Integrated ITS may be provided by components owned by more than one organisation, and some hazards may be the result of interactions between those components. It will therefore be necessary to identify who is responsible for dealing with the consequences, both legal and technical. An ITS Architecture provides a model of the components, and their interconnections, and thus a basis for analysing these issues.
All ITS applications and services should be considered as being safety-related, until they have been shown not to be, using a process called Preliminary Safety Analysis. The safe use of ITS has three principal components:
- (Functional) System Safety – e.g. relating to design faults or system malfunctions. This is provided by including additional stages in the system development lifecycle during which the probability of a dangerous failure is reduced to an acceptable level.
- Human-Machine Interaction (HMI) – relating to usability, e.g. perception, overload, underload. A key question is how much information can be presented to a driver before it stops being a help and starts to be a distraction from the main driving task.
- Traffic Safety – all components of the traffic system working together. This relates to the direct or indirect effects of the ITS on the safety of the traffic situation.
An ITS Architecture provides a model for a safety analysis, and advice on how to approach safety issues can be found in the UTMC22 report in Other Related Reports.
Security abuse commonly includes, but is not limited to, unauthorised disclosure of information (loss of confidentiality), unauthorised modification of data (loss of integrity), and unauthorised deprivation of access to the asset (loss of availability). Users and owners of ITS must have confidence that there are countermeasures that will minimise any security risk. Whilst security is necessary for privacy, it is not sufficient.
A study of an ITS Architecture will identify where security issues need to be considered. It should also be noted that ETSI TC ITS WG5 is addressing the need for security in ITS communications.
Through their frequent use of vehicle identities, Cooperative Systems need to include the requirements for privacy right from the start of the initial designs. Care will have to be taken to ensure that the requirements of the European Privacy Directive are considered at every stage of the design process. A particular issue is that just making the identity of a vehicle “anonymous” is not always sufficient to ensure privacy in all situations.
A study of an ITS Architecture will identify where privacy issues need to be considered, in conjunction with CEN standard TR16742.