Can we trust our cars?: Page 4 of 7

January 23, 2019 //By Balázs Simacsek, NXP Semiconductors
Can we trust our cars?
When we talk about automotive security, most people think about protecting cars from thieves. But with the emergence of automated driving, fast expanding connectivity options and ever-increasing complexity, vehicles are vulnerable to new kinds of cyberattacks. In this new environment vehicles need more protection than ever before.

Government initiatives play an important role in assuring the safety of autonomous vehicles, for example, US DoT, Automated Vehicles 3.0 that focuses on a wide range of automated vehicles from SAE automation level 1 (driver assistance) to level 5 (full automation).

Figure 3: Levels of Automation

Standards are currently being developed. SAE J3061 (Cybersecurity Guidebook for Cyber-Physical Vehicle Systems), published in 2016 describes a process framework that can be used to build cybersecurity into vehicle systems. SAE’s Vehicle Electrical System Security Committee is working on SAE J3101 (Requirements for Hardware-Protected Security for Ground Vehicle Applications) to define a common set of requirements. The emerging standard ISO/SAE 21434 (Road Vehicles – Cybersecurity Engineering) defines a framework to ensure a consistent, well defined and robust approach to foster a cybersecurity culture, to manage cybersecurity risks across the complete vehicle lifecycle, to allow adaptation to a continually changing threat landscape and to institute a cybersecurity management system. It will thus address security in product engineering, similarly to how ISO 26262 addresses functional safety. ISO/SAE 21434 is scheduled for publication in 2020 and it will likely replace SAE J3061.

Alliances are formed among vehicle manufacturers and suppliers, providing platforms for developments that require industry-wide co-operation. From the many important forums I’d like to highlight Auto-ISAC, which is one of the important global cybersecurity-focused communities (sharing intelligence and providing best practice guides) and C2C-CC (Car 2 Car Communication Consortium) that focuses on the deployment of Cooperative Intelligent Transport Systems and Services (C-ITS).

Key principles to implement reliable and future-proof automotive security solutions

The industry addresses these security challenges by applying state-of-the-art security principles to automotive design.

Car makers must design and develop end-to-end solutions focusing on the complete system, including also how the cars interact with their environment and other vehicles. A proper security-by-design approach ensures that security is not an afterthought but is designed into every component from day one. The OEM-defined system security concept integrates elements from multiple suppliers, so efficiently driving this system security concept through a complex supply chain is an important element of success.

Design category: 

Vous êtes certain ?

Si vous désactivez les cookies, vous ne pouvez plus naviguer sur le site.

Vous allez être rediriger vers Google.