integrate
the mobile security monitoring SDK （Software Development Kit） to realize security monitoring.
(4) Security situation awareness: Through monitoring the overall threat situation, vulnerability state,
operation state and abnormal behavior, the security situation should be presented from the perspective
of business, reflecting the overall security risk level and protection weak points of IoV system.
(5) Joint operation: The security alarm should be handled through Joint operation or work order
process to cut off the intrusion of threat source in time, and the disposal progress and results are
tracked to form a closed-loop management

5. Conclusion
The construction of the electric Internet of Things (IoT) has brought many new threats to the Internet
of Vehicles (IoV). This paper discussed the security problems existing in the security architecture of

7
ISAIC-2021 IOP Publishing
Journal of Physics: Conference Series 2224 (2022) 012085 doi:10.1088/1742-6596/2224/1/012085

the current IoV, and analyzed the new threats faced by IoV under the background of IoT development.
Based on the current security protection status and risk analysis of the existing IoV business, the
security protection system is designed for the terminal layer, network layer, platform layer and
application layer respectively by fully referring to the requirements of level protection 2.0 and
considering the security protection requirements of IoV, which has important guiding significance for
the security protection construction of IoV.

References
[1] Sheng X Chen H Wan M Gu G Liu Z and Wang X 2021 Journal of Physics: IOP
Conference Series 1 1828
[2] Feng Y 2020 International Conference on Advance in Ambient Computing and Intelligence
(ICAACI) pp 185-188
[3] Ni F Wei J and Shen 2018 IEEE 3rd Advanced Information Technology, Electronic and
Automation Control Conference (IAEAC) pp 532-535
[4] Zhang W and Xi X 2016 China Communications 13 5 pp 122-127
[5] Wu W Yang Z and Li K 2016 Internet of Things (Morgan Kaufmann) pp 299-317
[6] Yang F Wang S Li J Liu Z and Sun Q 2014 China Communications 11 10, pp 1-15
[7] Wang J Wang C Deng H Huang H and Li L 2020 International Conference on Information,
Cybernetics, and Computational Social Systems (ICCSS) pp. 650-654
[8] Sun Y 2017 Annals of Telecommunications pp 283-295.
[9] Contreras-Castillo J Zeadally S and Guerrero-Ibañez J 2017 IEEE Internet of Things Journal
5 5 pp 3701-3709
[10] Sun Y 2015 International Conference on Identification, Information, and Knowledge in the
Internet of Things (IIKI) pp 116-121
[11] Sharma S and Kaushik B 2019 Vehicular Communications 20 100182.
[12] Lee C and Fumagalli A 2019 IEEE 5th World Forum on Internet of Things (WF-IoT) pp. 24-28
[13] Zhai Z Jia L Wang Y Ma Y Jing W and Zhang Z 2019 IEEE 3rd Conference on Energy Internet
and Energy System Integration (EI2) pp. 435-439
[14] Singh S and Singh N 2015 International Conference on Green Computing and Internet of
Things (ICGCIoT) pp. 1577-1581
[15] GB/T 25070 2019 Information security technology — Technical requirements of security
design for classified protection of cybersecurity
[16] GB/T 22239 2019 Information security technology — Baseline for classified protection of
cybersecurity