Cyber threats against cars are here to stay, experts say: Page 3 of 3

October 02, 2015 //By Christoph Hammerschmidt
Cyber threats against cars are here to stay, experts say
The rise of the connected car definitively catapults our traditional set of wheels into the world of information technology. This arrival confronts carmakers with an unfamiliar challenge: The possibility of getting hacked. At a meeting in Dresden (Germany), experts analysed the threat and potential approaches to harden the vehicles against malicious attacks.
Several presenters unanimously regarded wireless upgrade capability of in-car software (OTA) as indispensable to counter the cyber threats. On top of that, there were suggestions for direct technical measures to solve the problem. Koji Nakao, Research Executive Director of Japan’s Network Security Research Center, suggested a multi-level security architecture that embraces messeg verification, trusted boot of ECUs, authentication of communications in and around the car, message filtering (to prevent DoS attacks) and Fault tolerance. This approach is currently discussed in the relevant working group SG-17 of the ITU-T standards organisation. In addition, Nakao suggested to adopt the lightweight cryptography described in ISO/IEC 29192 in cars: It would suit to apply data encryption on the CAN bus even for time-critical real-time safety applications, he said, and it would not overburden the micro controllers in the ECUs.

In any case, no single measure would be sufficient to attack the entire problem. In demand is a holistic approach, many experts agreed. Plus, the security issue will persist. “You can’t fix it once and for ever”, warned Frederix. “You will always see new challenges”.

Related articles:

IT security becomes essential feature for cars

Car security at IAA: No need to reinvent the wheel

Intel launches car security expert group

Fraunhofer rolls security platform for cars


Vous êtes certain ?

Si vous désactivez les cookies, vous ne pouvez plus naviguer sur le site.

Vous allez être rediriger vers Google.