Connected Cars and Security Design Considerations

Digital Disruptions is changing the way car business is done.

The global automotive market is more than 100-years-old and generates over $9 trillion of revenue annually, yet the industry has seen very few major advancements since the early years. During the past century, vehicle fundamentals, including functionality, features and overall system design, have remained relatively the same.

Comprehensive security for connected cars will require building security into the car at each layer. Today’s cars have a great number of layers, from the cloud-based and data center systems to which the car connects, to the connection, down the modules themselves—including singleboard computer (SBC), body control module (BCM), smaller sensor modules, the chips driving the modules, and the bus protocols connecting them. Protecting the whole “stack” from top to bottom with comprehensive security will take many years, given the complexity of spanning supplier relationships. All sensitive chips will need hardware support for secure boot and credential storage to prevent spoofing and tampering via OTA attack paths.

Sensitive chips include BCM and all MCU that impact drivetrain, hydraulics, and any other part of the car that affects safety in any way. Eventually, all sensitive modules will need cryptographic and key management capabilities for authenticating data to and from the other sensitive modules so that aggressors can’t spoof a fake control signal. Some of this change will take much longer, as today’s protocols for CAN bus and FlexRay do not have many means for adequate authentication. This makes it all the more urgent for the vehicle bus and all wireless modules, cellular, Wi-Fi, Bluetooth, or other, to quickly get monitoring capabilities to detect and address potentially dangerous anomalies. Finally, the system as a whole will need OTA update capabilities, and all data-center and cloud-based systems will need protection at the high standards appropriate for the lives depending on the security of these systems.

There are four basic requirements within connected car applications, encompassing simple connected car features to autonomous cars:

  • Sensors – enable measurement and detection, such as how much gas is in the fuel tank, tire pressure, temperature
  • Intelligence – acquisition and application of knowledge for accurate event identification and appropriate response
  • Communications – reporting appropriate information to appropriate recipient (driver, passenger, in-car system, cloud, repair shop)
  • Networking – moving the appropriate information, whether inside the vehicle or to another vehicle or to the cloud

The basic security design considerations for any connected car platform or eco-system should comprise

  • Secure Communications
  • Secure Endpoints (sensors, MCU, microprocessor, etc.)
  • Secure OTA
  • Mitigate Advance Threats

The protocols that support the in-vehicle networks are

  • LIN – Body and comfort; Low bandwidth (20Kbps); inexpensive
  • CAN (Controller Area Network) – Link between sensors and actuators, powertrain, Low bandwidth (1Mbps), real-time communications, Share information and resources among distributed applications
  • FlexRay – To 10Mbps, considered as a CAN upgrade; Time triggered, fault tolerant, deterministic, redundancy; Safety-critical functions, x-by-wire
  • LVDS – Camera-based, driver assistance systems, infotainment; Point-to-point connection
  • MOST – Infotainment, bandwidth to 150Mbps; Specific for car, proprietary (see Microchip Technologies), hence expensive

Some of the OEMs (not all) who are in connected car business are

  • Visteon
  • Continental Automotive Group
  • Harman International Industries
  • Alpine Electronics, Inc.
  • Denso Corp
  • Robert Bosch GmbH
  • Panasonic
  • Delphi Automotive PLC

Automotive manufacturers can secure more than half of this value by selling vehicles with a prepaid plan for connectivity. Enabled by the same connectivity, the other half can be monetized with new business models and a host of new services. To capture this value, automotive manufacturers will need to connect their value chain with partners such as wireless service providers, insurance companies, government agencies operating intelligent traffic systems (ITS), fleet operators, emerging businesses like car sharing, and providers of context relevant and location-based services

Services that deliver the greatest added value will rely on a factory-installed unified communications platform with automotive manufacturer-controlled policies to manage safe invehicle communication, securely connect the vehicle and its electronics architecture to the outside world, and integrate nomadic devices into vehicle ergonomics, acoustics, and HMI.

Ubiquitous, seamless, and secure connected-vehicle operation at high driving speed will depend on an end-to-end architecture that integrates the onboard unit, roadside equipment, edge and core of the network, data center, and, eventually, the cloud.