idnits 2.17.1 draft-ietf-ipwave-vehicular-networking-21.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (30 August 2021) is 967 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- ** Obsolete normative reference: RFC 4941 (Obsoleted by RFC 8981) == Outdated reference: A later version (-38) exists of draft-ietf-lisp-rfc6830bis-36 == Outdated reference: A later version (-74) exists of draft-templin-6man-omni-41 == Outdated reference: A later version (-15) exists of draft-thubert-6man-ipv6-over-wireless-09 Summary: 1 error (**), 0 flaws (~~), 4 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 IPWAVE Working Group J. Jeong, Ed. 3 Internet-Draft Sungkyunkwan University 4 Intended status: Informational 30 August 2021 5 Expires: 3 March 2022 7 IPv6 Wireless Access in Vehicular Environments (IPWAVE): Problem 8 Statement and Use Cases 9 draft-ietf-ipwave-vehicular-networking-21 11 Abstract 13 This document discusses the problem statement and use cases of 14 IPv6-based vehicular networking for Intelligent Transportation 15 Systems (ITS). The main scenarios of vehicular communications are 16 vehicle-to-vehicle (V2V), vehicle-to-infrastructure (V2I), and 17 vehicle-to-everything (V2X) communications. First, this document 18 explains use cases using V2V, V2I, and V2X networking. Next, for 19 IPv6-based vehicular networks, it makes a gap analysis of current 20 IPv6 protocols (e.g., IPv6 Neighbor Discovery, Mobility Management, 21 and Security & Privacy), and then enumerates requirements for the 22 extensions of those IPv6 protocols for IPv6-based vehicular 23 networking. 25 Status of This Memo 27 This Internet-Draft is submitted in full conformance with the 28 provisions of BCP 78 and BCP 79. 30 Internet-Drafts are working documents of the Internet Engineering 31 Task Force (IETF). Note that other groups may also distribute 32 working documents as Internet-Drafts. The list of current Internet- 33 Drafts is at https://datatracker.ietf.org/drafts/current/. 35 Internet-Drafts are draft documents valid for a maximum of six months 36 and may be updated, replaced, or obsoleted by other documents at any 37 time. It is inappropriate to use Internet-Drafts as reference 38 material or to cite them other than as "work in progress." 40 This Internet-Draft will expire on 3 March 2022. 42 Copyright Notice 44 Copyright (c) 2021 IETF Trust and the persons identified as the 45 document authors. All rights reserved. 47 This document is subject to BCP 78 and the IETF Trust's Legal 48 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 49 license-info) in effect on the date of publication of this document. 50 Please review these documents carefully, as they describe your rights 51 and restrictions with respect to this document. Code Components 52 extracted from this document must include Simplified BSD License text 53 as described in Section 4.e of the Trust Legal Provisions and are 54 provided without warranty as described in the Simplified BSD License. 56 Table of Contents 58 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 59 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 60 3. Use Cases . . . . . . . . . . . . . . . . . . . . . . . . . . 7 61 3.1. V2V . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 62 3.2. V2I . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 63 3.3. V2X . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 64 4. Vehicular Networks . . . . . . . . . . . . . . . . . . . . . 12 65 4.1. Vehicular Network Architecture . . . . . . . . . . . . . 14 66 4.2. V2I-based Internetworking . . . . . . . . . . . . . . . . 15 67 4.3. V2V-based Internetworking . . . . . . . . . . . . . . . . 18 68 5. Problem Statement . . . . . . . . . . . . . . . . . . . . . . 22 69 5.1. Neighbor Discovery . . . . . . . . . . . . . . . . . . . 23 70 5.1.1. Link Model . . . . . . . . . . . . . . . . . . . . . 25 71 5.1.2. MAC Address Pseudonym . . . . . . . . . . . . . . . . 27 72 5.1.3. Routing . . . . . . . . . . . . . . . . . . . . . . . 27 73 5.2. Mobility Management . . . . . . . . . . . . . . . . . . . 28 74 6. Security Considerations . . . . . . . . . . . . . . . . . . . 30 75 6.1. Security Threats in Neighbor Discovery . . . . . . . . . 31 76 6.2. Security Threats in Mobility Management . . . . . . . . . 33 77 6.3. Other Threats . . . . . . . . . . . . . . . . . . . . . . 33 78 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 34 79 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 34 80 8.1. Normative References . . . . . . . . . . . . . . . . . . 34 81 8.2. Informative References . . . . . . . . . . . . . . . . . 39 82 Appendix A. Support of Multiple Radio Technologies for V2V . . . 44 83 Appendix B. Support of Multihop V2X Networking . . . . . . . . . 45 84 Appendix C. Support of Mobility Management for V2I . . . . . . . 45 85 Appendix D. Acknowledgments . . . . . . . . . . . . . . . . . . 46 86 Appendix E. Contributors . . . . . . . . . . . . . . . . . . . . 47 87 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 48 89 1. Introduction 91 Vehicular networking studies have mainly focused on improving safety 92 and efficiency, and also enabling entertainment in vehicular 93 networks. The Federal Communications Commission (FCC) in the US 94 allocated wireless channels for Dedicated Short-Range Communications 95 (DSRC) [DSRC] in the Intelligent Transportation Systems (ITS) with 96 the frequency band of 5.850 - 5.925 GHz (i.e., 5.9 GHz band). DSRC- 97 based wireless communications can support vehicle-to-vehicle (V2V), 98 vehicle-to-infrastructure (V2I), and vehicle-to-everything (V2X) 99 networking. The European Union (EU) allocated radio spectrum for 100 safety-related and non-safety-related applications of ITS with the 101 frequency band of 5.875 - 5.905 GHz, as part of the Commission 102 Decision 2008/671/EC [EU-2008-671-EC]. 104 For direct inter-vehicular wireless connectivity, IEEE has amended 105 standard 802.11 (commonly known as Wi-Fi) to enable safe driving 106 services based on DSRC for the Wireless Access in Vehicular 107 Environments (WAVE) system. The Physical Layer (L1) and Data Link 108 Layer (L2) issues are addressed in IEEE 802.11p [IEEE-802.11p] for 109 the PHY and MAC of the DSRC, while IEEE 1609.2 [WAVE-1609.2] covers 110 security aspects, IEEE 1609.3 [WAVE-1609.3] defines related services 111 at network and transport layers, and IEEE 1609.4 [WAVE-1609.4] 112 specifies the multi-channel operation. IEEE 802.11p was first a 113 separate amendment, but was later rolled into the base 802.11 114 standard (IEEE 802.11-2012) as IEEE 802.11 Outside the Context of a 115 Basic Service Set (OCB) in 2012 [IEEE-802.11-OCB]. 117 3GPP has standardized Cellular Vehicle-to-Everything (C-V2X) 118 communications to support V2X in LTE mobile networks (called LTE V2X) 119 and V2X in 5G mobile networks (called 5G V2X) [TS-23.285-3GPP] 120 [TR-22.886-3GPP][TS-23.287-3GPP]. With C-V2X, vehicles can directly 121 communicate with each other without relay nodes (e.g., eNodeB in LTE 122 and gNodeB in 5G). 124 Along with these WAVE standards and C-V2X standards, regardless of a 125 wireless access technology under the IP stack of a vehicle, vehicular 126 networks can operate IP mobility with IPv6 [RFC8200] and Mobile IPv6 127 protocols (e.g., Mobile IPv6 (MIPv6) [RFC6275], Proxy MIPv6 (PMIPv6) 128 [RFC5213], Distributed Mobility Management (DMM) [RFC7333], Network 129 Mobility (NEMO) [RFC3963], Locator/ID Separation Protocol (LISP) 130 [RFC6830BIS], and Asymmetric Extended Route Optimization (AERO) 131 [RFC6706BIS]). In addition, ISO has approved a standard specifying 132 the IPv6 network protocols and services to be used for Communications 133 Access for Land Mobiles (CALM) [ISO-ITS-IPv6][ISO-ITS-IPv6-AMD1]. 135 This document describes use cases and a problem statement about 136 IPv6-based vehicular networking for ITS, which is named IPv6 Wireless 137 Access in Vehicular Environments (IPWAVE). First, it introduces the 138 use cases for using V2V, V2I, and V2X networking in ITS. Next, for 139 IPv6-based vehicular networks, it makes a gap analysis of current 140 IPv6 protocols (e.g., IPv6 Neighbor Discovery, Mobility Management, 141 and Security & Privacy), and then enumerates requirements for the 142 extensions of those IPv6 protocols, which are tailored to IPv6-based 143 vehicular networking. Thus, this document is intended to motivate 144 development of key protocols for IPWAVE. 146 2. Terminology 148 This document uses the terminology described in [RFC8691]. In 149 addition, the following terms are defined below: 151 * Class-Based Safety Plan: A vehicle can make a safety plan by 152 classifying the surrounding vehicles into different groups for 153 safety purposes according to the geometrical relationship among 154 them. The vehicle groups can be classified as Line-of-Sight 155 Unsafe, Non-Line-of-Sight Unsafe, and Safe groups [CASD]. 157 * Context-Awareness: A vehicle can be aware of spatial-temporal 158 mobility information (e.g., position, speed, direction, and 159 acceleration/deceleration) of surrounding vehicles for both safety 160 and non-safety uses through sensing or communication [CASD]. 162 * DMM: "Distributed Mobility Management" [RFC7333][RFC7429]. 164 * Edge Computing (EC): It is the local computing near an access 165 network (i.e., edge network) for the sake of vehicles and 166 pedestrians. 168 * Edge Computing Device (ECD): It is a computing device (or server) 169 for edge computing for the sake of vehicles and pedestrians. 171 * Edge Network (EN): It is an access network that has an IP-RSU for 172 wireless communication with other vehicles having an IP-OBU and 173 wired communication with other network devices (e.g., routers, IP- 174 RSUs, ECDs, servers, and MA). It may have a Global Positioning 175 System (GPS) radio receiver for its position recognition and the 176 localization service for the sake of vehicles. 178 * IP-OBU: "Internet Protocol On-Board Unit": An IP-OBU denotes a 179 computer situated in a vehicle (e.g., car, bicycle, autobike, 180 motor cycle, and a similar one) and a device (e.g., smartphone and 181 IoT device). It has at least one IP interface that runs in IEEE 182 802.11-OCB and has an "OBU" transceiver. Also, it may have an IP 183 interface that runs in Cellular V2X (C-V2X) [TS-23.285-3GPP] 184 [TR-22.886-3GPP][TS-23.287-3GPP]. It can play a role of a router 185 connecting multiple computers (or in-vehicle devices) inside a 186 vehicle. See the definition of the term "OBU" in [RFC8691]. 188 * IP-RSU: "IP Roadside Unit": An IP-RSU is situated along the road. 189 It has at least two distinct IP-enabled interfaces. The wireless 190 PHY/MAC layer of at least one of its IP-enabled interfaces is 191 configured to operate in 802.11-OCB mode. An IP-RSU communicates 192 with the IP-OBU over an 802.11 wireless link operating in OCB 193 mode. Also, it may have an IP interface that runs in C-V2X along 194 with an "RSU" transceiver. An IP-RSU is similar to an Access 195 Network Router (ANR), defined in [RFC3753], and a Wireless 196 Termination Point (WTP), defined in [RFC5415]. See the definition 197 of the term "RSU" in [RFC8691]. 199 * LiDAR: "Light Detection and Ranging". It is a scanning device to 200 measure a distance to an object by emitting pulsed laser light and 201 measuring the reflected pulsed light. 203 * Mobility Anchor (MA): A node that maintains IPv6 addresses and 204 mobility information of vehicles in a road network to support 205 their IPv6 address autoconfiguration and mobility management with 206 a binding table. An MA has End-to-End (E2E) connections (e.g., 207 tunnels) with IP-RSUs under its control for the address 208 autoconfiguration and mobility management of the vehicles. This 209 MA is similar to a Local Mobility Anchor (LMA) in PMIPv6 [RFC5213] 210 for network-based mobility management. 212 * OCB: "Outside the Context of a Basic Service Set - BSS". It is a 213 mode of operation in which a Station (STA) is not a member of a 214 BSS and does not utilize IEEE Std 802.11 authentication, 215 association, or data confidentiality [IEEE-802.11-OCB]. 217 * 802.11-OCB: It refers to the mode specified in IEEE Std 218 802.11-2016 [IEEE-802.11-OCB] when the MIB attribute 219 dot11OCBActivited is 'true'. 221 * Platooning: Moving vehicles can be grouped together to reduce air- 222 resistance for energy efficiency and reduce the number of drivers 223 such that only the leading vehicle has a driver, and the other 224 vehicles are autonomous vehicles without a driver and closely 225 follow the leading vehicle [Truck-Platooning]. 227 * Traffic Control Center (TCC): A system that manages road 228 infrastructure nodes (e.g., IP-RSUs, MAs, traffic signals, and 229 loop detectors), and also maintains vehicular traffic statistics 230 (e.g., average vehicle speed and vehicle inter-arrival time per 231 road segment) and vehicle information (e.g., a vehicle's 232 identifier, position, direction, speed, and trajectory as a 233 navigation path). TCC is part of a vehicular cloud for vehicular 234 networks. 236 * Vehicle: A Vehicle in this document is a node that has an IP-OBU 237 for wireless communication with other vehicles and IP-RSUs. It 238 has a GPS radio navigation receiver for efficient navigation. Any 239 device having an IP-OBU and a GPS receiver (e.g., smartphone and 240 tablet PC) can be regarded as a vehicle in this document. 242 * Vehicular Ad Hoc Network (VANET): A network that consists of 243 vehicles interconnected by wireless communication. Two vehicles 244 in a VANET can communicate with each other using other vehicles as 245 relays even where they are out of one-hop wireless communication 246 range. 