Hello,Welcome toChina Automotive Cyber Security Summit 2019!

A Multifaceted Approach to Autonomous Vehicle Cyber Security

Release Date:2018-11-21

Mar 11, 2018

With the big leap in technologies such as deep learning and the Internet of Things (IoT), advancements in the field of autonomous vehicles have been groundbreaking in recent years. Many of the big automakers (like Tesla, Ford and General Motors) and technology giants (like Google and Apple) are rushing against time to bring them to the market. But while the internet is full of advantages and benefits for autonomous vehicles, there is no paucity of threats imposed by cybercrime on these technologically advanced machines.

As connected vehicles are something new to the industry, the threat vectors have not yet been fully identified. While researchers are working to identify the problems and possible solutions, it seems that the challenges and solutions in automotive cybersecurity range from physical security to the defense-in-depth approach, to supply chain management.

Even before autonomous vehicles, much of the research into cyber-attacks on automotive vehicles has shown that they are an easy target for hackers if they can obtain physical access to the vehicles. Many researchers have shown, in the past, that hacking via an onboard diagnostic port, Bluetooth and Wi-Fi has been not so unmanageable. And when ridesharing companies like Uber and Didi talk about using these autonomous vehicles as commercial transportation vehicles, auto manufacturers may need to add some extra layer of security to avoid the attacks caused by this physical access to the vehicles by riders, as we may not know the intention of every commuter who takes a ride.

The possible solutions might include tamper-resistant tapes (to be put on open entry points, such as OBD ports), tamper-resistant hardware (to be used for cameras and sensors) and connectivity options for riders to connect their devices to the cars' IVI systems via Bluetooth or Wi-Fi. As part of one extra layer of security, manufactures should enforce only signed code to be run on vehicles' networks and electronic control units (ECUs). While the tamper-resistant tapes may only help to identify who has tried to intrude in the system, the signed code may help in preventing malicious code from running on the vehicle network.

We will be required to take the defense-in-depth approach to overcome the issue of automotive cybersecurity. The architecture should be laid down by adding a multilevel defense solution across automotive components. The solution may start at the individual ECU level—for example, a car's steering wheel or brakes—by leveraging technologies like secure boot, verified boot, firewalls, mutual authentication, code-signing and secure upgrade capabilities. Next-level defense solutions can be added by monitoring all traffic at the vehicle network level, using intrusion-detection and anti-virus software that can flag any anomalies compared to standard behavior, and help to notify the owner as well as quarantining the malicious software.

Along with individual ECUs and in-vehicle network, it becomes momentous for us to protect the component which connects the vehicle to the internet—which, in most cases, is either an infotainment device running a rich OS (such as Android or Linux) or a gateway device running a less-rich OS. But because these operating systems were not initially designed for automobiles, it may be a good idea for auto manufacturers to take this critical piece through some security certification before using the technology in vehicles. The component should have very well guarded and limited access to the vehicle network.

Lastly, as part of our defense-in-depth solution, we should be able to utilize cloud services to keep monitoring the health and notifications from the vehicle to capture and analyze anomalies and provide a quick software update in a quick and timely manner.

Another risk that the automotive industry faces is the diversity of ECUs used in vehicles. All vehicles today use hundreds of ECUs from different vendors. With autonomous vehicles coming into picture, it becomes very important for auto manufacturers to ensure quality checks of these individual ECUs—though I feel adoption of AUTOSAR by various ECUs may help a little in solving these, by standardizing the ECUs' framework. As most of these ECUs might be connected to the same in-vehicle network which controls the most critical operations, like brakes and accelerators, some ECUs may be considered less critical compared to these, such as co-driver window operation. Any bug in any of these ECUs may give hackers access to the complete in-vehicle network and eventually jeopardize vehicle safety.

Autonomous connected vehicles are far more complex and may have a much larger attack surface for hackers to gain access to, due to their unmonitored physical access to the vehicle over a long period of time. Protecting these vehicles will require multifaceted efforts from ECU vendors, supply chain management teams, car manufacturers and security researchers. But keeping the great advancement in technologies like deep learning in mind, in recent years, we can very well hope that we will be able to automate cybersecurity for these connected automobiles in the same way as we are able to automate the driving itself.

Manish is the director of engineering and head of security vertical at Mobiliya. With more than 15 years of experience in telecommunication and mobility industry, he has diverse leadership, technology and product-management expertise, focused on creating fantastic products through the combination of technology, understanding the needs of real people, and business. Manish has led and architected various large-scale security products and platforms, including Motorola Proprietary P2K, Linux, WebOS and Android for Performance and Security. In the past, he has worked with Motorola and Google, where he led teams for platform services, mobile cloud, rich media applications and Android upgrades. He holds an executive business management degree from IIM-Calcutta and a Bachelor of Technology degree in electrical engineering from the Indian Institute of Technology, Roorkee, in India.