As far as the consumer is concerned, connected vehicles will significantly alter the driving experience. The blending of vehicle-to-vehicle (V2V) communications, cloud connectivity and consumer electronics technology will make driving safer, but behind the scenes, increased connectivity must be matched with increased data security. This is a significant challenge for the industry’s engineering and business practices.
Megatrends spoke to Shawn Slusser, Vice President, Automotive Business at Infineon Technologies Americas, about the challenge of ensuring safety and security, and how the rapidly developing connected car requires the industry to incorporate design for security into vehicle development.
The connected car will enable many features, such as apps, content from the cloud, and the ability to update the software in the car. Autonomous driving features will utilise the ability to communicate with other vehicles and even roadside objects for safety. All of this connectivity introduces security risks, said Slusser. He also highlighted that Infineon, which supplies semiconductors for automotive electronics systems, has parallel expertise in the global market for smart card technology, the chips that provide security for payment cards, passports and other electronic ID, and other applications requiring protection of critical data. This perspective underlies advice on how the industry can protect against security threats as levels of connectivity increase.
Battling the “Dark Side”
Widespread connectivity to the Internet changed the computer industry in many ways, not least of which was individual and organisational exposure to security risks. Now the car is increasingly incorporating Internet capability, making it more vulnerable to outside threats. “New functionalities often harbour new risks, so what we can learn from the past, and from other industries, can undoubtedly apply to the car industry,” said Slusser.
He noted the importance of distinguishing between two types of risk in the connected car. Safety risk refers to the danger of unintentional errors occurring in electronic systems. The industry is tackling this challenge through the well-developed concept of functional safety embodied in ISO 26262. Security, meanwhile, involves protecting against intentional attacks on systems and software. “These include tampering, theft, or data privacy, and are risky to the connected car.”
Slusser describes intentional attacks as “Dark Side” scenarios, referring to the Star Wars films. “We have a job to fight against the Dark Side,” he said. “These risks should be a wake-up call to the industry that we need to address automotive security immediately.”
While this may sound like Hollywood, university research teams (www.autosecure.org) have already documented successful attacks on car systems. In another incident reported earlier this year, two Spanish researchers described a device made for under US$20 that, after being wired in to the CAN bus of a car, would give an attacker the ability to remotely manipulate vital vehicle systems.
Slusser noted that all automotive stakeholders need to be involved in developing the security systems that protect against intentional attacks. He said, “To solve these problems takes more than just OEMs and Tier 1s; it’s really a whole ecosystem problem. This will involve everyone from suppliers like us to our customers, to the OEMs, to insurers and regulatory bodies. All of the different stakeholders will have a role to play.”
What’s next?
So what does this mean for the car industry? “It means there are some new requirements,” said Slusser. “In order for the benefits of connectivity to be enabled in the car, the industry has to incorporate security into the design process at the start of vehicle development.”
Slusser described five major elements in electronic system security: secure memory to store password and certification information; cryptography capability; authentication to verify identity; an assured “root of trust;” and revocation capability that allows access to be denied. “These security elements will need to be included in future vehicle electrical architectures,” explained Slusser. “Specialised security hardware and software will be necessary.”
Infineon’s expertise with the security technologies to protect digital information in the car comes from the company’s long participation in the smart card industry. “Smart card chips, which are really specialised microcontrollers dedicated to security functions, have been around since the 1980s and have been become very sophisticated and well-hardened against attacks,” explained Slusser. The next stage, he said, is to enable this type of security technology in automotive systems. “We have the essential elements of security technology figured out. As an industry, we now need to adapt this technology to the car.”
This means that companies working on security, such as Infineon, need to figure out the level of security technology required for different automotive systems, and thus which ECUs in the car require targeted security features. “First you figure out what applications need security and to what level,” said Slusser. “Then the specialised hardware and software to address those needs can be implemented.”
An important part of meeting security requirements is that developments must occur beyond the car. “You have to enable these security devices in the car and also in the ecosystem of automotive design,” he said. “Security practices have to become a part of the development cycle and ultimately embedded into the IT infrastructure of the industry in order to protect the secret keys associated with the hardware Root of Trust.”
OEMs therefore have to adopt a new development process to enable the components in their cars to be secure. Slusser said, “The typical automotive development programme today doesn’t consider electronics security, but it is has to be heavily considered in the near future.”
Lagging behind
To achieve security in the connected car, Slusser sees a need for new roles and new expertise. Returning to the Star Wars theme, he suggested the industry could use, “someone like Yoda to fight the Dark Side.” He continued, “We need ‘Jedi Master’ security architects and engineers with security expertise. To create a ‘trusted environment’, changes in manufacturing need to happen to secure connected devices.”
While the promise of the connected car marks a major change in personal transportation, its success relies in large part on how well the industry protects against the risks of the ‘Dark Side’ concluded Slusser. Today the automotive industry has considerable work to do to develop the necessary expertise for implementing security technology. To catch up, it must develop a robust security ecosystem that can adapt and build on smart card technology to make security an integral part of future vehicle architectures.
