Car security at IAA: No need to reinvent the wheel
“All hacks that recently went through the press were performed on telematics system that were not state of the art in terms of intrusion protection”, said Lars Reger, CTO of chipmaker NXP. He added that all the technology necessary to make a car secure is available in the commercial IT. “Carmakers do not need to reinvent the wheel”, he said. Besides using data encryption and authentication within the in-car networks, he recommended to establish a central gateway in the cars, located like border control station between the infotainment domain and the rest of the vehicle with all of its safety-critical functional units. “Such a gateway should subdivide the vehicle according to security classes. With reference to NXP’s existing product range in the security market he also said that after the planned merger with Freescale the latter would play “an absolutely important role” for the company’s related offerings.
Telecommunications provider Alcatel-Lucent participated at the IAA for the first time, a move that highlights the significance of secure data links for the connected car. “The recent hacking successes show that in automotive environments there is a lack of security-related base technologies”, said Jochen Apel, CTO of Alcatel Lucent in Central Europe. ”To make the connected car a success at the markets, secure data links between vehicle and backend servers are indispensible”. Apel pointed out that today’s cars typically are connected to the external world (including cloud and internet-based services) through a smartphone. The OEM however has no means to control this link and make it any more secure. For this reason, the OEMs keep to run the interconnection under their own control.
Like Reger, Apel said that the technology necessary to lock aout any unauthorised trespasser is available; in the commercial IT it is already well established. “The best practices in common use across the industry hitherto have not been applied to the car”, Apel said. “This includes automated software updates.”
In a car, every interface to the outside world is a potential entry point for hackers, he explained. For the sake of security, carmakers should scrutinise the respective potential of sa security threat for each interface. “Of all RF interfaces, Bluetooth is the least secure”, Apel judged. The reason: The authorisation mechanism is rather simple and does not support complex passwords. Nevertheless, Bluetooth is widely used to connect the user’s smartphone to the infotainment system. As an approach that tackles the security problem at its roots, Apel suggested to equip all cars with a dedicated connectivity interface. “The connection to the outside world should not be routed through the smartphone but instead through a dedicated car-integrated data link”, Apel said. This approach would give the OEMs the control over their entire services and data streams.
As a further measure to detect unauthorised access and intrusion attempts, Apel suggested to apply deep packet inspection. This would enable the OEMs and their data experts to detect unusual access patterns and thus prevent many malicious activities against the car. “This is not about controlling contents, for instance in social networks”, Apel said. “It is about detecting unusual data connections. For instance, if the sun roof controller tries to access the software for the brake system, all alarm bells should go off”.
Infotainment supplier Harman counters the problem at the product level. At the IAA, the company introduced a new layered security architecture for the connected car. The scalable framework bears the name 5+1 because the approach tackles the topic on five layers plus in one additional aspect, ensuring security in the data communication inside the vehicle as well as between the vehicle and the exterior world. “Connectivity, system security and occupant safety are going hand in hand”, explained Alon Atsmon, Harman Vice President for Technology Strategy. “Therefore, it is important to keep a vehicle’s electronic systems as secure as possible. Our multi-pronged approach and security model does take this aspect into account – and it is turning the OEM’s existing approach for the connected car upside down.”
At its lowest layer, the hardware, the system contains a trusted platform module, offering secure storage for digital certificates, encryption keys, user identification keys and passwords as well as other sensitive data. Layer two is represented by a hypervisor that enables designers to separate applications from each other and create multiple virtual application environments. The next layer upwards provides access control mechanisms for the operating systems and offers protected memory segments. Thus, it is no longer possible that a corrupted or malicious application reads from or writes to the memory used by other, potentially safety-critical applications. One layer higher, the system provides sand boxes in which applications can run; making sure they do not perform any unauthorised access to resources such as brakes or steering. While this may seem redundant at the first sight, given the fact that there is already a hypervisor that separates the application environments from each other, it very difficult to create really bulletproof systems and therefore multiple overlapping security mechanisms do further increase the overall security level of a system, Atsmon said. The top level of the platform is dedicated to the network interconnect mechanisms: It provides authentication, encryption and firewall functionality at the network level. The “plus one” feature refers to software over-the-air (OTA) updates. It provides the functionality required to perform automated software updates over mobile networks – something that in the PC and smartphone worlds is a matter or course, as Atsmon noted.
For OTA services, Harman is using the technology acquired through the takeover of Red Bend Software earlier this year.
Related articles:
Hackers take over a moving vehicle remotely
Intel launches car security expert group
Harman continues shopping spree with two software takeovers
Encrypted Signal Transmission with AUTOSAR in a CAN-FD Network
Fraunhofer rolls security platform for cars
If you enjoyed this article, you will like the following ones: don't miss them by subscribing to :