248 * Vehicular Cloud: A cloud infrastructure for vehicular networks, 249 having compute nodes, storage nodes, and network forwarding 250 elements (e.g., switch and router). 252 * V2D: "Vehicle to Device". It is the wireless communication 253 between a vehicle and a device (e.g., smartphone and IoT device). 255 * V2I2D: "Vehicle to Infrastructure to Device". It is the wireless 256 communication between a vehicle and a device (e.g., smartphone and 257 IoT device) via an infrastructure node (e.g., IP-RSU). 259 * V2I2V: "Vehicle to Infrastructure to Vehicle". It is the wireless 260 communication between a vehicle and another vehicle via an 261 infrastructure node (e.g., IP-RSU). 263 * V2I2X: "Vehicle to Infrastructure to Everything". It is the 264 wireless communication between a vehicle and another entity (e.g., 265 vehicle, smartphone, and IoT device) via an infrastructure node 266 (e.g., IP-RSU). 268 * V2X: "Vehicle to Everything". It is the wireless communication 269 between a vehicle and any entity (e.g., vehicle, infrastructure 270 node, smartphone, and IoT device), including V2V, V2I, and V2D. 272 * VIP: "Vehicular Internet Protocol". It is an IPv6 extension for 273 vehicular networks including V2V, V2I, and V2X. 275 * VMM: "Vehicular Mobility Management". It is an IPv6-based 276 mobility management for vehicular networks. 278 * VND: "Vehicular Neighbor Discovery". It is an IPv6 ND extension 279 for vehicular networks. 281 * VSP: "Vehicular Security and Privacy". It is an IPv6-based 282 security and privacy for vehicular networks. 284 * WAVE: "Wireless Access in Vehicular Environments" [WAVE-1609.0]. 286 3. Use Cases 288 This section explains use cases of V2V, V2I, and V2X networking. The 289 use cases of the V2X networking exclude the ones of the V2V and V2I 290 networking, but include Vehicle-to-Pedestrian (V2P) and Vehicle-to- 291 Device (V2D). 293 IP is widely used among popular end-user devices (e.g., smartphone 294 and tablet) in the Internet. Applications (e.g., navigator 295 application) for those devices can be extended such that the V2V use 296 cases in this section can work with IPv6 as a network layer protocol 297 and IEEE 802.11-OCB as a link layer protocol. In addition, IPv6 298 security needs to be extended to support those V2V use cases in a 299 safe, secure, privacy-preserving way. 301 The use cases presented in this section serve as the description and 302 motivation for the need to extend IPv6 and its protocols to 303 facilitate "Vehicular IPv6". Section 5 summarizes the overall 304 problem statement and IPv6 requirements. Note that the adjective 305 "Vehicular" in this document is used to represent extensions of 306 existing protocols such as IPv6 Neighbor Discovery, IPv6 Mobility 307 Management (e.g., PMIPv6 [RFC5213] and DMM [RFC7429]), and IPv6 308 Security and Privacy Mechanisms rather than new "vehicular-specific" 309 functions. 311 3.1. V2V 313 The use cases of V2V networking discussed in this section include 315 * Context-aware navigation for safe driving and collision avoidance; 317 * Cooperative adaptive cruise control in a roadway; 319 * Platooning in a highway; 321 * Cooperative environment sensing; 323 * Collision avoidance service of end systems of Urban Air Mobility 324 (UAM) [UAM-ITS]. 326 These five techniques will be important elements for autonomous 327 vehicles, which may be either terrestrial vehicles or UAM end 328 systems. 330 Context-Aware Safety Driving (CASD) navigator [CASD] can help drivers 331 to drive safely by alerting them to dangerous obstacles and 332 situations. That is, a CASD navigator displays obstacles or 333 neighboring vehicles relevant to possible collisions in real-time 334 through V2V networking. CASD provides vehicles with a class-based 335 automatic safety action plan, which considers three situations, 336 namely, the Line-of-Sight unsafe, Non-Line-of-Sight unsafe, and safe 337 situations. This action plan can be put into action among multiple 338 vehicles using V2V networking. 340 Cooperative Adaptive Cruise Control (CACC) [CA-Cruise-Control] helps 341 individual vehicles to adapt their speed autonomously through V2V 342 communication among vehicles according to the mobility of their 343 predecessor and successor vehicles in an urban roadway or a highway. 344 Thus, CACC can help adjacent vehicles to efficiently adjust their 345 speed in an interactive way through V2V networking in order to avoid 346 a collision. 348 Platooning [Truck-Platooning] allows a series (or group) of vehicles 349 (e.g., trucks) to follow each other very closely. Trucks can use V2V 350 communication in addition to forward sensors in order to maintain 351 constant clearance between two consecutive vehicles at very short 352 gaps (from 3 meters to 10 meters). Platooning can maximize the 353 throughput of vehicular traffic in a highway and reduce the gas 354 consumption because the leading vehicle can help the following 355 vehicles to experience less air resistance. 357 Cooperative-environment-sensing use cases suggest that vehicles can 358 share environmental information (e.g., air pollution, hazards/ 359 obstacles, slippery areas by snow or rain, road accidents, traffic 360 congestion, and driving behaviors of neighboring vehicles) from 361 various vehicle-mounted sensors, such as radars, LiDARs, and cameras, 362 with other vehicles and pedestrians. [Automotive-Sensing] introduces 363 millimeter-wave vehicular communication for massive automotive 364 sensing. A lot of data can be generated by those sensors, and these 365 data typically need to be routed to different destinations. In 366 addition, from the perspective of driverless vehicles, it is expected 367 that driverless vehicles can be mixed with driver-operated vehicles. 368 Through cooperative environment sensing, driver-operated vehicles can 369 use environmental information sensed by driverless vehicles for 370 better interaction with the other vehicles and environment. Vehicles 371 can also share their intended maneuvering information (e.g., lane 372 change, speed change, ramp in-and-out, cut-in, and abrupt braking) 373 with neighboring vehicles. Thus, this information sharing can help 374 the vehicles behave as more efficient traffic flows and minimize 375 unnecessary acceleration and deceleration to achieve the best ride 376 comfort. 378 A collision avoidance service of UAM end systems in air can be 379 envisioned as a use case in air vehicular environments. This use 380 case is similar to the context-aware navigator for terrestrial 381 vehicles. Through V2V coordination, those UAM end systems (e.g., 382 drones) can avoid a dangerous situation (e.g., collision) in three- 383 dimensional space rather than two-dimensional space for terrestrial 384 vehicles. Also, UAM end systems (e.g., flying car) with only a few 385 meters off the ground can communicate with terrestrial vehicles with 386 wireless communication technologies (e.g., DSRC, LTE, and C-V2X). 387 Thus, V2V means any vehicle to any vehicle, whether the vehicles are 388 ground-level or not. 390 To encourage more vehicles to participate in this cooperative 391 environmental sensing, a reward system will be needed. Sensing 392 activities of each vehicle need to be logged in either a central way 393 through a logging server (e.g., TCC) in the vehicular cloud or a 394 distributed way (e.g., blockchain [Bitcoin]) through other vehicles 395 or infrastructure. In the case of a blockchain, each sensing message 396 from a vehicle can be treated as a transaction and the neighboring 397 vehicles can play the role of peers in a consensus method of a 398 blockchain [Bitcoin][Vehicular-BlockChain]. 400 To support applications of these V2V use cases, the required 401 functions of IPv6 include IPv6-based packet exchange and secure, safe 402 communication between two vehicles. For the support of V2V under 403 multiple radio technologies (e.g., DSRC and 5G V2X), refer to 404 Appendix A. 406 3.2. V2I 408 The use cases of V2I networking discussed in this section include 410 * Navigation service; 412 * Energy-efficient speed recommendation service; 414 * Accident notification service; 416 * Electric vehicle (EV) charging service; 418 * UAM navigation service with efficient battery charging. 420 A navigation service, for example, the Self-Adaptive Interactive 421 Navigation Tool(SAINT) [SAINT], using V2I networking interacts with a 422 TCC for the large-scale/long-range road traffic optimization and can 423 guide individual vehicles along appropriate navigation paths in real 424 time. The enhanced version of SAINT [SAINTplus] can give fast moving 425 paths to emergency vehicles (e.g., ambulance and fire engine) to let 426 them reach an accident spot while redirecting other vehicles near the 427 accident spot into efficient detour paths. 429 Either a TCC or an ECD can recommend an energy-efficient speed to a 430 vehicle that depends on its traffic environment and traffic signal 431 scheduling [SignalGuru]. For example, when a vehicle approaches an 432 intersection area and a red traffic light for the vehicle becomes 433 turned on, it needs to reduce its speed to save fuel consumption. In 434 this case, either a TCC or an ECD, which has the up-to-date 435 trajectory of the vehicle and the traffic light schedule, can notify 436 the vehicle of an appropriate speed for fuel efficiency. 437 [Fuel-Efficient] studies fuel-efficient route and speed plans for 438 platooned trucks. 440 The emergency communication between accident vehicles (or emergency 441 vehicles) and a TCC can be performed via either IP-RSU or 4G-LTE 442 networks. The First Responder Network Authority (FirstNet) 443 [FirstNet] is provided by the US government to establish, operate, 444 and maintain an interoperable public safety broadband network for 445 safety and security network services, e.g., emergency calls. The 446 construction of the nationwide FirstNet network requires each state 447 in the US to have a Radio Access Network (RAN) that will connect to 448 the FirstNet's network core. The current RAN is mainly constructed 449 using 4G-LTE for the communication between a vehicle and an 450 infrastructure node (i.e., V2I) [FirstNet-Report], but it is expected 451 that DSRC-based vehicular networks [DSRC] will be available for V2I 452 and V2V in the near future. 454 An EV charging service with V2I can facilitate the efficient battery 455 charging of EVs. In the case where an EV charging station is 456 connected to an IP-RSU, an EV can be guided toward the deck of the EV 457 charging station through a battery charging server connected to the 458 IP-RSU. In addition to this EV charging service, other value-added 459 services (e.g., air firmware/software update and media streaming) can 460 be provided to an EV while it is charging its battery at the EV 461 charging station. 463 A UAM navigation service with efficient battery charging can plan the 464 battery charging schedule of UAM end systems (e.g., drone) for long- 465 distance flying [CBDN]. For this battery charging schedule, a UAM 466 end system can communicate with an infrastructure node (e.g., IP-RSU) 467 toward a cloud server via V2I communications. This cloud server can 468 coordinate the battery charging schedules of multiple UAM end systems 469 for their efficient navigation path, considering flight time from 470 their current position to a battery charging station, waiting time in 471 a waiting queue at the station, and battery charging time at the 472 station. 474 The existing IPv6 protocol must be augmented through protocol changes 475 in order to support wireless multihop V2I communications in a highway 476 where RSUs are sparsely deployed, so a vehicle can reach the wireless 477 coverage of an RSU through the multihop data forwarding of 478 intermediate vehicles. Thus, IPv6 needs to be extended for multihop 479 V2I communications. 481 To support applications of these V2I use cases, the required 482 functions of IPv6 include IPv6-based packet exchange, transport-layer 483 session continuity, and secure, safe communication between a vehicle 484 and an infrastructure node (e.g., IP-RSU) in the vehicular network. 486 3.3. V2X 488 The use case of V2X networking discussed in this section is for a 489 pedestrian protection service. 491 A pedestrian protection service, such as Safety-Aware Navigation 492 Application (SANA) [SANA], using V2I2P networking can reduce the 493 collision of a vehicle and a pedestrian carrying a smartphone 494 equipped with a network device for wireless communication (e.g., Wi- 495 Fi) with an IP-RSU. Vehicles and pedestrians can also communicate 496 with each other via an IP-RSU. An edge computing device behind the 497 IP-RSU can collect the mobility information from vehicles and 498 pedestrians, compute wireless communication scheduling for the sake 499 of them. This scheduling can save the battery of each pedestrian's 500 smartphone by allowing it to work in sleeping mode before the 501 communication with vehicles, considering their mobility. 503 For Vehicle-to-Pedestrian (V2P), a vehicle can directly communicate 504 with a pedestrian's smartphone by V2X without IP-RSU relaying. 505 Light-weight mobile nodes such as bicycles may also communicate 506 directly with a vehicle for collision avoidance using V2V. 508 The existing IPv6 protocol must be augmented through protocol changes 509 in order to support wireless multihop V2X or V2I2X communications in 510 an urban road network where RSUs are deployed at intersections, so a 511 vehicle (or a pedestrian's smartphone) can reach the wireless 512 coverage of an RSU through the multihop data forwarding of 513 intermediate vehicles (or pedestrians' smartphones) as packet 514 forwarders. Thus, IPv6 needs to be extended for multihop V2X or 515 V2I2X communications. 