Why is the TEE on the mobile phone can be applied to the car? The first car is a big mobile phone. The second mobile phone and the car itself are interconnected. With the development of technology, the interaction between mobile phones and cars will increase in the future. While using TEE to improve the security of mobile phones, it also improves the security of mobile phones and vehicles.
Nowadays, the in-vehicle network is mainly composed of users, mobile devices, cloud servers and roadside units. In this complex environment, the attack surface of the car is very large. The most typical car attack method is: first establish There are two ways to interact with the car, one is physical contact with the car; the other is to break the car interaction node (such as TSP, mobile APP, etc.) through the wireless network; then break through the entrance system node through software vulnerability, and finally Use the controlled system nodes to penetrate into other key nodes through CAN to obtain higher privileges. This requires us to ensure the security of each network node system of the car from the architectural design, including the car, T-BOX, intelligent gateway and so on. Need multiple layers of security protection:
Mr. Xia Yubin, Co-founder and Chief Scientist of TrustKernel and Associate Professor of Shanghai Jiaotong University, gave a detailed explanation of the TEE-based car network security architecture in 2019 “ The Fourth Annual China Automotive Cyber Security Summit”.
Security of the first operating system: TEE can make the operating system more secure in operating system security: The first TEE utilizes ARM TrustZone/Hypervisor technology to provide an operating environment that is completely isolated from open systems such as Android, protecting critical services and Data, even if Android is ROOT, the attacker can't read or tamper with TEE. The second TEE supports device security startup, security upgrade protection, sensitive information protection, security management, etc., real-time protection for key services. The third TEE does not require additional hardware support, its switching is controlled by software, and the isolation of TEE and Android is guaranteed by the chip. Compared with other devices, TEE has higher security, lower cost, better performance and lower power consumption. Using the operating system kernel vulnerabilities to implement attacks is the most important method for advanced attack of devices. If the operating system kernel is attacked, the overall security of the device will be seriously weakened. Since the Linux kernel code exceeds 10 million lines, potential vulnerabilities are difficult to estimate. It is difficult to implement the discovery and repair of potential kernel vulnerabilities, so active security defense is required.
Second, in the security protection of active defense systems: TEE uses Hypervisor to protect system kernels and services such as Android/Linux, and isolates and protects key kernel code and data that need to be used in kernel exploits, including data flow protection and control flow protection. Through the kernel state, you can never execute unauthorized code, you can only run the existing kernel legal code; by isolating the kernel state key data, the kernel state key data can only be legally modified by the authorized object, etc., to ensure the existence of the operating system. In the case of a vulnerability, it cannot be exploited. And use AI adaptive security capabilities to provide users with visual threat awareness and prevent auto systems from being ROOT.
Third, in the business security protection, based on the capabilities of the underlying security platform, the security capabilities of different devices are integrated downwards, and unified security protection is provided for massive applications, including APP reinforcement and APP service protection. Fingerprint, iris, face recognition and other authentication methods are used to ensure security, and the entire data stream such as data collection, processing, registration and authentication is protected by TEE to ensure sensitive data security. The two methods of trusted device authentication and certificate management protect the security of the APP running in the trusted environment, ensure the legitimacy of the device, and ensure that a certain piece of data comes from the specified device and application.
The fourth remote security management: first deepen the operating system kernel application, collect key events and correlate the analysis, then visualize the threat presentation, locate a certain terminal, a certain process and path, and finally adopt the security response, customize and implement the security policy, and pass The remote management platform issues the corresponding strategy.
With these security protections, car network can be made more secure.