Internet of Vehicles (IoV)

Updated 11 May 2026

Internet of Vehicles (IoV) is a cyber-physical system that integrates vehicles, infrastructure, sensors, and cloud services for safety-critical and real-time intelligent transportation.
It employs layered architectures with in-vehicle, edge, and cloud planes to optimize low latency processing and dynamic resource management over diverse communication protocols.
IoV leverages advanced security measures, blockchain frameworks, and federated learning to ensure data integrity, privacy, and decentralized trust in high-mobility networks.

The Internet of Vehicles (IoV) is the convergence of vehicles, road infrastructure, sensors, users, and cloud/edge computing into an integrated, cyber-physical system for intelligent transportation. Extending the paradigm of Vehicular Ad Hoc Networks (VANETs), IoV incorporates vehicle-to-vehicle (V2V), vehicle-to-infrastructure (V2I), vehicle-to-everything (V2X), and cloud connectivity, supporting a range of mission-critical applications including road safety, real-time traffic optimization, infotainment, and autonomous driving. IoV architecture is inherently distributed, featuring high node mobility, dynamic topologies, stringent latency bounds (sub-100 ms for safety), and a complex security and trust landscape requiring resilient, scalable, and privacy-preserving solutions (Singh et al., 2021, Manias et al., 2021, Sharma et al., 2022).

1. Architectural Models and System Frameworks

IoV deployments adopt layered or multi-plane architectures to address real-time processing, storage, and trust at various operational domains. A prominent schema is the three-tier IoV security framework (Singh et al., 2021):

In-Vehicle Plane: Electronic Control Units (ECUs) and onboard sensors intercommunicate, with private blockchain frameworks (typically among gateways/switches) securing CAN-bus transactions. Gateways invoke lightweight AI (e.g., autoencoders) via smart contracts to pre-filter anomalous messages before blockchain inclusion.
Edge/RSU Plane: Roadside Units (RSUs) serve as both edge-computing and blockchain nodes. RSUs collect, validate, and submit vehicle “event” transactions (e.g., emergency maneuvers) to the blockchain, running local ML-based misbehavior detection.
Service/Cloud Plane: Provides global services—including PKI, pseudonym management, and heavy AI (ensemble models for reputation scoring)—overlaid with blockchain for certificate issuance and revocation.

Most IoV architectures leverage Mobile Edge Computing (MEC) to minimize latency for safety-critical data and Network Function Virtualization (NFV) for rapid service provisioning. The actual data/control plane can encompass multi-access paradigms (DSRC, C-V2X, 5G NR V2X) and support hybrid cloud–edge–vehicle compute splits (Manias et al., 2021).

2. Security, Privacy, and Trust Models

IoV’s rapid mobility, ephemeral connectivity, and heterogeneous endpoints create a challenging attack surface. Key threats include identity spoofing, Sybil attacks, DoS/jamming, replay, man-in-the-middle, privacy tracking, and protocol-layer routing attacks. The required defense properties span confidentiality, integrity, availability, authentication, non-repudiation, and fine-grained access control (Sharma et al., 2022, Chen et al., 2023):

Cryptographic Infrastructure: ECDSA, group signatures, ring signatures, and PKI-based pseudonym certificates (IEEE 1609.2) constitute the foundation for message authenticity and sender anonymity.
Blockchain Utilization: Distributed ledgers provide tamper-evidence for V2X messaging and support decentralized trust management, with RSUs or fog-nodes acting as consortium/private blockchain validators (Aung et al., 2022).
Trust and Reputation Systems: Automated reputation updates (based on ML detection or on-chain smart contracts) can condition access, penalize misbehavior, or support CRL synchronization, though precise trust-score equations are often delegated to future work (Singh et al., 2021).

A layered intrusion detection approach is essential, with in-vehicle anomaly detection often relying on deep learning classifiers, supplemented with rule-based or ML-based IDS (e.g., LSTM trained on trajectory data) at the edge and cloud (Sharma et al., 2022, Uddin et al., 22 May 2025). Decentralized and hierarchical IDS frameworks, distributed across vehicle, RSU, and cloud, optimize for real-time mitigation and resource constraints.

3. AI and Federated Learning in IoV

Machine learning and especially deep learning models are central to IoV’s vision for resilient intrusion detection, misbehavior detection, and traffic prediction. However, centralized ML approaches are hindered by non-i.i.d. data distributions, privacy constraints, and communication bottlenecks. As a solution, federated learning (FL) is being deployed, where local models are trained on vehicle or RSU data subsets and only model parameters are exchanged (Manias et al., 2021):

Federated Averaging (FedAvg): Global model update via weighted average of locally trained weights:

$w_{t+1} = \sum_{k=1}^K \frac{n_k}{n}\,w_t^k$

where $n_k$ is the local sample count.

Fault Recovery and High Availability: If node failure occurs, global models can be redistributed for rapid service resumption, leveraging group intelligence for fast adaptation.
Key Benefits and Limitations:
- Raw data privacy is maintained.
- Communication overhead is minimized (model deltas vs. raw data).
- Non-i.i.d. data slows convergence; straggler effect and poisoning attacks are active research themes.

FL is synergistic with 5G URLLC, enabling intelligent ITS with stringent latency, privacy, and scalability requirements (Manias et al., 2021).