517 To support applications of these V2X use cases, the required 518 functions of IPv6 include IPv6-based packet exchange, transport-layer 519 session continuity, and secure, safe communication between a vehicle 520 and a pedestrian either directly or indirectly via an IP-RSU. 522 4. Vehicular Networks 524 This section describes the context for vehicular networks supporting 525 V2V, V2I, and V2X communications. It describes an internal network 526 within a vehicle or an edge network (called EN). It explains not 527 only the internetworking between the internal networks of a vehicle 528 and an EN via wireless links, but also the internetworking between 529 the internal networks of two vehicles via wireless links. 531 Traffic Control Center in Vehicular Cloud 532 ******************************************* 533 +-------------+ * * 534 |Corresponding| * +-----------------+ * 535 | Node |<->* | Mobility Anchor | * 536 +-------------+ * +-----------------+ * 537 * ^ * 538 * | * 539 * v * 540 ******************************************* 541 ^ ^ ^ 542 | | | 543 | | | 544 v v v 545 +---------+ +---------+ +---------+ 546 | IP-RSU1 |<--------->| IP-RSU2 |<--------->| IP-RSU3 | 547 +---------+ +---------+ +---------+ 548 ^ ^ ^ 549 : : : 550 +-----------------+ +-----------------+ +-----------------+ 551 | : V2I | | : V2I | | : V2I | 552 | v | | v | | v | 553 +--------+ | +--------+ | | +--------+ | | +--------+ | 554 |Vehicle1|===> |Vehicle2|===>| | |Vehicle3|===>| | |Vehicle4|===>| 555 +--------+<...>+--------+<........>+--------+ | | +--------+ | 556 V2V ^ V2V ^ | | ^ | 557 | : V2V | | : V2V | | : V2V | 558 | v | | v | | v | 559 | +--------+ | | +--------+ | | +--------+ | 560 | |Vehicle5|===> | | |Vehicle6|===>| | |Vehicle7|==>| 561 | +--------+ | | +--------+ | | +--------+ | 562 +-----------------+ +-----------------+ +-----------------+ 563 Subnet1 Subnet2 Subnet3 564 (Prefix1) (Prefix2) (Prefix3) 566 <----> Wired Link <....> Wireless Link ===> Moving Direction 568 Figure 1: An Example Vehicular Network Architecture for V2I and V2V 570 4.1. Vehicular Network Architecture 572 Figure 1 shows an example vehicular network architecture for V2I and 573 V2V in a road network. The vehicular network architecture contains 574 vehicles (including IP-OBU), IP-RSUs, Mobility Anchor, Traffic 575 Control Center, and Vehicular Cloud as components. These components 576 are not mandatory, and they can be deployed into vehicular networks 577 in various ways. Some of them (e.g., Mobility Anchor, Traffic 578 Control Center, and Vehicular Cloud) may not be needed for the 579 vehicular networks according to target use cases in Section 3. 581 Existing network architectures, such as the network architectures of 582 PMIPv6 [RFC5213], RPL (IPv6 Routing Protocol for Low-Power and Lossy 583 Networks) [RFC6550], and OMNI (Overlay Multilink Network Interface) 584 [OMNI], can be extended to a vehicular network architecture for 585 multihop V2V, V2I, and V2X, as shown in Figure 1. Refer to 586 Appendix B for the detailed discussion on multihop V2X networking by 587 RPL and OMNI. 589 As shown in this figure, IP-RSUs as routers and vehicles with IP-OBU 590 have wireless media interfaces for VANET. Furthermore, the wireless 591 media interfaces are autoconfigured with a global IPv6 prefix (e.g., 592 2001:DB8:1:1::/64) to support both V2V and V2I networking. Note that 593 2001:DB8::/32 is a documentation prefix [RFC3849] for example 594 prefixes in this document, and also that any routable IPv6 address 595 needs to be routable in a VANET and a vehicular network including IP- 596 RSUs. 598 In Figure 1, three IP-RSUs (IP-RSU1, IP-RSU2, and IP-RSU3) are 599 deployed in the road network and are connected with each other 600 through the wired networks (e.g., Ethernet). A Traffic Control 601 Center (TCC) is connected to the Vehicular Cloud for the management 602 of IP-RSUs and vehicles in the road network. A Mobility Anchor (MA) 603 may be located in the TCC as a mobility management controller. 604 Vehicle2, Vehicle3, and Vehicle4 are wirelessly connected to IP-RSU1, 605 IP-RSU2, and IP-RSU3, respectively. The three wireless networks of 606 IP-RSU1, IP-RSU2, and IP-RSU3 can belong to three different subnets 607 (i.e., Subnet1, Subnet2, and Subnet3), respectively. Those three 608 subnets use three different prefixes (i.e., Prefix1, Prefix2, and 609 Prefix3). 611 Multiple vehicles under the coverage of an RSU share a prefix just as 612 mobile nodes share a prefix of a Wi-Fi access point in a wireless 613 LAN. This is a natural characteristic in infrastructure-based 614 wireless networks. For example, in Figure 1, two vehicles (i.e., 615 Vehicle2, and Vehicle5) can use Prefix 1 to configure their IPv6 616 global addresses for V2I communication. Alternatively, mobile nodes 617 can employ a "Bring-Your-Own-Addresses (BYOA)" technique using their 618 own IPv6 Unique Local Addresses (ULAs) [RFC4193] over the wireless 619 network, which does not require the messaging (e.g., Duplicate 620 Address Detection (DAD)) of IPv6 Stateless Address Autoconfiguration 621 (SLAAC) [RFC4862]. 623 In wireless subnets in vehicular networks (e.g., Subnet1 and Subnet2 624 in Figure 1), vehicles can construct a connected VANET (with an 625 arbitrary graph topology) and can communicate with each other via V2V 626 communication. Vehicle1 can communicate with Vehicle2 via V2V 627 communication, and Vehicle2 can communicate with Vehicle3 via V2V 628 communication because they are within the wireless communication 629 range of each other. On the other hand, Vehicle3 can communicate 630 with Vehicle4 via the vehicular infrastructure (i.e., IP-RSU2 and IP- 631 RSU3) by employing V2I (i.e., V2I2V) communication because they are 632 not within the wireless communication range of each other. 634 As a basic definition for IPv6 packets transported over IEEE 635 802.11-OCB, [RFC8691] specifies several details, including Maximum 636 Transmission Unit (MTU), frame format, link-local address, address 637 mapping for unicast and multicast, stateless autoconfiguration, and 638 subnet structure. 640 An IPv6 mobility solution is needed for the guarantee of 641 communication continuity in vehicular networks so that a vehicle's 642 TCP session can be continued, or UDP packets can be delivered to a 643 vehicle as a destination without loss while it moves from an IP-RSU's 644 wireless coverage to another IP-RSU's wireless coverage. In 645 Figure 1, assuming that Vehicle2 has a TCP session (or a UDP session) 646 with a corresponding node in the vehicular cloud, Vehicle2 can move 647 from IP-RSU1's wireless coverage to IP-RSU2's wireless coverage. In 648 this case, a handover for Vehicle2 needs to be performed by either a 649 host-based mobility management scheme (e.g., MIPv6 [RFC6275]) or a 650 network-based mobility management scheme (e.g., PMIPv6 [RFC5213] and 651 AERO [RFC6706BIS]). This document describes issues in mobility 652 management for vehicular networks in Section 5.2. 654 4.2. V2I-based Internetworking 656 This section discusses the internetworking between a vehicle's 657 internal network (i.e., moving network) and an EN's internal network 658 (i.e., fixed network) via V2I communication. The internal network of 659 a vehicle is nowadays constructed with Ethernet by many automotive 660 vendors [In-Car-Network]. Note that an EN can accommodate multiple 661 routers (or switches) and servers (e.g., ECDs, navigation server, and 662 DNS server) in its internal network. 664 A vehicle's internal network often uses Ethernet to interconnect 665 Electronic Control Units (ECUs) in the vehicle. The internal network 666 can support Wi-Fi and Bluetooth to accommodate a driver's and 667 passenger's mobile devices (e.g., smartphone or tablet). The network 668 topology and subnetting depend on each vendor's network configuration 669 for a vehicle and an EN. It is reasonable to consider the 670 interaction between the internal network and an external network 671 within another vehicle or an EN. 673 +-----------------+ 674 (*)<........>(*) +----->| Vehicular Cloud | 675 (2001:DB8:1:1::/64) | | | +-----------------+ 676 +------------------------------+ +---------------------------------+ 677 | v | | v v | 678 | +-------+ +-------+ | | +-------+ +-------+ | 679 | | Host1 | |IP-OBU1| | | |IP-RSU1| | Host3 | | 680 | +-------+ +-------+ | | +-------+ +-------+ | 681 | ^ ^ | | ^ ^ | 682 | | | | | | | | 683 | v v | | v v | 684 | ---------------------------- | | ------------------------------- | 685 | 2001:DB8:10:1::/64 ^ | | ^ 2001:DB8:20:1::/64 | 686 | | | | | | 687 | v | | v | 688 | +-------+ +-------+ | | +-------+ +-------+ +-------+ | 689 | | Host2 | |Router1| | | |Router2| |Server1|...|ServerN| | 690 | +-------+ +-------+ | | +-------+ +-------+ +-------+ | 691 | ^ ^ | | ^ ^ ^ | 692 | | | | | | | | | 693 | v v | | v v v | 694 | ---------------------------- | | ------------------------------- | 695 | 2001:DB8:10:2::/64 | | 2001:DB8:20:2::/64 | 696 +------------------------------+ +---------------------------------+ 697 Vehicle1 (Moving Network1) EN1 (Fixed Network1) 699 <----> Wired Link <....> Wireless Link (*) Antenna 701 Figure 2: Internetworking between Vehicle and Edge Network 703 As shown in Figure 2, as internal networks, a vehicle's moving 704 network and an EN's fixed network are self-contained networks having 705 multiple subnets and having an edge router (e.g., IP-OBU and IP-RSU) 706 for the communication with another vehicle or another EN. The 707 internetworking between two internal networks via V2I communication 708 requires the exchange of the network parameters and the network 709 prefixes of the internal networks. For the efficiency, the network 710 prefixes of the internal networks (as a moving network) in a vehicle 711 need to be delegated and configured automatically. Note that a 712 moving network's network prefix can be called a Mobile Network Prefix 713 (MNP) [RFC3963]. 715 Figure 2 also shows the internetworking between the vehicle's moving 716 network and the EN's fixed network. There exists an internal network 717 (Moving Network1) inside Vehicle1. Vehicle1 has two hosts (Host1 and 718 Host2), and two routers (IP-OBU1 and Router1). There exists another 719 internal network (Fixed Network1) inside EN1. EN1 has one host 720 (Host3), two routers (IP-RSU1 and Router2), and the collection of 721 servers (Server1 to ServerN) for various services in the road 722 networks, such as the emergency notification and navigation. 723 Vehicle1's IP-OBU1 (as a mobile router) and EN1's IP-RSU1 (as a fixed 724 router) use 2001:DB8:1:1::/64 for an external link (e.g., DSRC) for 725 V2I networking. Thus, a host (Host1) in Vehicle1 can communicate 726 with a server (Server1) in EN1 for a vehicular service through 727 Vehicle1's moving network, a wireless link between IP-OBU1 and IP- 728 RSU1, and EN1's fixed network. 730 For the IPv6 communication between an IP-OBU and an IP-RSU or between 731 two neighboring IP-OBUs, they need to know the network parameters, 732 which include MAC layer and IPv6 layer information. The MAC layer 733 information includes wireless link layer parameters, transmission 734 power level, and the MAC address of an external network interface for 735 the internetworking with another IP-OBU or IP-RSU. The IPv6 layer 736 information includes the IPv6 address and network prefix of an 737 external network interface for the internetworking with another IP- 738 OBU or IP-RSU. 740 Through the mutual knowledge of the network parameters of internal 741 networks, packets can be transmitted between the vehicle's moving 742 network and the EN's fixed network. Thus, V2I requires an efficient 743 protocol for the mutual knowledge of network parameters. 745 As shown in Figure 2, the addresses used for IPv6 transmissions over 746 the wireless link interfaces for IP-OBU and IP-RSU can be link-local 747 IPv6 addresses, ULAs, or global IPv6 addresses. When global IPv6 748 addresses are used, wireless interface configuration and control 749 overhead for DAD [RFC4862] and Multicast Listener Discovery (MLD) 750 [RFC2710][RFC3810] should be minimized to support V2I and V2X 751 communications for vehicles moving fast along roadways. 753 Let us consider the upload/download time of a vehicle when it passes 754 through the wireless communication coverage of an IP-RSU. For a 755 given typical setting where 1km is the maximum DSRC communication 756 range [DSRC] and 100km/h is the speed limit in highway, the dwelling 757 time can be calculated to be 72 seconds by dividing the diameter of 758 the 2km (i.e., two times of DSRC communication range where an IP-RSU 759 is located in the center of the circle of wireless communication) by 760 the speed limit of 100km/h (i.e., about 28m/s). For the 72 seconds, 761 a vehicle passing through the coverage of an IP-RSU can upload and 762 download data packets to/from the IP-RSU. 764 4.3. V2V-based Internetworking 766 This section discusses the internetworking between the moving 767 networks of two neighboring vehicles via V2V communication. 769 (*)<..........