Multi-Domain Security for 6G ISAC: Challenges and Opportunities in Transportation

TL;DR

The paper addresses security for 6G ISAC in transportation, where joint sensing and communication create new vulnerabilities across cyber-physical, physical-layer, and protocol domains. It proposes a unified multi-domain defense framework built on Authentication Fusion, Cross-Layer Key Generation, Cross-Layer Anomaly Detection, and Dynamic Security Adaptation to coordinate defenses across domains and layers. Through characterization of ISAC-induced risks and enhancements, and with case studies illustrating practical cross-domain techniques (e.g., the complexity metric $\rho(\gamma)$ and channel-based key generation with $3$-bit to $6$-bit keys), the work demonstrates feasible, low-latency security mechanisms for ITS. It also outlines open challenges in distributed/near-field ISAC, AI-driven security, and post-quantum non-repudiation, signaling a need for co-design approaches that balance security with real-time vehicular performance.

Abstract

Integrated sensing and communication (ISAC) will be central to 6G-enabled transportation, providing both seamless connectivity and high-precision sensing. However, this tight integration exposes attack points not encountered in pure sensing and communication systems. In this article, we identify unique ISAC-induced security challenges and opportunities in three interrelated domains: cyber-physical (where manipulation of sensors and actuators can mislead perception and control), physical-layer (where over-the-air signals are vulnerable to spoofing and jamming) and protocol (where complex cryptographic protocols cannot detect lower-layer attacks). Building on these insights, we put forward a multi-domain security vision for 6G transportation and propose an integrated security framework that unifies protection across domains.

Figures (4)

• Figure 1: ISAC-induced vulnerabilities in transportation systems span the cyber-physical, physical-layer and protocol domains. The cyber-physical domain forms the interface between physical environment and digital decision-making, where sensors (such as cameras and radar) observe the physical environment and provide input to autonomous decision systems, while actuators execute these decisions (e.g., steering). The physical-layer governs the generation, propagation and reception of waveforms that simultaneously support communication and environmental sensing. The protocol domain provides cryptographic protocols to ensure authenticity, integrity and confidentiality of user data and sensing information. A security breach in any domain can cascade into system-wide failures, calling for a coordinated multi-domain defense strategy.
• Figure 2: Multi-domain approach that harmonizes defenses across different domains can enhance the security of ISAC systems.
• Figure 3: Authentication fusion case study: Expected complexity ratio $\rho(\gamma)$ for cross-layer authentication under different SNR regimes. The ratio quantifies the average computational load relative to conventional higher-layer authentication (HLA) only. Results are shown as a function of the physical-layer authentication (PLA) threshold $\gamma$, using a 16-element uniform linear array (ULA), 32-beam analog codebook over a $[-50^\circ,50^\circ]$ sector and Alice located at $10^\circ$. Eve’s angle-of-arrival (AoA) is uniformly distributed over $[-60^\circ,60^\circ]$. The traffic mix consists of 50% legitimate requests and 50% illegitimate ones and the relative cost of PLA is set to 0.1% of the HLA cost, reflecting its lightweight nature compared to cryptographic procedures. At high SNR, PLA reliably authenticates legitimate requests, leading to a convergence to the HLA-only baseline. At low SNR, the noisier AoA estimates cause more legitimate users to be rejected by PLA, reducing the expected complexity further but at the expense of authentication reliability.
• Figure 4: Cross-layer key generation case study: Agreement probability versus SNR for Alice-Bob and Eve-Bob under narrowband multipath. Alice and Eve are single-antenna users, while Bob employs a 16-element ULA with a 32-beam DFT codebook. A 3-bit parity reconciliation is applied before Toeplitz hashing, with the helper leakage accounted in the hashing margin. Curves are shown for final key sizes of 3 and 6 bits, illustrating how increasing the target length shifts the SNR threshold upward while keeping Eve's success probability low.