Skip to content

Stakeholder guidance

Stakeholder Groups and Their Cybersecurity Focus Areas

1. Decision-Makers

Who they are:
Government officials, regulatory agencies, and executives shaping ITS strategies.

Key cybersecurity concerns: - Establishing national and regional cybersecurity policies for ITS.

  • Allocating funding for cybersecurity in transportation projects.

  • Defining compliance requirements for ITS cybersecurity frameworks.

  • Ensuring alignment with international cybersecurity standards (ISO, IEEE, ETSI, etc.).

Guidance provided:
- Risk-based approaches to cybersecurity policy development.

  • Investment strategies for security infrastructure.

  • Balancing security with usability and operational continuity.

Click here for more details

2. Standards Developers

Who they are:
Organizations, industry consortia, and research institutions responsible for defining ITS security standards.

Key cybersecurity concerns: - Ensuring ITS security standards are globally interoperable.

  • Harmonizing regional and international security policies.

  • Addressing emerging threats and adapting to evolving cybersecurity risks.

  • Ensuring cryptographic agility and secure lifecycle management.

Guidance provided:
- Best practices for standardizing ITS security mechanisms.

  • Ensuring alignment with ISO, IEEE 1609.2, ETSI TS 103 097, and other frameworks.

  • Developing security controls for future ITS applications.

Click here for more details

3. Implementers

Who they are:
Vehicle manufacturers, infrastructure operators, ITS service providers, and technology vendors.

Key cybersecurity concerns: - Securing the configuration of ITS devices such as Onboard Units (OBUs), Roadside Units (RSUs), and backend infrastructure.

  • Managing digital certificates and cryptographic keys (IEEE 1609.2, X.509).

  • Preventing cyber threats such as spoofing, denial-of-service (DoS), and unauthorized access.

  • Ensuring compliance with cybersecurity policies in real-world deployments.

Guidance provided:

  • Implementation strategies for secure ITS deployments.

  • Threat modeling and risk management approaches for V2X communications.

  • Security best practices for device management and lifecycle security.

Click here for more details

Although we have provided guidance for specific stakeholders, ITS cybersecurity is a shared responsibility. All stakeholders should align towards a comprehensive cybersecurity strategy and architectural approach.