>(*) 770 (2001:DB8:1:1::/64) | | 771 +------------------------------+ +------------------------------+ 772 | v | | v | 773 | +-------+ +-------+ | | +-------+ +-------+ | 774 | | Host1 | |IP-OBU1| | | |IP-OBU2| | Host3 | | 775 | +-------+ +-------+ | | +-------+ +-------+ | 776 | ^ ^ | | ^ ^ | 777 | | | | | | | | 778 | v v | | v v | 779 | ---------------------------- | | ---------------------------- | 780 | 2001:DB8:10:1::/64 ^ | | ^ 2001:DB8:30:1::/64 | 781 | | | | | | 782 | v | | v | 783 | +-------+ +-------+ | | +-------+ +-------+ | 784 | | Host2 | |Router1| | | |Router2| | Host4 | | 785 | +-------+ +-------+ | | +-------+ +-------+ | 786 | ^ ^ | | ^ ^ | 787 | | | | | | | | 788 | v v | | v v | 789 | ---------------------------- | | ---------------------------- | 790 | 2001:DB8:10:2::/64 | | 2001:DB8:30:2::/64 | 791 +------------------------------+ +------------------------------+ 792 Vehicle1 (Moving Network1) Vehicle2 (Moving Network2) 794 <----> Wired Link <....> Wireless Link (*) Antenna 796 Figure 3: Internetworking between Two Vehicles 798 Figure 3 shows the internetworking between the moving networks of two 799 neighboring vehicles. There exists an internal network (Moving 800 Network1) inside Vehicle1. Vehicle1 has two hosts (Host1 and Host2), 801 and two routers (IP-OBU1 and Router1). There exists another internal 802 network (Moving Network2) inside Vehicle2. Vehicle2 has two hosts 803 (Host3 and Host4), and two routers (IP-OBU2 and Router2). Vehicle1's 804 IP-OBU1 (as a mobile router) and Vehicle2's IP-OBU2 (as a mobile 805 router) use 2001:DB8:1:1::/64 for an external link (e.g., DSRC) for 806 V2V networking. Thus, a host (Host1) in Vehicle1 can communicate 807 with another host (Host3) in Vehicle2 for a vehicular service through 808 Vehicle1's moving network, a wireless link between IP-OBU1 and IP- 809 OBU2, and Vehicle2's moving network. 811 As a V2V use case in Section 3.1, Figure 4 shows the linear network 812 topology of platooning vehicles for V2V communications where Vehicle3 813 is the leading vehicle with a driver, and Vehicle2 and Vehicle1 are 814 the following vehicles without drivers. 816 (*)<..................>(*)<..................>(*) 817 | | | 818 +-----------+ +-----------+ +-----------+ 819 | | | | | | 820 | +-------+ | | +-------+ | | +-------+ | 821 | |IP-OBU1| | | |IP-OBU2| | | |IP-OBU3| | 822 | +-------+ | | +-------+ | | +-------+ | 823 | ^ | | ^ | | ^ | 824 | | |=====> | | |=====> | | |=====> 825 | v | | v | | v | 826 | +-------+ | | +-------+ | | +-------+ | 827 | | Host1 | | | | Host2 | | | | Host3 | | 828 | +-------+ | | +-------+ | | +-------+ | 829 | | | | | | 830 +-----------+ +-----------+ +-----------+ 831 Vehicle1 Vehicle2 Vehicle3 833 <----> Wired Link <....> Wireless Link ===> Moving Direction 834 (*) Antenna 836 Figure 4: Multihop Internetworking between Two Vehicle Networks 838 As shown in Figure 4, multihop internetworking is feasible among the 839 moving networks of three vehicles in the same VANET. For example, 840 Host1 in Vehicle1 can communicate with Host3 in Vehicle3 via IP-OBU1 841 in Vehicle1, IP-OBU2 in Vehicle2, and IP-OBU3 in Vehicle3 in the 842 VANET, as shown in the figure. 844 In this section, the link between two vehicles is assumed to be 845 stable for single-hop wireless communication regardless of the sight 846 relationship such as line of sight and non-line of sight, as shown in 847 Figure 3. Even in Figure 4, the three vehicles are connected to each 848 other with a linear topology, however, multihop V2V communication can 849 accommodate any network topology (i.e., an arbitrary graph) over 850 VANET routing protocols. 852 (*)<..................>(*)<..................>(*) 853 | | | 854 +-----------+ +-----------+ +-----------+ 855 | | | | | | 856 | +-------+ | | +-------+ | | +-------+ | 857 | |IP-OBU1| | | |IP-RSU1| | | |IP-OBU3| | 858 | +-------+ | | +-------+ | | +-------+ | 859 | ^ | | ^ | | ^ | 860 | | |=====> | | | | | |=====> 861 | v | | v | | v | 862 | +-------+ | | +-------+ | | +-------+ | 863 | | Host1 | | | | Host2 | | | | Host3 | | 864 | +-------+ | | +-------+ | | +-------+ | 865 | | | | | | 866 +-----------+ +-----------+ +-----------+ 867 Vehicle1 EN1 Vehicle3 869 <----> Wired Link <....> Wireless Link ===> Moving Direction 870 (*) Antenna 872 Figure 5: Multihop Internetworking between Two Vehicle Networks 873 via IP-RSU (V2I2V) 875 As shown in Figure 5, multihop internetworking between two vehicles 876 is feasible via an infrastructure node (i.e., IP-RSU) with wireless 877 connectivity among the moving networks of two vehicles and the fixed 878 network of an edge network (denoted as EN1) in the same VANET. For 879 example, Host1 in Vehicle1 can communicate with Host3 in Vehicle3 via 880 IP-OBU1 in Vehicle1, IP-RSU1 in EN1, and IP-OBU3 in Vehicle3 in the 881 VANET, as shown in the figure. 883 For the reliability required in V2V networking, the ND optimization 884 defined in MANET [RFC6130] [RFC7466] improves the classical IPv6 ND 885 in terms of tracking neighbor information with up to two hops and 886 introducing several extensible Information Bases, which serves the 887 MANET routing protocols such as the difference versions of Optimized 888 Link State Routing Protocol (OLSR) [RFC3626] [RFC7181] [RFC7188] 889 [RFC7722] [RFC7779] [RFC8218] and the Dynamic Link Exchange Protocol 890 (DLEP) with its extensions [RFC8175] [RFC8629] [RFC8651] [RFC8703] 891 [RFC8757]. In short, the MANET ND mainly deals with maintaining 892 extended network neighbors. However, an ND protocol in vehicular 893 networks shall consider more about the geographical mobility 894 information of vehicles as an important resource for serving various 895 purposes to improve the reliability, e.g., vehicle driving safety, 896 intelligent transportation implementations, and advanced mobility 897 services. For a more reliable V2V networking, some redundancy 898 mechanisms should be provided in L3 in the case of the failure of L2. 900 5. Problem Statement 902 In order to specify protocols using the architecture mentioned in 903 Section 4.1, IPv6 core protocols have to be adapted to overcome 904 certain challenging aspects of vehicular networking. Since the 905 vehicles are likely to be moving at great speed, protocol exchanges 906 need to be completed in a time relatively short compared to the 907 lifetime of a link between a vehicle and an IP-RSU, or between two 908 vehicles. 910 For safe driving, vehicles need to exchange application messages 911 every 0.5 second [NHTSA-ACAS-Report] to let drivers take an action to 912 avoid a dangerous situation (e.g., vehicle collision), so IPv6 913 protocol exchanges need to support this order of magnitude for 914 application message exchanges. Also, considering the communication 915 range of DSRC (up to 1km) and 100km/h as the speed limit in highway, 916 the lifetime of a link between a vehicle and an IP-RSU is 72 seconds, 917 and the lifetime of a link between two vehicles is 36 seconds. Note 918 that if two vehicles are moving in the opposite directions in a 919 roadway, the relative speed of this case is two times the relative 920 speed of a vehicle passing through an RSU. This relative speed leads 921 the half of the link lifetime between the vehicle and the IP-RSU. In 922 reality, the DSRC communication range is around 500m, so the link 923 lifetime will be a half of the maximum time. The time constraint of 924 a wireless link between two nodes (e.g., vehicle and IP-RSU) needs to 925 be considered because it may affect the lifetime of a session 926 involving the link. The lifetime of a session varies depending on 927 the session's type such as a web surfing, voice call over IP, DNS 928 query, and context-aware navigation (in Section 3.1). Regardless of 929 a session's type, to guide all the IPv6 packets to their destination 930 host(s), IP mobility should be supported for the session. In a V2V 931 scenario (e.g., context-aware navigation), the IPv6 packets of a 932 vehicle should be delivered to relevant vehicles in an efficient way 933 (e.g., multicasting). With this observation, IPv6 protocol exchanges 934 need to be done as short as possible to support the message exchanges 935 of various applications in vehicular networks. 937 Therefore, the time constraint of a wireless link has a major impact 938 on IPv6 Neighbor Discovery (ND). Mobility Management (MM) is also 939 vulnerable to disconnections that occur before the completion of 940 identity verification and tunnel management. This is especially true 941 given the unreliable nature of wireless communication. Meanwhile, 942 the bandwidth of the wireless link determined by the lower layers 943 (i.e., link and PHY layers) can affect the transmission time of 944 control messages of the upper layers (e.g., IPv6) and the continuity 945 of sessions in the higher layers (e.g., IPv6, TCP, and UDP). Hence 946 the bandwidth selection according to Modulation and Coding Scheme 947 (MCS) also affects the vehicular network connectivity. Note that 948 usually the higher bandwidth gives the shorter communication range 949 and the higher packet error rate at the receiving side, which may 950 reduce the reliability of control message exchanges of the higher 951 layers (e.g., IPv6). This section presents key topics such as 952 neighbor discovery and mobility management for links and sessions in 953 IPv6-based vehicular networks. 955 5.1. Neighbor Discovery 957 IPv6 ND [RFC4861][RFC4862] is a core part of the IPv6 protocol suite. 958 IPv6 ND is designed for link types including point-to-point, 959 multicast-capable (e.g., Ethernet) and Non-Broadcast Multiple Access 960 (NBMA). It assumes the efficient and reliable support of multicast 961 and unicast from the link layer for various network operations such 962 as MAC Address Resolution (AR), DAD, MLD and Neighbor Unreachability 963 Detection (NUD). 965 Vehicles move quickly within the communication coverage of any 966 particular vehicle or IP-RSU. Before the vehicles can exchange 967 application messages with each other, they need to be configured with 968 a link-local IPv6 address or a global IPv6 address, and run IPv6 ND. 970 The requirements for IPv6 ND for vehicular networks are efficient DAD 971 and NUD operations. An efficient DAD is required to reduce the 972 overhead of the DAD packets during a vehicle's travel in a road 973 network, which can guarantee the uniqueness of a vehicle's global 974 IPv6 address. An efficient NUD is required to reduce the overhead of 975 the NUD packets during a vehicle's travel in a road network, which 976 can guarantee the accurate neighborhood information of a vehicle in 977 terms of adjacent vehicles and RSUs. 979 The legacy DAD assumes that a node with an IPv6 address can reach any 980 other node with the scope of its address at the time it claims its 981 address, and can hear any future claim for that address by another 982 party within the scope of its address for the duration of the address 983 ownership. However, the partitioning and merging of VANETs makes 984 this assumption frequently invalid in vehicular networks. The 985 merging and partitioning of VANETs frequently occurs in vehicular 986 networks. This merging and partitioning should be considered for the 987 IPv6 ND such as IPv6 Stateless Address Autoconfiguration (SLAAC) 988 [RFC4862]. Due to the merging of VANETs, two IPv6 addresses may 989 conflict with each other though they were unique before the merging. 990 An address lookup operation may be conducted by an MA or IP-RSU (as 991 Registrar in RPL) to check the uniqueness of an IPv6 address that 992 will be configured by a vehicle as DAD. Also, the partitioning of a 993 VANET may make vehicles with the same prefix be physically 994 unreachable. An address lookup operation may be conducted by an MA 995 or IP-RSU (as Registrar in RPL) to check the existence of a vehicle 996 under the network coverage of the MA or IP-RSU as NUD. Thus, SLAAC 997 needs to prevent IPv6 address duplication due to the merging of 998 VANETs, and IPv6 ND needs to detect unreachable neighboring vehicles 999 due to the partitioning of a VANET. According to the merging and 1000 partitioning, a destination vehicle (as an IPv6 host) needs to be 1001 distinguished as either an on-link host or an off-link host even 1002 though the source vehicle can use the same prefix as the destination 1003 vehicle [ID-IPPL]. 1005 To efficiently prevent IPv6 address duplication due to the VANET 1006 partitioning and merging from happening in vehicular networks, the 1007 vehicular networks need to support a vehicular-network-wide DAD by 1008 defining a scope that is compatible with the legacy DAD. In this 1009 case, two vehicles can communicate with each other when there exists 1010 a communication path over VANET or a combination of VANETs and IP- 1011 RSUs, as shown in Figure 1. By using the vehicular-network-wide DAD, 1012 vehicles can assure that their IPv6 addresses are unique in the 1013 vehicular network whenever they are connected to the vehicular 1014 infrastructure or become disconnected from it in the form of VANET. 1016 For vehicular networks with high mobility and density, the DAD needs 1017 to be performed efficiently with minimum overhead so that the 1018 vehicles can exchange driving safety messages (e.g., collision 1019 avoidance and accident notification) with each other with a short 1020 interval suggested by NHTSA (National Highway Traffic Safety 1021 Administration) [NHTSA-ACAS-Report]. Since the partitioning and 1022 merging of vehicular networks may require re-perform the DAD process 1023 repeatedly, the link scope of vehicles may be limited to a small 1024 area, which may delay the exchange of driving safety messages. 