Building automotive security from the inside out

The role of telematics in locking hackers out of vehicles explored by Graham Jarvis.

Many cyber-security techniques focus on securing the perimeter of critical computer systems and on recovering in the event of failure. Yet, there is a role for telematics to play in locking hackers out of connected and autonomous vehicles.

David Leporini, director, IoT security in BDS cyber-security products at Atos says that recent history has proven that connected vehicles are at risk of cyber-attacks: “A number of cars have been subject to public exposure cyber-attacks, resulting in massive car recalls – such as the 1.4 million vehicle recall following the Chrysler Jeep hack.”

Developing guidelines

Modern vehicles are turning into a network of computers through their ECUs but with increased automation comes an increased risk of cyber-attacks. It is, therefore, important for governments and the industry to remain vigilant and to keep updating their guidelines. For example, the US Department of Transportation has releases its own cyber-security guidelines for connected cars, Cybersecurity Best Practises for Modern Vehicles.

John Wall, senior vice-president and head of BlackBerry QNX adds: “I think most experts agree that once the car becomes more connected with more sensors, the threats increase. As machine learning is introduced into the car, there may be changes to the software through it that haven’t been considered. The big threat is the ability to have more access to the vehicle through interconnections and that type of thing. If you look at a car today that is not connected, versus a car that is connected, the threat increases by 100%. As the car has more threat vectors, the ability to hack the car increases. If it is not connected, then there is little threat.”

Seven pillars of cyber-security

Blackberry therefore considers safety and security as being inseparable and rightly so. It has therefore devised seven recommendations for connected and autonomous vehicle cyber-security, and this holistic approach is achieved by looking at the problem as a whole set of issues, challenges and solutions. It doesn’t examine cyber-security as individual components and issues that need to be addressed.

The seven pillars, which BlackBerry says can be used to secure other devices:

  1. Being able to secure the supply chain.Modules have to a route of trust to ensure that, for example, chips aren’t fake.
  2. Make sure the components within the software are trusted, coming from sources that are known and not nefarious.
  3. Configured the vehicle with safety and non-safety functions.So, for example, infotainment should be separated from life-critical systems to avoid a breach of safety systems. BlackBerry also feels that the messaging between modules should be authenticated too, making sure the correct messages are sent to you and are certificated.
  4. Create in-field health checks, where the car is constantly scanned for existing vulnerabilities and anomalies.
  5. Notify drivers that the vehicle has been compromised with a rapid incident response network to advise the driver.A patch could take some time, and so even the driver or the systems need to be notified to allow them to take remedial action.
  6. Take control of software lifecycle management.To update the vehicle from a software and certificate credentials management perspective.
  7. Institute a safety and security culture within the organisation to take these aspects very seriously.Allow the safety and security officer to overrule anybody if a vulnerability or fault is discovered before the vehicle is released onto the market.

Andre Weimerskirch, an expert in automotive and IoT cyber-security and privacy at the Lear Corporation agrees that it’s imperative to create, “…a proper cyber-security engineering process to identify and understand the risks in the first place, and then design appropriate mitigation mechanisms for the identified risks”.

To achieve this, he also thinks it’s important to have a defensive to ensure that not one single component can endanger the security and safety of the vehicle. “It is also crucial to deploy proper technologies to secure the computing platforms and secure network communication, as well as practicing a secure development process that includes proper best practice guidance, reviews, and extensive security testing,” he stresses.

He adds that cyber-security is such an important topic that all stakeholders must be included in its process, and they must be able to share information. “The Auto-ISAC (Information Sharing and Analysis Centre) provides a venue for exchanging information and collaboration,” he explains.  Yet, there is also a need to consider what to do if a cyber-security attacks leads to vehicular failure.

Recovering from failure

“Automotive cyber-security, given the complexity of the overall system, is fundamentally different in nature as it has to grapple with both security and safety requirements in a way that they don’t conflict,” explains Siraj Ahmed Shaikh, professor of systems security, Institute for Future Transport and Cities at Coventry University.

“While automotive engineers are very familiar with functional safety, security is altogether different as an understanding of the external threat landscape becomes very important. Any potential cyber-attack on the vehicle needs to be prevented or controlled to ensure safety. This may involve putting in an additional control feature to handle any potential attacks in a safety-critical manner.” To prevent failure is the best way forward. In comes telematics, which could play a major role in preventing cyber-security disasters from occurring.

The role of telematics

Wall explains that telematics is related to the in-field health monitoring of the vehicle, and he thinks it will play a key cyber-security role. However, it’s worth bearing mind that most cars aren’t connected today. He adds that most carmakers don’t know what’s happening to their cars out there on the market: e.g. how they are being driven, how they are being maintained, etc.

“Non-autonomous cars have safety features such as autonomous emergency braking (AEB) and blind spot detection. That’s the main piece, to be able to have a communication path between the vehicle and health monitoring systems. At this point it’s worth reflecting on traditional IT systems for how they manage remote configuration, patching and updating. All these things are part of a traditional enterprise software lifecycle. Telematics can be used for a similar process or set of features for modern vehicles.”

“While OEMs are already using over-the-air (OTA), the industry needs to explore more sophisticated approaches to this where infrastructure providers, such as the Highways Agency in the UK, and so telecommunication service providers may play a role in enabling automotive security. I have seen little creative input in the use of OTA so far but I am of the belief that this will change.

“We will have to see how the autonomous vehicle and the car industry is going to evolve and progress. Autonomous vehicles, with all their sensor suites, will require much software maintenance and communication. The increasingly reliance on artificial intelligence, machine learning and sensing, will push telematics to grow. This is a development we can’t ignore this, particularly when sensor inputs could be manipulated maliciously; evolving vehicular architectures would need to account for this to ensure sensor manipulation is handled better.”

Leave a comment

Your email address will not be published. Required fields are marked *