Without a trusted cyber protection platform, the autonomous vehicle (AV) industry is at risk. Both automakers and consumers will be hesitant to accept AVs if they feel unsafe. Traditional IT security mechanisms for updates, patches, and protection do not apply to automotive, and the industry is scrambling to catch up with the fast pace of innovation and find a security approach that will prevent attacks, save lives, protect personal data, protect vehicle behavior as designed, and reduce recalls.
The Rising Threats for Automotive Cybersecurity
In 2019, researchers found that if just 20 percent of AVs were stopped remotely, a city like Manhattan would grind to a complete halt. Even at 10 percent, this could render half of Manhattan's roads completely inaccessible.
As experts continue to prepare for a world where connected cars roam the streets, they’re forecasting increased risk for major security breaches—and the opportunities for hacking will continue to increase as more and more components of vehicles are controlled bysoftware and connected to the internet.
By 2022, there are expected to be more than 125 million connected vehicles worldwide, creating an environment in which opportunities for attack are plentiful. Rightly, OEMs and tier 1 suppliers are urgently seeking new security solutions that can prevent these kinds of attacks—but few approaches are proving sufficiently robust. As vehicles become data centers on wheels, there are many security issue root causes.
Keeping Hackers out of the ECU
Today, most connected vehicles employ more than 100 electronic control units (ECU). Each of these ECUs connect to various network protocols, making them insecure and particularly vulnerable to attack vectors like malicious code, manipulation of software or firmware, and attack commands.
Once adversaries can modify a vehicle’s ECU, they can upset the functionality of the entire system, e.g., creating critical or safety issues that expose sensitive data, permitting access to unauthorized third parties, etc. In order to gain this level of control, hackers need to figure out a way to manipulate the software in the flash memory, and—as reality unfortunately proves—they almost always find a way in. To protect the many connected cars that will take over our roads in the future and keep our streets safe, a new approach for securing automotive ECUs is needed.
Current Security Solutions Are Failing
Integrating security solutions into electronic systems to secure ECUs is one option, but high-end processors or OS features only partially protect data and expert hackers who can often bypass them to compromise the memory.
In just last year alone, numerous vulnerabilities and hacks have been uncovered that expose the vulnerability of the processor and its failure as a sufficient security solution, such as the Tesla Model S Autopilot Vulnerability, Volkswagen and Audi Infotainment Vulnerabilities, and the Intel Zombieload Vulnerability, among others. In all of these cases, the software running on the ECU can allow hackers to infiltrate and wreak havoc—even after the system has been reset. Once a bug has been discovered, a hacker can gain control in a relatively simple manner and then get to work undermining the original software.
Another approach for securing the automotive ECU, focuses on protecting the memory itself to ensure sensitive data can only be accessed by authorized parties. So, even if a hacker discovers bugs in the software, the hardware security features will stop them from being able to manipulate the software and gaining access to the system.
To fully secure the automotive ECU and ensure connected cars will be safe, automakers must also consider how to securely handle management and updates. A secure channel can be created with a cloud-to-flash solution, allowing the secured memory to deliver over-the-air updates and management system updates derived from the memory hardware itself.
Security for a Car’s Entire Lifecycle
The final piece of the puzzle in securing the automotive ECU is to create a secure network that only authorized ECUs can access. There are many operational inefficiencies that threaten the ECU; for example, an attack during manufacturing can get out of hand quickly and be difficult to detect.
The best security solution will provide a cloud to ECU protection, with memory devices that are already provisioned via cloud services that are able to create a secure channel with the memory device, as well as APIs to register the ECU in the network in a confidential, authorized, and private way. Moreover, a cloud-to-flash approach doesn’t require any modification to the ECU’s design and protects the ECU for its entire lifecycle, further shielding the car from attacks.