1025 Driving safety messages can include a vehicle's mobility information 1026 (i.e., position, speed, direction, and acceleration/deceleration) 1027 that is critical to other vehicles. The exchange interval of this 1028 message is recommended to be less than 0.5 second, which is required 1029 for a driver to avoid an emergency situation, such as a rear-end 1030 crash. 1032 ND time-related parameters such as router lifetime and Neighbor 1033 Advertisement (NA) interval need to be adjusted for vehicle speed and 1034 vehicle density. For example, the NA interval needs to be 1035 dynamically adjusted according to a vehicle's speed so that the 1036 vehicle can maintain its neighboring vehicles in a stable way, 1037 considering the collision probability with the NA messages sent by 1038 other vehicles. The ND time-related parameters can be an operational 1039 setting or an optimization point particularly for vehicular networks. 1041 For IPv6-based safety applications (e.g., context-aware navigation, 1042 adaptive cruise control, and platooning) in vehicular networks, the 1043 delay-bounded data delivery is critical. IPv6 ND needs to work to 1044 support those IPv6-based safety applications efficiently. 1046 From the interoperability point of view, in IPv6-based vehicular 1047 networking, IPv6 ND should have minimum changes with the legacy IPv6 1048 ND used in the Internet, including the DAD and NUD operations, so 1049 that IPv6-based vehicular networks can be seamlessly connected to 1050 other intelligent transportation elements (e.g., traffic signals, 1051 pedestrian wearable devices, electric scooters, and bus stops) that 1052 use the standard IPv6 network settings. 1054 5.1.1. Link Model 1056 A subnet model for a vehicular network needs to facilitate the 1057 communication between two vehicles with the same prefix regardless of 1058 the vehicular network topology as long as there exist bidirectional 1059 E2E paths between them in the vehicular network including VANETs and 1060 IP-RSUs. This subnet model allows vehicles with the same prefix to 1061 communicate with each other via a combination of multihop V2V and 1062 multihop V2I with VANETs and IP-RSUs. [IPoWIRELESS] introduces other 1063 issues in an IPv6 subnet model. 1065 IPv6 protocols work under certain assumptions that do not necessarily 1066 hold for vehicular wireless access link types [VIP-WAVE][RFC5889]. 1067 For instance, some IPv6 protocols assume symmetry in the connectivity 1068 among neighboring interfaces [RFC6250]. However, radio interference 1069 and different levels of transmission power may cause asymmetric links 1070 to appear in vehicular wireless links. As a result, a new vehicular 1071 link model needs to consider the asymmetry of dynamically changing 1072 vehicular wireless links. 1074 There is a relationship between a link and a prefix, besides the 1075 different scopes that are expected from the link-local and global 1076 types of IPv6 addresses. In an IPv6 link, it is defined that all 1077 interfaces which are configured with the same subnet prefix and with 1078 on-link bit set can communicate with each other on an IPv6 link. 1079 However, the vehicular link model needs to define the relationship 1080 between a link and a prefix, considering the dynamics of wireless 1081 links and the characteristics of VANET. 1083 A VANET can have a single link between each vehicle pair within 1084 wireless communication range, as shown in Figure 4. When two 1085 vehicles belong to the same VANET, but they are out of wireless 1086 communication range, they cannot communicate directly with each 1087 other. Suppose that a global-scope IPv6 prefix (or an IPv6 ULA 1088 prefix) is assigned to VANETs in vehicular networks. Even though two 1089 vehicles in the same VANET configure their IPv6 addresses with the 1090 same IPv6 prefix, they may not communicate with each other not in one 1091 hop in the same VANET because of the multihop network connectivity 1092 between them. Thus, in this case, the concept of an on-link IPv6 1093 prefix does not hold because two vehicles with the same on-link IPv6 1094 prefix cannot communicate directly with each other. Also, when two 1095 vehicles are located in two different VANETs with the same IPv6 1096 prefix, they cannot communicate with each other. When these two 1097 VANETs converge to one VANET, the two vehicles can communicate with 1098 each other in a multihop fashion, for example, when they are Vehicle1 1099 and Vehicle3, as shown in Figure 4. 1101 From the previous observation, a vehicular link model should consider 1102 the frequent partitioning and merging of VANETs due to vehicle 1103 mobility. Therefore, the vehicular link model needs to use an on- 1104 link prefix and off-link prefix according to the network topology of 1105 vehicles such as a one-hop reachable network and a multihop reachable 1106 network (or partitioned networks). If the vehicles with the same 1107 prefix are reachable from each other in one hop, the prefix should be 1108 on-link. On the other hand, if some of the vehicles with the same 1109 prefix are not reachable from each other in one hop due to either the 1110 multihop topology in the VANET or multiple partitions, the prefix 1111 should be off-link. In most cases in vehicular networks, due to the 1112 partitioning and merging of VANETs, and the multihop network topology 1113 of VANETS, off-link prefixes will be used for vehicles as default. 1115 The vehicular link model needs to support multihop routing in a 1116 connected VANET where the vehicles with the same global-scope IPv6 1117 prefix (or the same IPv6 ULA prefix) are connected in one hop or 1118 multiple hops. It also needs to support the multihop routing in 1119 multiple connected VANETs through infrastructure nodes (e.g., IP-RSU) 1120 where they are connected to the infrastructure. For example, in 1121 Figure 1, suppose that Vehicle1, Vehicle2, and Vehicle3 are 1122 configured with their IPv6 addresses based on the same global-scope 1123 IPv6 prefix. Vehicle1 and Vehicle3 can also communicate with each 1124 other via either multihop V2V or multihop V2I2V. When Vehicle1 and 1125 Vehicle3 are connected in a VANET, it will be more efficient for them 1126 to communicate with each other directly via VANET rather than 1127 indirectly via IP-RSUs. On the other hand, when Vehicle1 and 1128 Vehicle3 are far away from direct communication range in separate 1129 VANETs and under two different IP-RSUs, they can communicate with 1130 each other through the relay of IP-RSUs via V2I2V. Thus, two 1131 separate VANETs can merge into one network via IP-RSU(s). Also, 1132 newly arriving vehicles can merge two separate VANETs into one VANET 1133 if they can play the role of a relay node for those VANETs. 1135 Thus, in IPv6-based vehicular networking, the vehicular link model 1136 should have minimum changes for interoperability with standard IPv6 1137 links in an efficient fashion to support IPv6 DAD, MLD and NUD 1138 operations. 1140 5.1.2. MAC Address Pseudonym 1142 For the protection of drivers' privacy, a pseudonym of a MAC address 1143 of a vehicle's network interface should be used, so that the MAC 1144 address can be changed periodically. However, although such a 1145 pseudonym of a MAC address can protect to some extent the privacy of 1146 a vehicle, it may not be able to resist attacks on vehicle 1147 identification by other fingerprint information, for example, the 1148 scrambler seed embedded in IEEE 802.11-OCB frames [Scrambler-Attack]. 1149 The pseudonym of a MAC address affects an IPv6 address based on the 1150 MAC address, and a transport-layer (e.g., TCP and SCTP) session with 1151 an IPv6 address pair. However, the pseudonym handling is not 1152 implemented and tested yet for applications on IP-based vehicular 1153 networking. 1155 In the ETSI standards, for the sake of security and privacy, an ITS 1156 station (e.g., vehicle) can use pseudonyms for its network interface 1157 identities (e.g., MAC address) and the corresponding IPv6 addresses 1158 [Identity-Management]. Whenever the network interface identifier 1159 changes, the IPv6 address based on the network interface identifier 1160 needs to be updated, and the uniqueness of the address needs to be 1161 checked through the DAD procedure. 1163 5.1.3. Routing 1165 For multihop V2V communications in either a VANET or VANETs via IP- 1166 RSUs, a vehicular Mobile Ad Hoc Networks (MANET) routing protocol may 1167 be required to support both unicast and multicast in the links of the 1168 subnet with the same IPv6 prefix. However, it will be costly to run 1169 both vehicular ND and a vehicular ad hoc routing protocol in terms of 1170 control traffic overhead [ID-Multicast-Problems]. 1172 A routing protocol for a VANET may cause redundant wireless frames in 1173 the air to check the neighborhood of each vehicle and compute the 1174 routing information in a VANET with a dynamic network topology 1175 because the IPv6 ND is used to check the neighborhood of each 1176 vehicle. Thus, the vehicular routing needs to take advantage of the 1177 IPv6 ND to minimize its control overhead. 1179 RPL [RFC6550] defines a routing protocol for low-power and lossy 1180 networks, which constructs and maintains DODAGs optimized by an 1181 Objective Function (OF). A defined OF provides route selection and 1182 optimization within a RPL topology. A node in a DODAG uses DODAG 1183 Information Objects (DIOs) messages to discover and maintain the 1184 upward routes toward the root node. 1186 An address registration extension for 6LoWPAN (IPv6 over Low-Power 1187 Wireless Personal Area Network) in [RFC8505] can support light-weight 1188 mobility for nodes moving through different parents. Mainly it 1189 updates the Address Registration Option (ARO) of ND defined in 1190 [RFC6775] to include a status field that can indicate the movement of 1191 a node and optionally a Transaction ID (TID) field, i.e., a sequence 1192 number that can be used to determine the most recent location of a 1193 node. 1195 RPL can use the information provided by the extended ARO defined in 1196 [RFC8505] to deal with a certain level of node mobility. When a leaf 1197 node moves to the coverage of another parent node, it should de- 1198 register its addresses to the previous parent node and register 1199 itself with a new parent node along with an incremented TID. 1201 Although RPL can be used in IPv6-based vehicular networks, it is 1202 primarily designed for lossy networks, which puts energy efficiency 1203 first. In addition, the topology it considers may not quickly scale 1204 up and down for IPv6-based vehicular networks, since the mobility of 1205 vehicles is much more diverse with a high speed, so it can frequently 1206 alter a tree-like topology formed by RPL, which may cause network 1207 fragmentation and merging with more control traffic. 1209 Moreover, due to bandwidth and energy constraints, RPL does not 1210 suggest to use a proactive mechanism (e.g., keepalive) to maintain 1211 accurate routing adjacencies such as Bidirectional Forwarding 1212 Detection [RFC5881] and MANET Neighborhood Discovery Protocol 1213 [RFC6130]. As a result, due to the mobility of vehicles, the network 1214 fragmentation is not detected quickly and the routing of packets 1215 between vehicles or between a vehicle and an infrastructure node may 1216 fail. 1218 5.2. Mobility Management 1220 The seamless connectivity and timely data exchange between two end 1221 points requires efficient mobility management including location 1222 management and handover. Most vehicles are equipped with a GPS 1223 receiver as part of a dedicated navigation system or a corresponding 1224 smartphone App. Note that the GPS receiver may not provide vehicles 1225 with accurate location information in adverse environments such as a 1226 building area or a tunnel. The location precision can be improved 1227 with assistance of the IP-RSUs or a cellular system with a GPS 1228 receiver for location information. 1230 With a GPS navigator, efficient mobility management can be performed 1231 with the help of vehicles periodically reporting their current 1232 position and trajectory (i.e., navigation path) to the vehicular 1233 infrastructure (having IP-RSUs and an MA in TCC). This vehicular 1234 infrastructure can predict the future positions of the vehicles from 1235 their mobility information (i.e., the current position, speed, 1236 direction, and trajectory) for efficient mobility management (e.g., 1237 proactive handover). For a better proactive handover, link-layer 1238 parameters, such as the signal strength of a link-layer frame (e.g., 1239 Received Channel Power Indicator (RCPI) [VIP-WAVE]), can be used to 1240 determine the moment of a handover between IP-RSUs along with 1241 mobility information. 1243 By predicting a vehicle's mobility, the vehicular infrastructure 1244 needs to better support IP-RSUs to perform efficient SLAAC, data 1245 forwarding, horizontal handover (i.e., handover in wireless links 1246 using a homogeneous radio technology), and vertical handover (i.e., 1247 handover in wireless links using heterogeneous radio technologies) in 1248 advance along with the movement of the vehicle. 1250 For example, as shown in Figure 1, when a vehicle (e.g., Vehicle2) is 1251 moving from the coverage of an IP-RSU (e.g., IP-RSU1) into the 1252 coverage of another IP-RSU (e.g., IP-RSU2) belonging to a different 1253 subnet, the IP-RSUs can proactively support the IPv6 mobility of the 1254 vehicle, while performing the SLAAC, data forwarding, and handover 1255 for the sake of the vehicle. 