
Protecting the Connected Vehicle
Today’s vehicles are part of an expanding galaxy of interconnected digital devices. Some of those devices include in-vehicle control units and systems that talk to each other through internal network buses and external applications through the cloud. Some are Internet-connected devices such as tablets and phones brought into the car by drivers and passengers. And some are remote devices used by vehicle owners and their agents to communicate from a distance with the vehicle. In the midst of this collection of devices, communications methods and protocols, there is a single common point: information that needs to be secured, either because it is private or because it can be used to control vehicle functions.
This means that information, and not the vehicle itself, must become the central point of security. Rather than “spinning wheels” trying to protect vehicles from being hacked, engineers and manufacturers must focus their security efforts on a central communications hub that resides in the cloud.
It’s About the Information, Not the Vehicle
From a digital security standpoint, the connected vehicle itself resembles a slice of “Swiss cheese.” Provided with only elementary protection, in-vehicle networks are quite porous in the face of “sniffing” and other types of attacks. Meanwhile, mobile devices and applications that have permission to access a vehicle are not highly secure in and of themselves, and can thus provide pathways into a vehicle for malicious activities. And Bluetooth, for all its usefulness in near-field communication between devices, has also proven vulnerable to unauthorized access. All of this is just within the vehicle. As a vehicle communicates to the Internet, there is an entire new layer of very real concerns including personal information theft, threats to data and message integrity (e.g.: changing the content of messages in order to issue bogus commands, etc.), and denial of service attacks.
Trying to comprehensively secure the connected vehicle by securing each of the interconnected devices, applications and systems in its ecosystem is a futile task. The environment is too complex, permeable and easily broken to allow success. One weak link and the information is compromised.
It is much more promising to secure information and provide comprehensive identity management to and from the vehicle by means of a secure cloud-based interoperability platform. This approach can shut the door to unauthorized intrusion into the vehicle and protect information through a combination of centralized risk-based authentication, rules-based decision-making, and a secure token service.
Security Pivots on Authentication
Authentication is what binds the identity of a person, a device, a vehicle, etc. to a unique digital identity in order to defy impersonation. Risk-based authentication is a dynamic process that authenticates a user’s request to access certain information or have an application perform certain actions based on a variety of criteria. Risk-based authentication can be performed over and over as an individual requests access to resources or conducts transactions that require higher levels of protection.
How is risk determined? Calculations can include a rich mix of factors, including pre-specified trust level, GPS location, timing and velocity of requests, nature of request (“access fuel consumption data,” “unlock vehicle,” “start vehicle,” etc.) and many other variables. Multiplied across many millions of individuals, vehicles and devices, this becomes an immense job. Nevertheless, it can be accomplished relatively easily and economically in a centralized fashion on a cloud platform, which can scale its processing power as necessary.
Rules-Based Decisions in the Cloud
An equally immense task is the management of all the rules that govern these authentications, which need to be defined and then changed or retired as required. This is not something that is desirable to do in the vehicle and on each device. Deploying and managing these rules in a centralized manner on a cloud platform is the optimal approach from the cost, security and time-to-implementation standpoints.
Similarly, security updates need only be made at the cloud platform level, as opposed to applying updates manually in the service departments of thousands of automotive dealerships. Deploy an update once at the platform level and you can be assured that it has been deployed across all vehicles, and deployed properly.
Locking out Intrusions with Secure Tokens
The third key task of the cloud platform is to provide a secure token service. There is a dynamic behind why a secure token service is the best route to comprehensive vehicle security. If you are focusing only on security at the vehicle and device level, you are exposed to all the vulnerabilities discussed above – from minimally protected in-vehicle service buses to permeable security on mobile devices. Likewise, if you rely only on protected networks, either in-vehicle or mobile, then you face the problem that, should the network be compromised, so is vehicle security.
By using secure tokens to secure a vehicle each time access or actions are requested, both the token and the network would have to be compromised before you were in danger.
There are multiple options and standards available for implementing token-based security. What is important is that tokens are self-authenticating and that private key encryption (PKI) is used in their creation. Again, scalability comes into play as connected vehicles, devices and apps proliferate. Centralizing the token service in the cloud accommodates massive scalability in a seamless and economical fashion.
Best Practices Being Used Today
There are some vehicle manufacturers today who are committed to putting information and the consumer at the center of the connected experience. For example, one leading manufacturer has implemented a platform-based system that connects vehicles to a centralized cloud-based hub. Each individual associated with a particular vehicle is assigned a PIN with attendant privileges, and varying levels of control and privacy are provided depending on how an individual is authorized to interact with the vehicle. With this approach, information flows securely (and with the individual’s permission) wherever it needs to flow – to the driver, dealer, devices and applications.
This system is already in its second generation and is designed to “go the distance.” That is, it is able to accommodate new connected vehicle capabilities and information sources/targets as they emerge, and it is scalable to support immense numbers of vehicles and individuals.
Driving Towards Comprehensive Security
Connected vehicle communications are only becoming more diverse. Vehicles are connecting via the cloud to new applications, and vehicle owners and drivers are asking their vehicles to provide more types of information and do more things via their Internet-connected devices and applications. Centralizing security using a cloud-based interoperability platform changes the focus for automotive manufacturers from keeping each vehicle secure, to keeping the cloud platform and its interactions with each vehicle secure. This is a much easier and more economical endeavor, and one with a much higher probability of success.
About the author
Tim Evavold is Solution Delivery Director for Covisint, responsible for boarding, management, and governance of strategic third-party delivery partners for Covisint’s automotive engagement platform. He also serves as the Technical Director for Covisint’s global Connected Car program and solution set.
