Published: May 24, 2016
Senior Functional Safety/Cyber Security Engineer
Is security a high enough priority matter for organizations working in connected & autonomous cars?
In the last few years we have seen automotive cyber security move from a relatively low key research topic to a high profile and high priority issue for the automotive industry. The rapid increase in electronic systems and connectivity in vehicles means that security is a new technical and business concern to many parts of the automotive industry that were not previously used to dealing with it.
Many organisations have put in place internal structures and continue to develop processes for cyber security of their products. However, long vehicle development life cycles of several years mean that the results of increased prioritisation of security will not always be seen immediately.
Should we pay attention to the media-hyped hack demos?
Media demos certainly highlight the potential impacts of cyber-attacks, although it is important to look beyond any hype to establish the real risks at hand.
The industry should concentrate on developing and applying rigorous engineering processes which allow cyber security to be built in from an early stage. A structured approach of identifying threats, assessing and prioritising risks, specifying and managing requirements, and implementing and testing them with appropriate levels of rigour is
necessary. This will allow manufacturers to build in the right level of security at the right cost.
Security is a moving target and new attack techniques are continually being discovered. Therefore the engineering e?ort needs to be backed up by continuous R&D into new attack techniques and novel technical solutions to them. One way this can be achieved is through close research partnerships between industry and academia.
In your opinion, which connected vehicle entry points are most vulnerable to breaches and why?
The connected vehicle presents many potential entry points to an attacker. For example, modern infotainment systems include multiple wireless external connections such as Wi-Fi,cellular and Bluetooth,which present the obvious risks of remote attacks from outside the vehicle.
In addition today’s infotainment systems are increasingly built on platforms running feature rich operating systems. These platforms can be particularly susceptible to security vulnerabilities due to their complexity and the fact that they tend to be made up of a variety of hardware and software components from different vendors. Many of these technologies are already familiar from the IT world and as such suffer from similar known vulnerabilities to their IT counterparts. When these systems are also connected to in-vehicle networks, an attacker who gains access to the infotainment system may be able to “pivot” to other systems in order to compromise a safety-critical function such as steering or brakes.
Do you agree that the automotive industry needs to take a proactive or “security by design” approach instead of “reactive” to fend o? hackers?
A proactive security by design approach should of course be the ultimate aim for new developments. Due to long vehicle development life cycles and vehicle lifetimes, a tailored approach may be required to resolve issues for vehicles currently under development and those out on the roads.
How will the security scenario change when new trends like car-to-home connectivity/car-to- infrastructure (V2X) will become ubiquitous?
These new external connections mean that the vehicle will become part of a much larger ecosystem together with other vehicles, transport infrastructure, mobile networks and more. It is therefore important to consider the threats posed by these other networks to the vehicle, and by the vehicle to the other networks. One may ask who is responsible for security in this scenario, but in reality the whole ecosystem must play its part, and different industries must work together to address the different threats.
In the area of V2X, work has been ongoing for several years to address security through industry consortia and standardisation bodies such as IEEE and ETSI. However the picture is changing rapidly with new communications technologies and associated security issues coming into play, and these groups continue to improve security specifications and standards.
People often correlate cybersecurity with data privacy issues. How should automakers be dealing with both the problems?
Privacy and security are partially overlapping domains. On the one hand, privacy should be considered a part of security, since compromise to privacy is often a consequence and indeed a target of a cyber-attack. There are some additional aspects to take into account with privacy, such as protection of personal data and legislation around its collection and use. With increased connectivity, particularly to mobile devices and to internet services, the vehicle is now becoming a hub for personal information. Vehicle manufacturers need to consider how to protect personal information such as phone contacts, location data and user account data in line with relevant legislation.
Do we need standards for automotive cybersecurity? If yes, then where would they come from?
Standards are necessary in defining state-of-the-art best practices to develop products to an appropriate level of security and evaluate whether that level of security has been achieved. The recently published recommended practice SAE J3061 is a first step in this direction and serves as a starting point for such automotive cyber security standards.
Standards also have a role to play when it comes to security controls and counter measures. Proven, standardised cryptographic algorithms and protocols should be used where appropriate in preference to unproven proprietary methods, which will not have had suffcient scrutiny for weaknesses. Security related standards also exist in other domains covering implementation guidelines and evaluation methodologies (for example Common Criteria / ISO 15408). These should be used or adapted as appropriate by the automotive industry.
What HORIBA MIRA is doing to combat security risks in the automotive domain?
At HORIBA MIRA we o?er automotive cyber security engineering consultancy services in the areas of threat analysis and risk assessment, specification of security requirements, penetration testing and security validation. We conduct our own internal research into cyber security aspects relevant to the automotive domain and are also involved in various standardisation activities and collaborative research projects.