1257 For a mobility management scheme in a domain, where the wireless 1258 subnets of multiple IP-RSUs share the same prefix, an efficient 1259 vehicular-network-wide DAD is required. If DHCPv6 is used to assign 1260 a unique IPv6 address to each vehicle in this shared link, the DAD is 1261 not required. On the other hand, for a mobility management scheme 1262 with a unique prefix per mobile node (e.g., PMIPv6 [RFC5213]), DAD is 1263 not required because the IPv6 address of a vehicle's external 1264 wireless interface is guaranteed to be unique. There is a tradeoff 1265 between the prefix usage efficiency and DAD overhead. Thus, the IPv6 1266 address autoconfiguration for vehicular networks needs to consider 1267 this tradeoff to support efficient mobility management. 1269 Even though the SLAAC with classic ND costs a DAD during mobility 1270 management, the SLAAC with [RFC8505] does not cost a DAD. SLAAC for 1271 vehicular networks needs to consider the minimization of the cost of 1272 DAD with the help of an infrastructure node (e.g., IP-RSU and MA). 1273 Using an infrastructure prefix over VANET allows direct routability 1274 to the Internet through the multihop V2I toward an IP-RSU. On the 1275 other hand, a BYOA does not allow such direct routability to the 1276 Internet since the BYOA is not topologically correct, that is, not 1277 routable in the Internet. In addition, a vehicle configured with a 1278 BYOA needs a tunnel home (e.g., IP-RSU) connected to the Internet, 1279 and the vehicle needs to know which neighboring vehicle is reachable 1280 inside the VANET toward the tunnel home. There is nonnegligible 1281 control overhead to set up and maintain routes to such a tunnel home 1282 over the VANET. 1284 For the case of a multihomed network, a vehicle can follow the first- 1285 hop router selection rule described in [RFC8028]. For example, an 1286 IP-OBU inside a vehicle may connect to an IP-RSU that has multiple 1287 routers behind. In this scenario, because the IP-OBU can have 1288 multiple prefixes from those routers, the default router selection, 1289 source address selection, and packet redirect process should follow 1290 the guidelines in [RFC8028]. That is, the vehicle should select its 1291 default router for each prefix by preferring the router that 1292 advertised the prefix. 1294 Vehicles can use the TCC as their Home Network having a home agent 1295 for mobility management as in MIPv6 [RFC6275] and PMIPv6 [RFC5213], 1296 so the TCC (or an MA inside the TCC) maintains the mobility 1297 information of vehicles for location management. IP tunneling over 1298 the wireless link should be avoided for performance efficiency. 1299 Also, in vehicular networks, asymmetric links sometimes exist and 1300 must be considered for wireless communications such as V2V and V2I. 1302 Therefore, for the proactive and seamless IPv6 mobility of vehicles, 1303 the vehicular infrastructure (including IP-RSUs and MA) needs to 1304 efficiently perform the mobility management of the vehicles with 1305 their mobility information and link-layer information. Also, in 1306 IPv6-based vehicular networking, IPv6 mobility management should have 1307 minimum changes for the interoperability with the legacy IPv6 1308 mobility management schemes such as PMIPv6, DMM, LISP, and AERO. 1310 6. Security Considerations 1312 This section discusses security and privacy for IPv6-based vehicular 1313 networking. Security and privacy are paramount in V2I, V2V, and V2X 1314 networking along with neighbor discovery and mobility management. 1316 Vehicles and infrastructure must be authenticated in order to 1317 participate in vehicular networking. For the authentication in 1318 vehicular networks, vehicular cloud needs to support a kind of Public 1319 Key Infrastructure (PKI) in an efficient way. To provide safe 1320 interaction between vehicles or between a vehicle and infrastructure, 1321 only authenticated nodes (i.e., vehicle and infrastructure node) can 1322 participate in vehicular networks. Also, in-vehicle devices (e.g., 1323 ECU) and a driver/passenger's mobile devices (e.g., smartphone and 1324 tablet PC) in a vehicle need to communicate with other in-vehicle 1325 devices and another driver/passenger's mobile devices in another 1326 vehicle, or other servers behind an IP-RSU in a secure way. Even 1327 though a vehicle is perfectly authenticated and legitimate, it may be 1328 hacked for running malicious applications to track and collect its 1329 and other vehicles' information. In this case, an attack mitigation 1330 process may be required to reduce the aftermath of malicious 1331 behaviors. 1333 For secure V2I communication, a secure channel (e.g., IPsec) between 1334 a mobile router (i.e., IP-OBU) in a vehicle and a fixed router (i.e., 1335 IP-RSU) in an EN needs to be established, as shown in Figure 2 1336 [RFC4301][RFC4302] [RFC4303][RFC4308] [RFC7296]. Also, for secure 1337 V2V communication, a secure channel (e.g., IPsec) between a mobile 1338 router (i.e., IP-OBU) in a vehicle and a mobile router (i.e., IP-OBU) 1339 in another vehicle needs to be established, as shown in Figure 3. 1340 For secure communication, an element in a vehicle (e.g., an in- 1341 vehicle device and a driver/passenger's mobile device) needs to 1342 establish a secure connection (e.g., TLS) with another element in 1343 another vehicle or another element in a vehicular cloud (e.g., a 1344 server). IEEE 1609.2 [WAVE-1609.2] specifies security services for 1345 applications and management messages, but this WAVE specification is 1346 optional. Thus, if the link layer does not support the security of a 1347 WAVE frame, either the network layer or the transport layer needs to 1348 support security services for the WAVE frames. 1350 6.1. Security Threats in Neighbor Discovery 1352 For the classical IPv6 ND, the DAD is required to ensure the 1353 uniqueness of the IPv6 address of a vehicle's wireless interface. 1354 This DAD can be used as a flooding attack that uses the DAD-related 1355 ND packets disseminated over the VANET or vehicular networks. 1356 [RFC6959] introduces threats enabled by IP source address spoofing. 1357 This possibility indicates that vehicles and IP-RSUs need to filter 1358 out suspicious ND traffic in advance. [RFC8928] introduces a 1359 mechanism that protects the ownership of an address for 6loWPAN ND 1360 from address theft and impersonation attacks. Based on the SEND 1361 [RFC3971] mechanism, the authentication for routers (i.e., IP-RSUs) 1362 can be conducted by only selecting an IP-RSU that has a certification 1363 path toward trusted parties. For authenticating other vehicles, the 1364 cryptographically generated address (CGA) can be used to verify the 1365 true owner of a received ND message, which requires to use the CGA ND 1366 option in the ND protocols. For a general protection of the ND 1367 mechanism, the RSA Signature ND option can also be used to protect 1368 the integrity of the messages by public key signatures. For a more 1369 advanced authentication mechanism, a distributed blockchain-based 1370 approach [Vehicular-BlockChain] can be used. However, for a scenario 1371 where a trustable router or an authentication path cannot be 1372 obtained, it is desirable to find a solution in which vehicles and 1373 infrastructures can authenticate each other without any support from 1374 a third party. 1376 When applying the classical IPv6 ND process to VANET, one of the 1377 security issues is that an IP-RSU (or an IP-OBU) as a router may 1378 receive deliberate or accidental DoS attacks from network scans that 1379 probe devices on a VANET. In this scenario, the IP-RSU can be 1380 overwhelmed for processing the network scan requests so that the 1381 capacity and resources of IP-RSU are exhausted, causing the failure 1382 of receiving normal ND messages from other hosts for network address 1383 resolution. [RFC6583] describes more about the operational problems 1384 in the classical IPv6 ND mechanism that can be vulnerable to 1385 deliberate or accidental DoS attacks and suggests several 1386 implementation guidelines and operational mitigation techniques for 1387 those problems. Nevertheless, for running IPv6 ND in VANET, those 1388 issues can be more acute since the movements of vehicles can be so 1389 diverse that it leaves a large room for rogue behaviors, and the 1390 failure of networking among vehicles may cause grave consequences. 1392 Strong security measures shall protect vehicles roaming in road 1393 networks from the attacks of malicious nodes, which are controlled by 1394 hackers. For safe driving applications (e.g., context-aware 1395 navigation, cooperative adaptive cruise control, and platooning), as 1396 explained in Section 3.1, the cooperative action among vehicles is 1397 assumed. Malicious nodes may disseminate wrong driving information 1398 (e.g., location, speed, and direction) for disturbing safe driving. 1399 For example, a Sybil attack, which tries to confuse a vehicle with 1400 multiple false identities, may disturb a vehicle from taking a safe 1401 maneuver. 1403 To identify malicious vehicles among vehicles, an authentication 1404 method may be required. A Vehicle Identification Number (VIN) and a 1405 user certificate (e.g., X.509 certificate [RFC5280]) along with an 1406 in-vehicle device's identifier generation can be used to efficiently 1407 authenticate a vehicle or its driver (having a user certificate) 1408 through a road infrastructure node (e.g., IP-RSU) connected to an 1409 authentication server in the vehicular cloud. This authentication 1410 can be used to identify the vehicle that will communicate with an 1411 infrastructure node or another vehicle. In the case where a vehicle 1412 has an internal network (called Moving Network) and elements in the 1413 network (e.g., in-vehicle devices and a user's mobile devices), as 1414 shown in Figure 2, the elements in the network need to be 1415 authenticated individually for safe authentication. Also, Transport 1416 Layer Security (TLS) certificates [RFC8446][RFC5280] can be used for 1417 an element's authentication to allow secure E2E vehicular 1418 communications between an element in a vehicle and another element in 1419 a server in a vehicular cloud, or between an element in a vehicle and 1420 another element in another vehicle. 1422 6.2. Security Threats in Mobility Management 1424 For mobility management, a malicious vehicle can construct multiple 1425 virtual bogus vehicles, and register them with IP-RSUs and MA. This 1426 registration makes the IP-RSUs and MA waste their resources. The IP- 1427 RSUs and MA need to determine whether a vehicle is genuine or bogus 1428 in mobility management. Also, the confidentiality of control packets 1429 and data packets among IP-RSUs and MA, the E2E paths (e.g., tunnels) 1430 need to be protected by secure communication channels. In addition, 1431 to prevent bogus IP-RSUs and MA from interfering with the IPv6 1432 mobility of vehicles, mutual authentication among them needs to be 1433 performed by certificates (e.g., TLS certificate). 1435 6.3. Other Threats 1437 For the setup of a secure channel over IPsec or TLS, the multihop V2I 1438 communications over DSRC or 5G V2X (or LTE V2X) is required in a 1439 highway. In this case, multiple intermediate vehicles as relay nodes 1440 can help forward association and authentication messages toward an 1441 IP-RSU (gNodeB, or eNodeB) connected to an authentication server in 1442 the vehicular cloud. In this kind of process, the authentication 1443 messages forwarded by each vehicle can be delayed or lost, which may 1444 increase the construction time of a connection or some vehicles may 1445 not be able to be authenticated. 1447 Even though vehicles can be authenticated with valid certificates by 1448 an authentication server in the vehicular cloud, the authenticated 1449 vehicles may harm other vehicles. To deal with this kind of security 1450 issue, for monitoring suspicious behaviors, vehicles' communication 1451 activities can be recorded in either a central way through a logging 1452 server (e.g., TCC) in the vehicular cloud or a distributed way (e.g., 1453 blockchain [Bitcoin]) along with other vehicles or infrastructure. 1454 To solve the issue ultimately, we need a solution where, without 1455 privacy breakage, vehicles may observe activities of each other to 1456 identify any misbehavior. Once identifying a misbehavior, a vehicle 1457 shall have a way to either isolate itself from others or isolate a 1458 suspicious vehicle by informing other vehicles. Alternatively, for 1459 completely secure vehicular networks, we shall embrace the concept of 1460 "zero-trust" for vehicles in which no vehicle is trustable and 1461 verifying every message is necessary. For doing so, we shall have an 1462 efficient zero-trust framework or mechanism for vehicular networks. 1464 For the non-repudiation of the harmful activities of malicious nodes, 1465 a blockchain technology can be used [Bitcoin]. Each message from a 1466 vehicle can be treated as a transaction and the neighboring vehicles 1467 can play the role of peers in a consensus method of a blockchain 1468 [Bitcoin] [Vehicular-BlockChain]. For a blockchain's efficient 1469 consensus in vehicular networks having fast moving vehicles, a new 1470 consensus algorithm needs to be developed or an existing consensus 1471 algorithm needs to be enhanced. 1473 To prevent an adversary from tracking a vehicle with its MAC address 1474 or IPv6 address, especially for a long-living transport-layer session 1475 (e.g., voice call over IP and video streaming service), a MAC address 1476 pseudonym needs to be provided to each vehicle; that is, each vehicle 1477 periodically updates its MAC address and its IPv6 address needs to be 1478 updated accordingly by the MAC address change [RFC4086][RFC4941]. 