TREND Automotive: Embedded Security by Design

| |
1 Star2 Stars3 Stars4 Stars5 Stars

Cars that were once closed systems are now increasingly exposed to threats from outside attackers. And the consequences for the new world of “networked” cars could not be more dramatic.

Seat belts and airbags have long been relied upon to guarantee vehicle safety. In those days cars were singletons, driving happily through rural and urban landscapes without needing any connection to the outside world. But those days are long gone. Forecasters predict that, by 2021, more than 380 million vehicles will already be connected, to other vehicles (car-to-car), to the traffic infrastructure (car-to-x) or via smartphone interfaces. This makes these rolling computers vulnerable, and data theft is the least of their worries. As controllers take more and more responsibility away from drivers, cyber attacks can quickly have life-threatening consequences.

Older vehicles are particularly poorly protected. Many people see the OBD2 interface, which has been included in all vehicles since the late 1990s, as a particular problem. Originally intended only for reading out exhaust gas data via cable, retrofitted smart dongles from third-party suppliers can now also enable data transmission via WLAN or Sim Card. Hackers from the US security company Argus have already managed to switch off a running engine using a Bluetooth signal and this kind of smart dongle.

Embedded Security from the very beginning

In future it will not be sufficient to plug individual leaks. Ultimately, only holistic strategies that combine functional safety with automotive security can withstand proliferating criminal energy and expertise. And the problem does not end with production, it affects the entire lifecycle of the vehicle, right down to deleting cryptographic keys and erasing the vehicle’s identity before it is scrapped.

Escrypt – the embedded IT security solution provider, creator of the cryptographic library CycurLIB and member of the Bosch Group, has long been Volkswagen’s partner for the security of internal and external vehicle communications and recently presented a combination of embedded solution and backend Cyber Defense Center at CES 2018. The Intrusion Detection and Prevention Solution (IDPS) documents attempted attacks that would once have usually gone unnoticed and forwards the data to a cyber-security backend for evaluation. There, experts respond with appropriate countermeasures, such as security updates transmitted over-the-air.

In this way, attack detection and defense becomes a continuous process. Starting with prevention, for example, firewalls, monitoring and reporting, right up to analyzing and combating attacks. The dynamic system can adapt to new risks and attack strategies by utilizing constantly updated data from the entire vehicle fleet. New measures can then be distributed via cryptographically secured communication links over-the-air to all the networked vehicles in the fleet.

The TÜV is not impressed

However, the idea of storing vehicle data on manufacturers’ servers is not met with universal approval. Car insurance companies are skeptical and the umbrella association of Germany’s technical inspection and certification agency, TÜV, also recently reported concerns. It feels that all data processing should take place within the vehicle and not on any backend servers. After all, on the servers, nobody is in a position to be sure that – for instance – the data being used for an emissions test are truly independent. The recent exhaust scandals have evidently sowed a great deal of distrust. Who could blame the TÜV for that?

The TÜV is also launching its own “Automotive Platform” concept for all vehicles – a standardized, highly secure communications platform that can be unlocked and locked only with a single key. This “vault” secures the authorization to access the vehicle data, which only the car owner has the authority to decide.

Connected Car Security

Suppliers are also expanding their competence in vehicle IT security. Continental recently acquired Israel’s Argus Cyber Security, one of the world’s leading providers in the field. Together they plan to offer multi-layered end-to-end security solutions and services, including intrusion detection and prevention, attack surface protection, health monitoring and vehicle fleet IT security management. The Security Operations Center (SOC) that is included in the portfolio protects vehicles throughout their lifetime.

Continental’s subsidiary Elektrobit and the start-up from Tel Aviv are already offering wireless software updates for vehicles. Like Bosch’s over-the-air updates, these regular safety updates are intended to ensure that the vehicles are always protected from hacking attacks.

Combi for better performance

In principle, software is sufficient to secure the data exchanged by the around 60 electronic control units (ECU) in a modern vehicle, but a combination of hardware and software that carries out hardware security functions offers significant performance benefits. One example of this is the recently introduced solution from Infineon and Escrypt. The second generation AURIX multicore microcontroller family with security software CycurHSM is designed to prevent any manipulation of electronic control devices, thus increasing IT security for applications such as software-update-over-the-air (SOTA) and automated driving.

Here the AURIX controllers govern the communication processes, perform monitoring and security tasks and support security protocols. The keys are generated and stored in the Hardware Security Module (HSM). This facilitates secure booting, flashing and debugging. Escrypt’s software stack CycurHSM, which was especially designed for AURIX and HSM, facilitates hardware-based security features such as data encryption and authentication, the use of true random number generators (TRNG) and secure flash memory. There are additional security functions such as runtime manipulation detection, which monitors the application software’s authenticity while the vehicle is running. These security functions are physically encapsulated within the HSM, which means that the ECU’s host controller can fully concentrate on its actual tasks.

Knowledge Base

The Whitepaper “Cybersecurity for Automobiles: BlackBerry 7-Pillar Recommendation” can be downloaded free of charge by registered users.


Learn more about embedded security at the Cyber Security Forum.




Embedded Security  (Image: Continental).

In the increasingly networked world of modern cars, the risks increase alongside the chances. (Image: Continental).