Intelligent Networked Automotive Information Security Infrastructure
In the traditional car, its attack scene is very limited, the attack type is relatively small, the attack threshold is relatively high, and the intelligent network connection car, through the Internet and other information channels will switch a lot of scenes, hackers can A wide range of illegal attacks on cars can be made anywhere through networking. In 2013, the car mainly engaged in illegal attacks in a contact manner, but after 2015, all the attack directions were converted into non-contact remote control forms for illegal attacks. The range of contact attacks itself is controllable, and basically the individual units are attack points. It is difficult to control and illegally attack the attack objects in one batch at the same time, but the network remote attacks can easily control the vehicle. Illegal attacks on tens of thousands of vehicles at once. At the same time, car data is also facing a series of security challenges such as data leakage, data eavesdropping and data forgery.
Faced with these problems, Mr. Ge Jianqing, Product Director of the Automotive Network Security Center of Shanghai Ingeek Information Security Technology Co., Ltd. proposed an intelligent networked car information security infrastructure platform at the “The 2nd China Automotive Electronics and Electrical Architecture Technology Conference”. The security key protection object proposes a focus on the end-pipe cloud protection classification: node security protection (including ECU, smart sensor, actuator, etc.), vehicle network protection (including CAN, LIN, FlexRay, Ethernet, etc.), security gateway Protection (including OTA, intelligent gateway, T-BOX, TCU, etc.), interface security protection (including OBD, OBU, Bluetooth, WIFI, GPS, etc.) and cloud platform protection (including TPS, mobile terminal, RSU, information cloud platform, etc.) .
First of all, in the intelligent network security protection: reinforcement of four key points: information transmission threat, server threat, vehicle threat and external threat: in information transmission: identity authentication to prevent impersonation, through transmission data encryption Prevents eavesdropping, prevents replay through non-reusability, and prevents tampering through data integrity. Prevent server-side threats on the server side through virus protection, access control, sensitive data protection, data integrity protection, and data disaster tolerance. Car-side threats are addressed at the car end through malicious code injection, sensitive content and file encryption, firmware release source trusted authentication, and firmware data integrity and tamper resistance. External threats are prevented externally through access channel security, third-party application service access, and third-party application data downloading.
Afterwards, Mr. Ge introduced us to the intelligent networked vehicle basic security service platform. By connecting security experts and automobile manufacturers, and under the guidance of the competent government departments, the number of security experts, security vendors and automobile manufacturers is combined to provide cyberspace for the automotive industry. Security is guaranteed. Every driver's travel is protected through Internet service websites, mobile application security, vehicle-end security and vehicle manufacturing system security. And through the IT operation and maintenance data unified, quickly find faults, one-click root location three ways to quickly solve the problem. The specific steps are as follows: First, the IT operation and maintenance data is unified, and the big data technology is used to realize unified storage of various IT data and log data roles and user rights, and unified retrieval to prevent the operation risk of directly logging into the system. Then, using data aggregation, using anomaly detection model, behavioral model matching and other algorithms to calculate the quantitative indicators and baseline values of each dimension in real time, to achieve rapid detection and alarm of IT faults. Finally, through the attribution algorithm model, the correlation analysis between various indicator data and dynamic threshold is carried out, and the cause of the problem is found, and the one-click root source location is realized.
Finally, Mr. Ge showed the guests the case sharing of the platform's intelligent networked car trusted identity authentication and intelligent networked car OTA security upgrade.