With the rise of the connected car, how are engineers addressing consumers’ concern for data security?
Ahmad Nasser, Senior Staff, Electronic Security Engineer, Automotive Unit, Renesas Electronics America
Although several hacks have already been demonstrated on connected vehicles, none of those attacks have resulted in direct financial loss or injury to the consumer. However, given trends in other industries, it is not far-fetched to assume a catastrophic auto-related hack could happen sooner than we think. In the face of this challenge, the automotive engineering community has responded on several different levels.
On one front, engineers are working hard to write automotive standards for security to ensure that future vehicles are protected against the perceived threats for the next 10 to 15 years. Automotive suppliers are also rising to the challenge by instituting engineering processes and tests that address cyber security threats—similar to how safety engineering is conducted to address hazards within vehicle systems.
On yet another front, silicon vendors and chip makers are designing microcontrollers with built-in security features to provide a secure platform for next-generation products. OEMs are also becoming more aware of the need to secure their products systematically with a layered approach rather than only focusing on securing one application like infotainment. The term, “security-in-depth” is becoming more meaningful to OEMs who are working on securing the vehicle, as well as the tools and processes related to it such as Over the Air (OTA) updates.
I would be remiss if I did not also mention the rapidly evolving ecosystem of security service companies that are busy porting their security firmware solutions from the traditional PC environment to embedded systems; these provide the required defenses for building and maintaining more secure software. At all of these levels, there is also a need for security training and raising awareness among automotive engineers who are not familiar with cyber security and consider it to be a foreign topic to their world.
Even though it feels like the automotive engineering community has ramped up its security focus significantly for the last few years, the security domain is still in its infancy. Many tough questions still remain, such as:
- Can we build systems that are resilient to attacks that were not previously considered possible in the vehicle’s lifetime?
- In terms of processes, certification, and testing, how can engineers reconcile the IT security world with automotive systems security world?
- Perhaps, above all, can we find or train the workforce needed to handle this relatively new but increasingly critical area, which is neither a pure IT nor an engineering problem?
These security challenges also present tremendous opportunity. At the individual level, engineers who are eager to grow can take on new and interesting challenges; and at the commercial level, companies can differentiate themselves in a domain that was not previously considered an option but will soon be as valuable as vehicle braking and airbag reliability.
David West, Director of Professional Services, Icon Labs
The Chrysler Jeep hack is a wakeup call for the automotive industry. There is no longer a rationalization for ignoring security in the connected car. Everyone recognizes the future of the connected car and the improved efficiencies, services, and safety it can deliver. However, the connected car’s potential is severely compromised if cybersecurity concerns are not adequately addressed. Other industries (including critical infrastructure, medical, military, and industrial) have largely failed to address cybersecurity, which means the auto industry needs to be smarter.
With automobiles, the potential cost of an attack is much higher. A single death resulting from a cyberattack could cost tens of millions of dollars, particularly if the vehicle is found to have inadequate security. According to the FBI, Cryptowall Ransomware cost PC users $325 million in 2015. How much money could hackers extort by infecting cars with ransomware? What would be the impact of a criminal enterprise using an auto service shop to inject malware into vehicles for later exploitation?
Steps must be taken now. Secure connected vehicles must address security at every system layer including: protecting the programs in the car (secure boot, secure remote updates, anti-tamper); establishing trust for communications, control, and updates (authentication of device and services, setting methods of establishing trust); securing communication with and within the car (secure communication protocols, embedded firewalls); leveraging hardware security modules such as a TMP or TrustZone; and increasing security monitoring and management via integration with vehicle operation centers to report security events and support remote firmware updates and security policy management.
The time to create secure platforms for the future connected car is now. The industry has the choice to act now or face an uncertain future.
Saar Dickman, Vice President of Automotive Cybersecurity, HARMAN
80 percent of consumers expect the car of the future to provide the same connected experience they are used to at home, work, and via their mobile phones. The connected car has become a unified “lifestyle experience” that must be safe and future-proofed. While consumers navigate their way through connected car innovations, automakers and connected hardware and software suppliers must make a more concerted effort to meet top driver concerns with safety, security, and connectivity at the top of the list.
To keep drivers safe from cyber threats, engineers should deploy a multi-layered security approach within the connected vehicle. A multi-layered approach provides a framework for end-to-end protection of the vehicle’s infrastructure and ensures the integrity of the vehicle is not compromised. Implementing this tactic not only keeps drivers safe from malicious cyber breaches, but also enables engineers to provide security software updates in real time, eliminating the stress of having to bring vehicles to dealerships for software maintenance and upgrades. In addition to the embedded security protection, the driver should always have the option to opt in or out of any data collection that takes place in the car. It is critical engineers recognize these security practices or create similar methods of their own that provide a holistic approach to security, while also satisfying the driver’s need to stay connected.