1479 Such an update of the MAC and IPv6 addresses should not interrupt the 1480 E2E communications between two vehicles (or between a vehicle and an 1481 IP-RSU) for a long-living transport-layer session. However, if this 1482 pseudonym is performed without strong E2E confidentiality (using 1483 either IPsec or TLS), there will be no privacy benefit from changing 1484 MAC and IPv6 addresses, because an adversary can observe the change 1485 of the MAC and IPv6 addresses and track the vehicle with those 1486 addresses. Thus, the MAC address pseudonym and the IPv6 address 1487 update should be performed with strong E2E confidentiality. 1489 7. IANA Considerations 1491 This document does not require any IANA actions. 1493 8. References 1495 8.1. Normative References 1497 [RFC8691] Benamar, N., Haerri, J., Lee, J., and T. Ernst, "Basic 1498 Support for IPv6 Networks Operating Outside the Context of 1499 a Basic Service Set over IEEE Std 802.11", RFC 8691, 1500 December 2019, . 1502 [RFC8200] Deering, S. and R. Hinden, "Internet Protocol, Version 6 1503 (IPv6) Specification", RFC 8200, July 2017, 1504 . 1506 [RFC6275] Perkins, C., Ed., Johnson, D., and J. Arkko, "Mobility 1507 Support in IPv6", RFC 6275, July 2011, 1508 . 1510 [RFC5213] Gundavelli, S., Ed., Leung, K., Devarapalli, V., 1511 Chowdhury, K., and B. Patil, "Proxy Mobile IPv6", 1512 RFC 5213, August 2008, 1513 . 1515 [RFC7333] Chan, H., Liu, D., Seite, P., Yokota, H., and J. Korhonen, 1516 "Requirements for Distributed Mobility Management", 1517 RFC 7333, August 2014, 1518 . 1520 [RFC7429] Liu, D., Zuniga, JC., Seite, P., Chan, H., and CJ. 1521 Bernardos, "Distributed Mobility Management: Current 1522 Practices and Gap Analysis", RFC 7429, January 2015, 1523 . 1525 [RFC3963] Devarapalli, V., Wakikawa, R., Petrescu, A., and P. 1526 Thubert, "Network Mobility (NEMO) Basic Support Protocol", 1527 RFC 3963, January 2005, 1528 . 1530 [RFC6550] Winter, T., Thubert, P., Brandt, A., Hui, J., Kelsey, R., 1531 Levis, P., Pister, K., Struik, R., Vasseur, JP., and R. 1532 Alexander, "RPL: IPv6 Routing Protocol for Low-Power and 1533 Lossy Networks", RFC 6550, March 2012, 1534 . 1536 [RFC3753] Manner, J. and M. Kojo, "Mobility Related Terminology", 1537 RFC 3753, June 2004, 1538 . 1540 [RFC5415] Calhoun, P., Montemurro, M., and D. Stanley, "Control And 1541 Provisioning of Wireless Access Points (CAPWAP) Protocol 1542 Specification", RFC 5415, March 2009, 1543 . 1545 [RFC7149] Boucadair, M. and C. Jacquenet, "Software-Defined 1546 Networking: A Perspective from within a Service Provider 1547 Environment", RFC 7149, March 2014, 1548 . 1550 [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, 1551 "Neighbor Discovery for IP Version 6 (IPv6)", RFC 4861, 1552 September 2007, . 1554 [RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless 1555 Address Autoconfiguration", RFC 4862, September 2007, 1556 . 1558 [RFC4193] Hinden, R. and B. Haberman, "Unique Local IPv6 Unicast 1559 Addresses", RFC 4193, October 2005, 1560 . 1562 [RFC2710] Deering, S., Fenner, W., and B. Haberman, "Multicast 1563 Listener Discovery (MLD) for IPv6", RFC 2710, October 1564 1999, . 1566 [RFC3810] Vida, R. and L. Costa, "Multicast Listener Discovery 1567 Version 2 (MLDv2) for IPv6", RFC 3810, June 2004, 1568 . 1570 [RFC5889] Baccelli, E. and M. Townsley, "IP Addressing Model in Ad 1571 Hoc Networks", RFC 5889, September 2010, 1572 . 1574 [RFC4086] Eastlake 3rd, D., Schiller, J., and S. Crocker, 1575 "Randomness Requirements for Security", RFC 4086, June 1576 2005, . 1578 [RFC4941] Narten, T., Draves, R., and S. Krishnan, "Privacy 1579 Extensions for Stateless Address Autoconfiguration in 1580 IPv6", RFC 4941, September 2007, 1581 . 1583 [RFC3849] Huston, G., Lord, A., and P. Smith, "IPv6 Address Prefix 1584 Reserved for Documentation", RFC 3849, July 2004, 1585 . 1587 [RFC6250] Thaler, D., "Evolution of the IP Model", RFC 6250, May 1588 2011, . 1590 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol 1591 Version 1.3", RFC 8446, August 2018, 1592 . 1594 [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., 1595 Housley, R., and W. Polk, "Internet X.509 Public Key 1596 Infrastructure Certificate and Certificate Revocation List 1597 (CRL) Profile", RFC 5280, May 2008, 1598 . 1600 [RFC4301] Kent, S. and K. Seo, "Security Architecture for the 1601 Internet Protocol", RFC 4301, December 2005, 1602 . 1604 [RFC4302] Kent, S., "IP Authentication Header", RFC 4302, December 1605 2005, . 1607 [RFC4303] Kent, S., "IP Encapsulating Security Payload (ESP)", 1608 RFC 4303, December 2005, 1609 . 1611 [RFC4308] Hoffman, P., "Cryptographic Suites for IPsec", RFC 4308, 1612 December 2005, . 1614 [RFC7296] Kaufman, C., Hoffman, P., Nir, Y., Eronen, P., and T. 1615 Kivinen, "Internet Key Exchange Protocol Version 2 1616 (IKEv2)", RFC 7296, October 2014, 1617 . 1619 [RFC8028] Baker, F. and B. Carpenter, "First-Hop Router Selection by 1620 Hosts in a Multi-Prefix Network", RFC 8028, November 2016, 1621 . 1623 [RFC3971] Arkko, J., Kempf, J., Zill, B., and P. Nikander, "SEcure 1624 Neighbor Discovery (SEND)", RFC 3971, March 2005, 1625 . 1627 [RFC8505] Thubert, P., Nordmark, E., Chakrabarti, S., and C. 1628 Perkins, "Registration Extensions for IPv6 over Low-Power 1629 Wireless Personal Area Network (6LoWPAN) Neighbor 1630 Discovery", RFC 8505, November 2018, 1631 . 1633 [RFC6775] Shelby, Z., Chakrabarti, S., Nordmark, E., and C. Bormann, 1634 "Neighbor Discovery Optimization for IPv6 over Low-Power 1635 Wireless Personal Area Networks (6LoWPANs)", RFC 6775, 1636 November 2012, . 1638 [RFC5881] Katz, D. and D. Ward, "Bidirectional Forwarding Detection 1639 (BFD) for IPv4 and IPv6 (Single Hop)", RFC 5881, June 1640 2010, . 1642 [RFC6130] Clausen, T., Dearlove, C., and J. Dean, "Mobile Ad Hoc 1643 Network (MANET) Neighborhood Discovery Protocol (NHDP)", 1644 RFC 6130, April 2011, 1645 . 1647 [RFC6583] Gashinsky, I., Jaeggli, J., and W. Kumari, "Operational 1648 Neighbor Discovery Problems", RFC 6583, March 2012, 1649 . 1651 [RFC8928] Thubert, P., Sarikaya, B., Sethi, M., and R. Struik, 1652 "Address-Protected Neighbor Discovery for Low-Power and 1653 Lossy Networks", RFC 8928, November 2020, 1654 . 1656 [RFC3626] Clausen, T. and P. Jacquet, "Optimized Link State Routing 1657 Protocol (OLSR)", RFC 3626, October 2003, 1658 . 1660 [RFC7181] Clausen, T., Dearlove, C., Jacquet, P., and U. Herberg, 1661 "The Optimized Link State Routing Protocol Version 2", 1662 RFC 7181, April 2014, 1663 . 1665 [RFC7188] Dearlove, C. and T. Clausen, "Optimized Link State Routing 1666 Protocol Version 2 (OLSRv2) and MANET Neighborhood 1667 Discovery Protocol (NHDP) Extension TLVs", RFC 7188, April 1668 2014, . 1670 [RFC7722] Dearlove, C. and T. Clausen, "Multi-Topology Extension for 1671 the Optimized Link State Routing Protocol Version 2 1672 (OLSRv2)", RFC 7722, December 2015, 1673 . 1675 [RFC7779] Rogge, H. and E. Baccelli, "Directional Airtime Metric 1676 Based on Packet Sequence Numbers for Optimized Link State 1677 Routing Version 2 (OLSRv2)", RFC 7779, April 2016, 1678 . 1680 [RFC8218] Yi, J. and B. Parrein, "Multipath Extension for the 1681 Optimized Link State Routing Protocol Version 2 (OLSRv2)", 1682 RFC 8218, August 2017, 1683 . 1685 [RFC8175] Ratliff, S., Jury, S., Satterwhite, D., Taylor, R., and B. 1686 Berry, "Dynamic Link Exchange Protocol (DLEP)", RFC 8175, 1687 June 2017, . 1689 [RFC8629] Cheng, B. and L. Berger, "Dynamic Link Exchange Protocol 1690 (DLEP) Multi-Hop Forwarding Extension", RFC 8629, July 1691 2019, . 1693 [RFC8651] Cheng, B., Wiggins, D., and L. Berger, "Dynamic Link 1694 Exchange Protocol (DLEP) Control-Plane-Based Pause 1695 Extension", RFC 8651, October 2019, 1696 . 1698 [RFC8703] Taylor, R. and S. Ratliff, "Dynamic Link Exchange Protocol 1699 (DLEP) Link Identifier Extension", RFC 8703, February 1700 2020, . 1702 [RFC8757] Cheng, B. and L. Berger, "Dynamic Link Exchange Protocol 1703 (DLEP) Latency Range Extension", RFC 8757, March 2020, 1704 . 1706 [RFC7466] Dearlove, C. and T. Clausen, "An Optimization for the 1707 Mobile Ad Hoc Network (MANET) Neighborhood Discovery 1708 Protocol (NHDP)", RFC 7466, March 2015, 1709 . 1711 8.2. Informative References 1713 [ID-IPPL] Nordmark, E., "IP over Intentionally Partially Partitioned 1714 Links", Work in Progress, Internet-Draft, draft-ietf- 1715 intarea-ippl-00, March 2017, 1716 . 1719 [RFC6830BIS] 1720 Farinacci, D., Fuller, V., Meyer, D., Lewis, D., and A. 1721 Cabellos, "The Locator/ID Separation Protocol (LISP)", 1722 Work in Progress, Internet-Draft, draft-ietf-lisp- 1723 rfc6830bis-36, November 2020, 1724 . 1727 [RFC6706BIS] 1728 Templin, F., "Automatic Extended Route Optimization 1729 (AERO)", Work in Progress, Internet-Draft, draft-templin- 1730 intarea-6706bis-99, March 2021, 1731 . 1734 [OMNI] Templin, F. and A. Whyman, "Transmission of IP Packets 1735 over Overlay Multilink Network (OMNI) Interfaces", Work in 1736 Progress, Internet-Draft, draft-templin-6man-omni-41, 1737 August 2021, . 1740 [UAM-ITS] Templin, F., "Urban Air Mobility Implications for 1741 Intelligent Transportation Systems", Work in Progress, 1742 Internet-Draft, draft-templin-ipwave-uam-its-04, January 1743 2021, . 1746 [DMM-FPC] Matsushima, S., Bertz, L., Liebsch, M., Gundavelli, S., 1747 Moses, D., and C. Perkins, "Protocol for Forwarding Policy 1748 Configuration (FPC) in DMM", Work in Progress, Internet- 1749 Draft, draft-ietf-dmm-fpc-cpdp-14, September 2020, 1750 . 1753 [ID-Multicast-Problems] 1754 Perkins, C., McBride, M., Stanley, D., Kumari, W., and JC. 1755 Zuniga, "Multicast Considerations over IEEE 802 Wireless 1756 Media", Work in Progress, Internet-Draft, draft-ietf- 1757 mboned-ieee802-mcast-problems-15, July 2021, 1758 . 1761 [DSRC] ASTM International, "Standard Specification for 1762 Telecommunications and Information Exchange Between 1763 Roadside and Vehicle Systems - 5 GHz Band Dedicated Short 1764 Range Communications (DSRC) Medium Access Control (MAC) 1765 and Physical Layer (PHY) Specifications", 1766 ASTM E2213-03(2010), October 2010. 1768 [EU-2008-671-EC] 1769 European Union, "Commission Decision of 5 August 2008 on 1770 the Harmonised Use of Radio Spectrum in the 5875 - 5905 1771 MHz Frequency Band for Safety-related Applications of 1772 Intelligent Transport Systems (ITS)", EU 2008/671/EC, 1773 August 2008. 1775 [IEEE-802.11p] 1776 "Part 11: Wireless LAN Medium Access Control (MAC) and 1777 Physical Layer (PHY) Specifications - Amendment 6: 1778 Wireless Access in Vehicular Environments", IEEE Std 1779 802.11p-2010, June 2010. 1781 [IEEE-802.11-OCB] 1782 "Part 11: Wireless LAN Medium Access Control (MAC) and 1783 Physical Layer (PHY) Specifications", IEEE Std 1784 802.11-2016, December 2016. 1786 [WAVE-1609.0] 1787 IEEE 1609 Working Group, "IEEE Guide for Wireless Access 1788 in Vehicular Environments (WAVE) - Architecture", IEEE Std 1789 1609.0-2013, March 2014. 1791 [WAVE-1609.2] 1792 IEEE 1609 Working Group, "IEEE Standard for Wireless 1793 Access in Vehicular Environments - Security Services for 1794 Applications and Management Messages", IEEE Std 1795 1609.2-2016, March 2016. 1797 [WAVE-1609.3] 1798 IEEE 1609 Working Group, "IEEE Standard for Wireless 1799 Access in Vehicular Environments (WAVE) - Networking 1800 Services", IEEE Std 1609.3-2016, April 2016. 1802 [WAVE-1609.4] 1803 IEEE 1609 Working Group, "IEEE Standard for Wireless 1804 Access in Vehicular Environments (WAVE) - Multi-Channel 1805 Operation", IEEE Std 1609.4-2016, March 2016. 1807 [ISO-ITS-IPv6] 1808 ISO/TC 204, "Intelligent Transport Systems - 1809 Communications Access for Land Mobiles (CALM) - IPv6 1810 Networking", ISO 21210:2012, June 2012. 1812 [ISO-ITS-IPv6-AMD1] 1813 ISO/TC 204, "Intelligent Transport Systems - 1814 Communications Access for Land Mobiles (CALM) - IPv6 1815 Networking - Amendment 1", ISO 21210:2012/AMD 1:2017, 1816 September 2017. 1818 [TS-23.285-3GPP] 1819 3GPP, "Architecture Enhancements for V2X Services", 3GPP 1820 TS 23.285/Version 16.2.0, December 2019. 1822 [TR-22.886-3GPP] 1823 3GPP, "Study on Enhancement of 3GPP Support for 5G V2X 1824 Services", 3GPP TR 22.886/Version 16.2.0, December 2018. 1826 [TS-23.287-3GPP] 1827 3GPP, "Architecture Enhancements for 5G System (5GS) to 1828 Support Vehicle-to-Everything (V2X) Services", 3GPP 1829 TS 23.287/Version 16.2.0, March 2020. 1831 [VIP-WAVE] Cespedes, S., Lu, N., and X. Shen, "VIP-WAVE: On the 1832 Feasibility of IP Communications in 802.11p Vehicular 1833 Networks", IEEE Transactions on Intelligent Transportation 1834 Systems, vol. 14, no. 1, March 2013. 1836 [Identity-Management] 1837 Wetterwald, M., Hrizi, F., and P. Cataldi, "Cross-layer 1838 Identities Management in ITS Stations", The 10th 1839 International Conference on ITS Telecommunications, 1840 November 2010. 1842 [SAINT] Jeong, J., Jeong, H., Lee, E., Oh, T., and D. Du, "SAINT: 1843 Self-Adaptive Interactive Navigation Tool for Cloud-Based 1844 Vehicular Traffic Optimization", IEEE Transactions on 1845 Vehicular Technology, Vol. 65, No. 6, June 2016. 1847 [SAINTplus] 1848 Shen, Y., Lee, J., Jeong, H., Jeong, J., Lee, E., and D. 1849 Du, "SAINT+: Self-Adaptive Interactive Navigation Tool+ 1850 for Emergency Service Delivery Optimization", 1851 IEEE Transactions on Intelligent Transportation Systems, 1852 June 2017. 1854 [SANA] Hwang, T. and J. Jeong, "SANA: Safety-Aware Navigation 1855 Application for Pedestrian Protection in Vehicular 1856 Networks", Springer Lecture Notes in Computer Science 1857 (LNCS), Vol. 9502, December 2015. 