Changan Intelligent Connected Automotive Security Practice
With the rapid development of automotive intelligent technology, intelligent networked cars have more and more new technologies such as 3G/4G, Bluetooth, WIFI, V2X, RF, USB, OBD-II, etc. The information security threats faced by intelligent networked cars are increasing.
At the "The 4th Annual China Automotive Cyber Security Summit", Mr. Wang Xiangyang, the head of the vehicle network information security from Changan Automobile, explained in detail the practice and planning of Changan Automobile in the intelligent network connection vehicle safety.
First of all, Mr. Wang explained to Changan's car information security development ideas: mainly from four aspects: security technology, security management, security monitoring, security infrastructure and other aspects to carry out information security protection.
Safety technology: Based on the protection plan of the four-level defense system of the whole vehicle, the threat analysis and risk assessment of the whole life cycle of the vehicle are carried out, and the safety scheme is designed to realize the security protection of networking and intelligent functions. The first level: external interface protection. TSP, APP, TBOX, car machine, etc.; Level 2: In-vehicle security protection. Gateway domain isolation; third level: communication security protection. CAN, CANFD, ETH bus communication security; fourth level: ECU security protection. TBOX, key autopilot ECU, etc.
Safety Management: Conduct safety analysis, safety development, safety testing, and emergency response work to provide full lifecycle security services for connected cars. Security analysis: Establish information security threat analysis process, carry out vehicle and component threat analysis activities; security development: based on the entire life cycle of automotive electronics, establish information security development process, embedded in vehicle development and design; safety test: establish vehicle and zero Component safety testing mechanism; emergency response: vehicle network information security emergency response process development.
Security monitoring: Establish a cloud real-time monitoring and defense system, establish the discovery, analysis and traceability of unknown threats, perform full-scale restoration, storage and in-depth analysis of local traffic, and quickly discover advanced threats from multiple dimensions of traffic, files and terminal logs. Malicious behavior such as directed attacks, and precise targeting of victim targets and attack sources.
Safety infrastructure: Infrastructure construction such as PKI system provides security services such as security key management, equipment authentication and rights management for vehicle network security. PKI/CA system: certificate security, identity authentication/signature verification security, key security.
Then Mr. Wang showed Changan's current practice and case of car intelligent network security: 1: Based on Changan car network server, APP network topology and application services, the server and APP security risk analysis was carried out and based on this. The networked server and APP information security protection strategy was formulated and applied to the Changan car network service platform. 2: According to the risk analysis and network security level protection requirements, carry out the grading and security construction of the vehicle network server system. Completed the system record and grade evaluation work in the public security department, and obtained the third-level protection record for information system security. 3: Risk analysis was carried out for the information security problems that may exist in Changan vehicle terminal system, and applied to the development of vehicle terminal system security protection strategy. 4: According to the analysis method of HEAVENS and attack tree, complete the threat analysis and risk assessment of the vehicle system function, and clarify the system to protect assets and risk levels, and provide strong theoretical support for system security design. 5: Based on system threat analysis and risk assessment and grading, the multi-level information security protection scheme design of vehicle terminal system hardware security, kernel security and system security is completed, and the vehicle terminal system security development and project integration application are realized. 6: Based on the information security development function requirements of the vehicle terminal, the system function and penetration test work were completed. Discover a number of security issues such as systems, software, communications, etc., and complete the problem rectification.
Finally, Mr. Wang explained the next step of Changan's security for automotive intelligent network security from five aspects: server, vehicle, intrusion detection, testing and emergency response.
Server-side: Based on the implementation of the information security protection policy of the networked server and the real-time monitoring of the sky, the security protection of the server is continuously improved from the aspects of physical security, business security and basic security, so as to avoid the occurrence of batch information security events. Physical security: Ensuring the physical security of various devices in a computer information system is a prerequisite for ensuring the security of the entire network system. Service security: Ensure application security and business data security through application hardening, application vulnerability scanning, password, and certificate security management. Basic security: including server exit/ingress network security protection, server host security protection, third-party security service support, etc.
Car end: Based on the four-level defense system of the whole vehicle, the security level is gradually improved, and the transition from software encryption to hardware encryption is realized, and the vehicle information security measures are continuously upgraded by using OTA technology.
Intrusion Detection: Establish a vehicle-side IDS/IPS real-time monitoring and defense system to monitor vehicle status in real time and respond to vehicle network security events in a timely manner.
Testing: Continuously improve the testing requirements, ensure that the vehicle end products meet the safety requirements through testing, timely discover safety problems through penetration testing, and complete the problem rectification.
Emergency response: Continuously improve the emergency response process and formulate emergency response plans to ensure that information security incidents can respond quickly, accurately locate, and resolve in a timely manner.