4. Blockchain Integration and Consensus in IoV

Blockchain is a foundational technology for tamper-proofing, trust management, privacy, and decentralized access control in IoV (Singh et al., 2021, Aung et al., 2022). IoV adapts blockchain via:

Consortium/Private Chain Models: Validating nodes (typically RSUs, fog servers, or cloud gateways) run permissioned BFT-like consensus (e.g., PBFT), delivering low-latency and deterministic finality desirable for safety-critical IoV (Singh et al., 2021).
Smart Contracts: Automated policy enforcement for pseudonym management, reputation updates, and penalty/reward routines. The functional split places heavy AI analytics at the cloud/service plane (global trust, reputation) and lightweight ML at the edge (real-time filtering).
Hierarchical Deployment: Blockchains at each IoV “plane”—private ledgers in-vehicle, permissioned ledgers across RSUs, and possibly public/consortium-ledgers at the cloud/service level—serving different privacy, performance, and policy needs.
Consensus Protocol Trade-Offs: PoW is unsuitable for IoV’s latency requirements; BFT/PoS/BFT-like approaches among RSUs are preferred for fast block confirmation (Aung et al., 2022). Most architectures restrict heavy consensus work to infrastructure nodes, with vehicles acting as light clients or submitters.

Challenges remain in cross-chain interoperability, data sharding, attacker-resistant reputation scoring, and integration of ML outputs into on-chain logic.

5. Semantic and Cooperative Communications

To address spectrum and latency constraints imposed by high-bandwidth, multi-modal vehicular data streams, semantic communication architectures are being adopted (Ye et al., 3 Mar 2025, Xu et al., 2022). The goal is to minimize transmitted data while preserving “semantic meaning” relevant for the task. Key features:

Semantic Encoding: Deep networks extract low-dimensional, task-relevant representations (e.g., object, event, or intent descriptors), enabling transmission of compact summaries instead of raw sensor data.
Joint Source–Semantic–Channel Coding: End-to-end models minimize semantic distortion under bandwidth and delay constraints:

$\min_{(\theta, c, \phi)}\,\mathbb{E}[d(S, \hat{S})] \quad \text{s.t.} \;\mathbb{E}[|U|] \leq B, \;\Pr[e] \leq \epsilon$

where $S$ is the semantic source, $U$ is the transmission symbol, and $d$ is a semantic-level distortion.

Multi-User Cooperative Schemes: Recent frameworks (e.g., Co-SC (Xu et al., 2022)) jointly decode semantic embeddings from multiple vehicles or RSUs, utilizing attention fusion and semantic correlation to improve performance under low SNR or constrained radio resources.
Resource Management: RL and optimization-based strategies assign bandwidth, power, and compute to maximize semantic utility per link, subject to aggregate resource limits.

Case studies show order-of-magnitude reductions in spectrum usage, with preserved or enhanced task accuracy for image retrieval, cooperative perception, and traffic state estimation (Ye et al., 3 Mar 2025).

6. Security Evaluation and System-Level Quantitative Analysis

Rigorous quantitative security evaluation is critical for system-level IoV deployments. Methodologies such as 4+1 view decomposition (data, software, networking, hardware, scenario) combined with parameterized Common Vulnerability Scoring System (CVSS) scoring per domain enable mapping attack steps to risk levels (Lauinger et al., 2021). Markov chain-based attack path analysis produces system compromise probabilities:

Attack Likelihood Mapping: For each step, CVSS-based domain scores are normalized and combined with defense success rates to build transition matrices.
Case Studies: Remote attacks across redundant location stacks present compromise probabilities around 20–30%. Close-proximity or insider-origin attacks yield higher risks (above 30–50%).
Practitioner Insights: Such frameworks enable architectural investment decisions (e.g., whether to prioritize hardening ECUs, improving RSU protections, or anti-spoofing) and provide repeatable verification with evolving threat landscapes (Lauinger et al., 2021).

7. Challenges, Open Issues, and Research Directions

Despite substantial advances in architectural design, AI integration, and blockchain-based trust, IoV faces unresolved challenges (Singh et al., 2021, Sharma et al., 2022, Ye et al., 3 Mar 2025, Manias et al., 2021):

Latency vs. Security Trade-Off: High-assurance consensus schemes may violate ultra-low-latency needs; adaptive hybrid architectures are required.
Privacy vs. Transparency: Blockchain immutability and on-chain ML scoring can threaten pseudonymity; advanced cryptographic schemes (e.g., group signatures, zero-knowledge proofs) and privacy-preserving ML are active research areas.
Heterogeneity and Standardization: Coexistence of multiple RATs, protocol stacks, PKI regimes, and privacy policies necessitates unified semantic ontologies, interoperable APIs, and evolved standardization alliances.
Real-time Resource Constraints: Edge devices face limits in computation, memory, and power; aggressive feature selection (e.g., Boruta for IDS), federated/online learning, and device–edge collaborative inference are essential (Uddin et al., 22 May 2025).
Semantic Knowledge Base and Cross-Domain Coordination: Maintaining dynamic, shared semantic representations across disparate fleets and global infrastructures, and distributing/validating ML models and knowledge updates at scale, remain open problems.
Open Research Problems: Lightweight blockchain consensus, quantum-resilient cryptography, hierarchical federated learning with blockchain, and robust semantic extraction under adversarial channel/noise and attack conditions are central to the future IoV research agenda.

In sum, the Internet of Vehicles is advancing toward a resilient, intelligent, and distributed system fusing AI/ML, semantic communications, blockchain, and federated architectures. Research continues apace across system design, security quantification, trustworthy data/identity management, and real-time task-oriented optimization (Singh et al., 2021, Manias et al., 2021, Sharma et al., 2022, Ye et al., 3 Mar 2025, Uddin et al., 22 May 2025, Lauinger et al., 2021).