Gemalto, Faraday Future Partner on Connected Car Security

Digital security specialist Gemalto will provide data protection and encryption technology for smart electric car startup Faraday Future, helping to secure the software powering the car.

Gemalto’s Federal Information Processing Standard (FIPS)-certified SafeNet hardware security modules (HSMs) will be installed with Faraday Future’s internal server and are designed to process, store and manage cryptographic keys inside a hardened, tamper-resistant device.

Every step of data flow is protected, including in-car services such as over-the-air software updates and the flow of data from the car, securing the data from cyber attacks.

In addition, Gemalto is working with Faraday Future to design, configure and deploy a private Microsoft Certificate Authority that will integrate into their existing architecture.

“Consumers should be aware of the security protecting their connected car because it is their data and their vehicle at risk,” Kate Migon, head of automotive Americas for Gemalto, told The Connected Car. “Without adequate security technologies in place, hackers could do anything, from stealing location data to remotely locking consumers out of their car until a ransom is paid.”

Migon added the right security technologies can also help consumers ensure that software updates their car receives come straight from the manufacturer and do not contain malware, which could stop the vehicle from functioning properly.

The two companies are also working together to secure the public key infrastructure (PKI) that will generate digital certificates used to authenticate the communication between the car, the back-end systems and people.

The PKI system can also store these certificates in a central repository, share them with other stakeholders and revoke them if needed.

In the future, the PKI system will prevent hackers from intercepting data passed to other cars or other connected infrastructure.

“As more vehicles become connected, the threat becomes larger,” Migon said. “Now there are just a small number of vehicles on the road that can be accessed, but soon close to all new vehicles will be connected.”

She explained services, payments and interconnectivity will exponentially increase the amount of data generated, stored and transmitted by cars.

“This makes cars a much more lucrative target for hackers, and I think we’re likely to see more attacks targeting vehicles or their networks,” Migon said.

Autonomous vehicles will be part of a much larger network that will rely solely on software to operate, and that opens a great risk if security is not properly implemented from the ground up, Migon added. This includes vehicle design and manufacturing, as well as in the design stages of related systems.

“Security is only as strong as the system’s weakest link,” she said. “The industry needs to work together to ensure that all vehicles and infrastructure connecting to an autonomous network maintain a level of security that can protect the overall ecosystem, which can be continually updated to stay a step ahead of cybercriminals.”

The good news,¸ Migon said, is that when properly implemented, the time, money and resources needed to break into such a secured system are huge, discouraging most hackers from attempting to break them.

Nathan Eddy is a filmmaker and freelance journalist based in Berlin. Follow him on Twitter @dropdeaded209_LR.

Leave a comment

Your email address will not be published. Required fields are marked *