Third Party Assessment Closes Automotive Cybersecurity Gaps
Updated: Sep 5, 2022
Steady progress has been made in the quest to deliver autonomous vehicles. Increasingly, operating a car safely involves advanced driver assistance systems and other automated features which rely on connected smart sensors more than having drivers maneuver them with their hands. New vehicles rely heavily on software technology, so many building blocks are now being created. The foundation is rapidly taking shape, but one area where clarification is needed is systems security.
For decades, the idea of connected cars has been a common science fiction and Hollywood theme. Initially, the industry emphasized semiconductor development in its journey to deliver such solutions. They will continue to play an important role in vehicle electronics, but recently, the emphasis shifted to creating a cohesive software architecture, one that guides vehicles through the complex calculations needed to perform tasks, like making a left turn.
The required work is creating a new hierarchical architecture. On the lower layer, electronic control units (ECUs), circuitry, and cables perform processes, such as managing the vehicle’s powertrain.
One rung up are zones. Here, a number of domain functions are consolidated, typically based on their locations inside the car. The zone architecture gives auto OEMs and systems manufacturers needed design flexibility. It eases software and firmware maintenance by supporting over-the air updates. They also reap cloud’s always-on benefits and enable the real time communications demanded with these systems. In addition, zone modules optimize power distribution topologies and power down unused modules, which is especially needed in electric and hybrid vehicles.
Paying the Price
But the benefits come at a price. As technology advances, the complexity of the modern automobile grows exponentially. By 2025, 206 million vehicles will have embedded connectivity, and 30 million will utilize 5G connectivity.
Traditional vehicle network designs cannot handle today’s requirements. Increased data rates and redundancy are required for autonomous driving, auto safety, and system security. In response, semiconductor high-side switches replace simple relays, and input/output control lines are being displaced by Controller Area Network (CAN) and Local Interconnect Network (LIN) transceivers. Therefore, the number and complexity of the internal network connections increase dramatically. The need for higher speed, interindustry standard protocols is growing, resulting in the emergence of new automotive Ethernet networks.
Cars are Under Attack
Another change is cars are becoming software driven. Currently, hundreds of millions of lines of code – soon to grow to be billions – control vehicles. As the components connect with each other and the Internet, vulnerabilities arise.
The reality is once cars use the Internet, they potentially become susceptible to common Ethernet attack methods and tools. Already, it has been demonstrated that outsiders can open doors, turn the steering wheel, disable the brakes, and shut down the engine.
When security is compromised in a car network, no communication can be trusted, and the new design collapses. The zone architecture requires secure communication paths. Security standards, such as ISO/ SAE 21434, are taking shape to address the problem, but they raise as many questions as answers.
To make vehicles safe, security must be incorporated from the start of the design process -- and not cobbled on later. Auto OEMs must add security to a new and diverse array of data without sacrificing communication efficiency.
Also, the classic approach of securing IP packets with IPsec is suited for control and sensor data in low bandwidth networks. But streaming audio data, vision, or radar sensor data requires a continuous stream of IP packets, secured at least through authentication. Adding such features results in adding significant overhead and consuming vital processor resources.
Overcoming the bottleneck demands new lower-level encryption and authentication. An example is MACsec, which can be applied to Level 1 or Level 2 of the Ethernet protocol. Security can be integrated either into the Ethernet media access control IP or the Ethernet PHY for line-rate authentication, payload encryption, or both.
The end result is auto OEMs now grapple with balancing various design trade-offs.
Standards Help but Are Not a Cure-All
Furthermore, the ISO standard is a good starting point but does not address all security and interoperability issues. The United Nations Economic Commission for Europe released new regulations that specify how to manage vehicle cybersecurity risks, and how to detect and respond to security incidents across a fleet of cars.
The various specifications typically operate at a high level and provide guidelines that systems should meet, such as ensuring that any outside connection is authenticated. However, they do not delve into how such systems are designed. As noted, suppliers work with increasingly complex systems and integrate and secure them in unique ways. Sometimes, linking the different pieces creates new, unforeseen openings.
Therefore, auto OEMS and systems integrators need to approach cybersecurity holistically. A security mindset and culture must be engrained in the product development life cycle. Designers have to focus on security, implementing protections against known threats for each component, subsystem, and networks that the connected vehicle will be exposed to once it leaves the car maker's production line.
To create safe networks, internal communications and communications with external entities should be encrypted. Car makers also have to design monitoring systems able to detect suspicious activities that could be potentially associated with attack patterns. The solution requires rigorous testing to ensure full safety and security compliance without sacrificing performance or systems integrity.
Finally to protect sensitive information. the growing variety of standards, designs, chipsets, software, and modules need to be synchronized and implemented consistently.
Close the Skills Gap
The problem is that most auto OEMs lack the experience and expertise to perform such analyses. Typically, the project team consists of experts in auto system design and not security and IoT.
Third party experts, such as Strategic Alliance Consulting, are emerging to fill the void. They have interdisciplinary teams who understand auto design, auto safety and cybersecurity. They examine the system from top to bottom and identify any security holes as well as provide guidance in how to close them.
The next generation of autonomous vehicles is quickly taking shape. Building blocks are being developed at a rapid pace. They help control vehicles but do so in a way that leaves them open to intrusion. As they create these solutions, auto OEMs need to work with third party cybersecurity specialists and ensure that their cars not only operate as advertised and safely but also securely.