The car network information security key is mainly security authentication (protecting the authentication certificate certificate, ID certificate, secret key, etc.) and communication encryption (how to protect the communication data in the communication and storage process security). The car must first have identity authentication, and the subsequent communication information should be protected after authentication.
At the "4th Annual China Automotive Cyber Security Summit" hosted by GRCC, Mr. Li Feng, the director of Gemalto's automotive industry solutions business, explained the trusted key management for us - the security of intelligent networked vehicles with intelligent network With the technical development of the vehicle, the vehicle network architecture tends to be complex, and the secure communication of the vehicle network becomes the main basis for ensuring the vehicle information security. However, how to safely initialize ECUs from different suppliers and manage them effectively in the whole vehicle life cycle has become an important challenge for car manufacturers. It is an effective solution to help OEMs effectively solve this problem.
First, Mr. Li explained to us three aspects and four principles of vehicle and infrastructure security. Aspect 1: Car safety, the car is an asset, first of all to prevent it from being illegally invaded. Aspect 2: Privacy protection, people and cars will have some information, how to protect this information. Aspect 3: Information security.
Principle 1: Deploy a trusted identity. The car must have a credible identity. This identity is more than just an ID. We have to follow this logo, we have to have the corresponding key, manage the powerful identity through this diversified key, let us show this to others. I can prove that I have this logo when I identify it. Principle 2: Data authentication before communication, an identity authentication is required before data is exchanged. Principle 3: Signature and encryption of information, encrypt sensitive information, and perform signature verification on shared information. Principle 4: All security is constantly evolving, and we have to prepare for our security anytime, anywhere.
Then Mr. Li explained the case of ECU identity management challenge for us: 1. Each ECU should have its own logo (such as S/N. Key, etc.) 2. The key authenticates and signs the ECU in the car. Message. 3. Automotive OEMs need a secure repository of all ECUs and keys. Challenge: 1. The ECU cannot get to a car before final assembly. 2. The generation of the key can be done by the ECU supplier or centralized. 3. The key is shared between the ECU supplier and the car. 4. Ability to update or maintain the ECU during the life of the vehicle. Then Mr. Li shared the case for us to communicate in the car and connect the car to the outside.
Finally, Mr. Li showed us the solutions and cases of Gemalto's security key management.