As the connectivity of vehicles and the amount of online data connections between cars and an IT backend increases, the number of attack vectors and vulnerabilities to cyber attacks also is rising, explained Werner Köstler, responsible for interior development strategies at Continental. Whereas in the past – in the case of the non-connected car – physical access or at least a spatial proximity of a few meters was required to manipulate a vehicle’s electronics, in the case of the connected car anyone who has found a weak point can access the car and disrupt its functions – with potentially devastating consequences for its safety. And there are many entry roads for possible cyber attacks – they range from the numerous telematics functions to automated communication with other vehicles and the infrastructure (V2X) to the WiFi hotspots with which more and more vehicles are equipped. Plus, while in a conventional car a hacker could only attack a single vehicle at a time, in a multiple-networked car it is possible to copy and paste an attack option once found and spread it to many vehicles simultaneously, possibly to an entire fleet.
Continental, its software subsidiary Elektrobit (EB) and Israeli cyber security expert Argus, which was acquired some time ago, are working together to develop a comprehensive range of vehicle security products to prevent such dark scenarios from happening. This comprises several components. It starts with consulting OEMs and tier ones on the development of a secure electronics architecture for their vehicles. The second pillar of this strategy is the development of hardware and software components for vehicles by EB. Examples are the Autosar basic software or specific solutions such as secure bootloaders for vehicle-internal ECUs. These components also include authenticated identification, secure updates via the air interface and corresponding real-time diagnostics for the car.
Argus is to establish an additional security screen with services ranging from online monitoring to a security center. This security center is operated by Argus (possibly at the respective OEM’s location), develops individual countermeasures after a detected cyber attack in the shortest possible time and, where necessary, installs appropriate patches in the vehicles via its OTA update service EB cadian Snyc.
With its Security Operations Center for vehicles “Argus Lifespan Protection” (LP), Argus enables vehicle manufacturers to continuously monitor the cyber health of their fleets and analyze fleet-spanning information in order to gain real-time insights into the type of attacks that have occurred, to detect emerging threats and to respond quickly to them by immunizing the fleet.
At the hardware level, Continental is currently developing various security units. One example is a gateway that functions as a router within the vehicle network in classic distributed vehicle architectures as well as in the domain architectures currently under development. It contains Argus security functions and takes over the functions of basic vehicle diagnostics as well as the management of OTA updates. According to Continental Security expert Karsten Mattmüller, the gateway thus assumes the role of a security master. Continental also has developed an in-vehicle server for future server-based architectures. This high-performance computer acts as a network manager and central communication interface in vehicles with server-based architecture.
EB cadian Sync paves the way for offerings such as Software-as-a-Product (SaaP) or Software-as-a-Service (SaaS), which will increasingly come onto the market in the future as OEMs change from vehicle manufacturers to mobility providers. With these new business models, car manufacturers can offer “upgradeable” cars, as long as they are also equipped with the necessary hardware to be able to offer new exclusive features even after the vehicle has been sold. For example, vehicle users can activate Adaptive Cruise Control during an excursion to make driving more comfortable. In addition, car manufacturers can create more consistent and modern brand experiences by regularly updating their infotainment systems.
Such a security service would of course have to accompany the cars throughout their entire product life cycle. For the time being, it is unclear who will pay for it. “Security is not sexy,” says Köstler. That’s why customers aren’t overly willing to spend money on it. But, says his colleague Mattmüller, “We are observing that a change is taking place that is emanating from the fleet operators. Demand must definitely come from the customer.”