1859 [CASD] Shen, Y., Jeong, J., Oh, T., and S. Son, "CASD: A 1860 Framework of Context-Awareness Safety Driving in Vehicular 1861 Networks", International Workshop on Device Centric Cloud 1862 (DC2), March 2016. 1864 [CA-Cruise-Control] 1865 California Partners for Advanced Transportation Technology 1866 (PATH), "Cooperative Adaptive Cruise Control", Available: 1867 http://www.path.berkeley.edu/research/automated-and- 1868 connected-vehicles/cooperative-adaptive-cruise-control, 1869 2017. 1871 [Truck-Platooning] 1872 California Partners for Advanced Transportation Technology 1873 (PATH), "Automated Truck Platooning", Available: 1874 http://www.path.berkeley.edu/research/automated-and- 1875 connected-vehicles/truck-platooning, 2017. 1877 [FirstNet] U.S. National Telecommunications and Information 1878 Administration (NTIA), "First Responder Network Authority 1879 (FirstNet)", Available: https://www.firstnet.gov/, 2012. 1881 [FirstNet-Report] 1882 First Responder Network Authority, "FY 2017: ANNUAL REPORT 1883 TO CONGRESS, Advancing Public Safety Broadband 1884 Communications", FirstNet FY 2017, December 2017. 1886 [SignalGuru] 1887 Koukoumidis, E., Peh, L., and M. Martonosi, "SignalGuru: 1888 Leveraging Mobile Phones for Collaborative Traffic Signal 1889 Schedule Advisory", ACM MobiSys, June 2011. 1891 [Fuel-Efficient] 1892 van de Hoef, S., H. Johansson, K., and D. V. Dimarogonas, 1893 "Fuel-Efficient En Route Formation of Truck Platoons", 1894 IEEE Transactions on Intelligent Transportation Systems, 1895 January 2018. 1897 [Automotive-Sensing] 1898 Choi, J., Va, V., Gonzalez-Prelcic, N., Daniels, R., R. 1899 Bhat, C., and R. W. Heath, "Millimeter-Wave Vehicular 1900 Communication to Support Massive Automotive Sensing", 1901 IEEE Communications Magazine, December 2016. 1903 [NHTSA-ACAS-Report] 1904 National Highway Traffic Safety Administration (NHTSA), 1905 "Final Report of Automotive Collision Avoidance Systems 1906 (ACAS) Program", DOT HS 809 080, August 2000. 1908 [CBDN] Kim, J., Kim, S., Jeong, J., Kim, H., Park, J., and T. 1909 Kim, "CBDN: Cloud-Based Drone Navigation for Efficient 1910 Battery Charging in Drone Networks", IEEE Transactions on 1911 Intelligent Transportation Systems, November 2019. 1913 [In-Car-Network] 1914 Lim, H., Volker, L., and D. Herrscher, "Challenges in a 1915 Future IP/Ethernet-based In-Car Network for Real-Time 1916 Applications", ACM/EDAC/IEEE Design Automation Conference 1917 (DAC), June 2011. 1919 [Scrambler-Attack] 1920 Bloessl, B., Sommer, C., Dressier, F., and D. Eckhoff, 1921 "The Scrambler Attack: A Robust Physical Layer Attack on 1922 Location Privacy in Vehicular Networks", IEEE 2015 1923 International Conference on Computing, Networking and 1924 Communications (ICNC), February 2015. 1926 [Bitcoin] Nakamoto, S., "Bitcoin: A Peer-to-Peer Electronic Cash 1927 System", URL: https://bitcoin.org/bitcoin.pdf, May 2009. 1929 [Vehicular-BlockChain] 1930 Dorri, A., Steger, M., Kanhere, S., and R. Jurdak, 1931 "BlockChain: A Distributed Solution to Automotive Security 1932 and Privacy", IEEE Communications Magazine, Vol. 55, No. 1933 12, December 2017. 1935 [IPoWIRELESS] 1936 Thubert, P., "IPv6 Neighbor Discovery on Wireless 1937 Networks", Work in Progress, Internet-Draft, draft- 1938 thubert-6man-ipv6-over-wireless-09, May 2021, 1939 . 1942 [RFC6959] McPherson, D., Baker, F., and J. Halpern, "Source Address 1943 Validation Improvement (SAVI) Threat Scope", RFC 6959, May 1944 2013, . 1946 Appendix A. Support of Multiple Radio Technologies for V2V 1948 Vehicular networks may consist of multiple radio technologies such as 1949 DSRC and 5G V2X. Although a Layer-2 solution can provide a support 1950 for multihop communications in vehicular networks, the scalability 1951 issue related to multihop forwarding still remains when vehicles need 1952 to disseminate or forward packets toward multihop-away destinations. 1953 In addition, the IPv6-based approach for V2V as a network layer 1954 protocol can accommodate multiple radio technologies as MAC 1955 protocols, such as DSRC and 5G V2X. Therefore, the existing IPv6 1956 protocol can be augmented through the addition of a virtual interface 1957 (e.g., Overlay Multilink Network (OMNI) Interface [OMNI]) and/or 1958 protocol changes in order to support both wireless single-hop/ 1959 multihop V2V communications and multiple radio technologies in 1960 vehicular networks. In such a way, vehicles can communicate with 1961 each other by V2V communications to share either an emergency 1962 situation or road hazard information in a highway having multiple 1963 kinds of radio technologies. 1965 Appendix B. Support of Multihop V2X Networking 1967 The multihop V2X networking can be supported by RPL (IPv6 Routing 1968 Protocol for Low-Power and Lossy Networks) [RFC6550] and Overlay 1969 Multilink Network Interface (OMNI) [OMNI]. 1971 RPL defines an IPv6 routing protocol for low-power and lossy networks 1972 (LLN), mostly designed for home automation routing, building 1973 automation routing, industrial routing, and urban LLN routing. It 1974 uses a destination oriented directed acyclic graph (DODAG) to 1975 construct routing paths for hosts in a network. The DODAG uses an 1976 objective function (OF) for route selection and optimization within 1977 the network. A user can use different routing metrics to define an 1978 OF for a specific scenario. RPL supports multipoint-to-point, point- 1979 to-multipoint, and point-to-point traffic, and the major traffic flow 1980 is the multipoint-to-point traffic. For example, in a highway 1981 scenario, a vehicle may not access an RSU directly because of the 1982 distance of the DSRC coverage (up to 1 km). In this case, the RPL 1983 can be extended to support a multihop V2I since a vehicle can take 1984 advantage of other vehicles as relay nodes to reach the RSU. Also, 1985 RPL can be extended to support both multihop V2V and V2X in the 1986 similar way. 1988 OMNI defines a protocol for the transmission of IPv6 packets over 1989 Overlay Multilink Network Interfaces that are virtual interfaces 1990 governing multiple physical network interfaces. OMNI supports 1991 multihop V2V communication between vehicles in multiple forwarding 1992 hops via intermediate vehicles with OMNI links. It also supports 1993 multihop V2I communication between a vehicle and an infrastructure 1994 access point by multihop V2V communication. The OMNI interface 1995 supports an NBMA link model where multihop V2V and V2I communications 1996 use each mobile node's ULAs without need for any DAD or MLD 1997 Messaging. 1999 Appendix C. Support of Mobility Management for V2I 2001 The seamless application communication between two vehicles or 2002 between a vehicle and an infrastructure node requires mobility 2003 management in vehicular networks. The mobility management schemes 2004 include a host-based mobility scheme, network-based mobility scheme, 2005 and software-defined networking scheme. 2007 In the host-based mobility scheme (e.g., MIPv6), an IP-RSU plays a 2008 role of a home agent. On the other hand, in the network-based 2009 mobility scheme (e.g., PMIPv6, an MA plays a role of a mobility 2010 management controller such as a Local Mobility Anchor (LMA) in 2011 PMIPv6, which also serves vehicles as a home agent, and an IP-RSU 2012 plays a role of an access router such as a Mobile Access Gateway 2013 (MAG) in PMIPv6 [RFC5213]. The host-based mobility scheme needs 2014 client functionality in IPv6 stack of a vehicle as a mobile node for 2015 mobility signaling message exchange between the vehicle and home 2016 agent. On the other hand, the network-based mobility scheme does not 2017 need such a client functionality for a vehicle because the network 2018 infrastructure node (e.g., MAG in PMIPv6) as a proxy mobility agent 2019 handles the mobility signaling message exchange with the home agent 2020 (e.g., LMA in PMIPv6) for the sake of the vehicle. 2022 There are a scalability issue and a route optimization issue in the 2023 network-based mobility scheme (e.g., PMIPv6) when an MA covers a 2024 large vehicular network governing many IP-RSUs. In this case, a 2025 distributed mobility scheme (e.g., DMM [RFC7429]) can mitigate the 2026 scalability issue by distributing multiple MAs in the vehicular 2027 network such that they are positioned closer to vehicles for route 2028 optimization and bottleneck mitigation in a central MA in the 2029 network-based mobility scheme. All these mobility approaches (i.e., 2030 a host-based mobility scheme, network-based mobility scheme, and 2031 distributed mobility scheme) and a hybrid approach of a combination 2032 of them need to provide an efficient mobility service to vehicles 2033 moving fast and moving along with the relatively predictable 2034 trajectories along the roadways. 2036 In vehicular networks, the control plane can be separated from the 2037 data plane for efficient mobility management and data forwarding by 2038 using the concept of Software-Defined Networking (SDN) 2039 [RFC7149][DMM-FPC]. Note that Forwarding Policy Configuration (FPC) 2040 in [DMM-FPC], which is a flexible mobility management system, can 2041 manage the separation of data-plane and control-plane in DMM. In 2042 SDN, the control plane and data plane are separated for the efficient 2043 management of forwarding elements (e.g., switches and routers) where 2044 an SDN controller configures the forwarding elements in a centralized 2045 way and they perform packet forwarding according to their forwarding 2046 tables that are configured by the SDN controller. An MA as an SDN 2047 controller needs to efficiently configure and monitor its IP-RSUs and 2048 vehicles for mobility management, location management, and security 2049 services. 2051 Appendix D. Acknowledgments 2053 This work was supported by Institute of Information & Communications 2054 Technology Planning & Evaluation (IITP) grant funded by the Korea 2055 MSIT (Ministry of Science and ICT) (R-20160222-002755, Cloud based 2056 Security Intelligence Technology Development for the Customized 2057 Security Service Provisioning). 2059 This work was supported in part by the MSIT, Korea, under the ITRC 2060 (Information Technology Research Center) support program (IITP- 2061 2021-2017-0-01633) supervised by the IITP. 2063 This work was supported in part by the French research project 2064 DataTweet (ANR-13-INFR-0008) and in part by the HIGHTS project funded 2065 by the European Commission I (636537-H2020). 2067 This work was supported in part by the Cisco University Research 2068 Program Fund, Grant # 2019-199458 (3696), and by ANID Chile Basal 2069 Project FB0008. 2071 Appendix E. Contributors 2073 This document is a group work of IPWAVE working group, greatly 2074 benefiting from inputs and texts by Rex Buddenberg (Naval 2075 Postgraduate School), Thierry Ernst (YoGoKo), Bokor Laszlo (Budapest 2076 University of Technology and Economics), Jose Santa Lozanoi 2077 (Universidad of Murcia), Richard Roy (MIT), Francois Simon (Pilot), 2078 Sri Gundavelli (Cisco), Erik Nordmark, Dirk von Hugo (Deutsche 2079 Telekom), Pascal Thubert (Cisco), Carlos Bernardos (UC3M), Russ 2080 Housley (Vigil Security), Suresh Krishnan (Kaloom), Nancy Cam-Winget 2081 (Cisco), Fred L. Templin (The Boeing Company), Jung-Soo Park (ETRI), 2082 Zeungil (Ben) Kim (Hyundai Motors), Kyoungjae Sun (Soongsil 2083 University), Zhiwei Yan (CNNIC), YongJoon Joe (LSware), Peter E. Yee 2084 (Akayla), and Erik Kline. The authors sincerely appreciate their 2085 contributions. 2087 The following are co-authors of this document: 2089 Nabil Benamar Department of Computer Sciences High School of 2090 Technology of Meknes Moulay Ismail University Morocco Phone: +212 6 2091 70 83 22 36 EMail: benamar73@gmail.com 2093 Sandra Cespedes NIC Chile Research Labs Universidad de Chile Av. 2094 Blanco Encalada 1975 Santiago Chile Phone: +56 2 29784093 EMail: 2095 scespede@niclabs.cl 2097 Jerome Haerri Communication Systems Department EURECOM Sophia- 2098 Antipolis France Phone: +33 4 93 00 81 34 EMail: 2099 jerome.haerri@eurecom.fr 2101 Dapeng Liu Alibaba Beijing, Beijing 100022 China Phone: +86 2102 13911788933 EMail: max.ldp@alibaba-inc.com 2104 Tae (Tom) Oh Department of Information Sciences and Technologies 2105 Rochester Institute of Technology One Lomb Memorial Drive Rochester, 2106 NY 14623-5603 USA Phone: +1 585 475 7642 EMail: Tom.Oh@rit.edu 2107 Charles E. Perkins Futurewei Inc. 2330 Central Expressway Santa 2108 Clara, CA 95050 USA Phone: +1 408 330 4586 EMail: 2109 charliep@computer.org 2111 Alexandre Petrescu CEA, LIST CEA Saclay Gif-sur-Yvette, Ile-de-France 2112 91190 France Phone: +33169089223 EMail: Alexandre.Petrescu@cea.fr 2114 Yiwen Chris Shen Department of Computer Science & Engineering 2115 Sungkyunkwan University 2066 Seobu-Ro, Jangan-Gu Suwon, Gyeonggi-Do 2116 16419 Republic of Korea Phone: +82 31 299 4106 Fax: +82 31 290 7996 2117 EMail: chrisshen@skku.edu URI: http://iotlab.skku.edu/people-chris- 2118 shen.php 2120 Michelle Wetterwald FBConsulting 21, Route de Luxembourg 2121 Wasserbillig, Luxembourg L-6633 Luxembourg EMail: 2122 Michelle.Wetterwald@gmail.com 2124 Author's Address 2126 Jaehoon (Paul) Jeong (editor) 2127 Department of Computer Science and Engineering 2128 Sungkyunkwan University 2129 2066 Seobu-Ro, Jangan-Gu 2130 Suwon 2131 Gyeonggi-Do 2132 16419 2133 Republic of Korea 2135 Phone: +82 31 299 4957 2136 Email: pauljeong@skku.edu 2137 URI: http://iotlab.skku.edu/people-jaehoon-jeong.php