Connected, Autonomous, Shared, and Electric (CASE) Vehicles will be the future of automotive. While governments are more focused on EVs, other smart vehicle markets are growing too.
Modern vehicles have up to 100 million lines of code and these are mostly based on open source, making it difficult for IT teams to track. There are already clear instances of cybercriminals looking into the auto industry like the Tesla exploit and Jeep attack.
With so much riding on all of this software and hardware, it’s critical for automotive designs to meet the functional safety regulations (E.g. ASIL on ISO 26262, TR68 in Singapore).
How is the industry addressing software security risks?
The automotive industry is employing both proactive and reactive measures to reduce the software security risk in connected vehicles. In terms of proactive measures, automotive organisations are increasingly following a systematic risk-based approach.
They are basing on ISO 21434 Cybersecurity Engineering standard, to define cybersecurity goals, identify threats and risks, define security controls and requirements, perform design and code reviews, following best practices for secure software development, and perform testing based on approaches like static analysis security testing, software composition analysis, functional testing, vulnerability scanning, fuzz testing and penetration testing.
This allows for findings and fixing issues earlier in the development lifecycle prior to release. In terms of reactive measures, connected vehicles are equipped with OTA (over the air) update capabilities, which allows for updating vulnerable software after release.
This solution include several activities, including continuous cybersecurity monitoring to detect new type of attacks, weaknesses and vulnerabilities, perform vulnerability analysis to determine the impact of vulnerable components, manage vulnerabilities by addressing the vulnerability through, e.g., a patch, and finally applying the fix to the vulnerable components/vehicles through the over the air (OTA) update functionality.
What are some of the challenges faced by the industry?
As the industry is expanding the set of features and functionality offered to clients to meet increased user expectations, a vehicle is transforming from a single closed system entity to becoming a “smart device on wheels” as part of a larger interconnected ecosystem.
For example, a vehicle has numerous connectivity interfaces allowing connections to the cloud, various web apps, OEM backends, OTA platforms, and to other vehicles and the users’ mobile devices and homes. As such, the protection measures required and the attack surface of the vehicle grows immensely from a single vehicle to a much larger ecosystem.
In addition, attackers could target vehicles directly by focusing on exploiting vulnerabilities over Wi-Fi, Bluetooth or Internet connected services on the vehicle. Alternatively, attackers could also target vehicles indirectly by first focusing on exploiting vulnerabilities in relevant web apps, backend solutions, or mobile apps, and once they have taken control, then target vehicles by abusing the functionality provided by the exploited applications.
Thus, the scope for protecting a connected vehicle has grown and various organisations including auto manufacturers, suppliers, and service providers the must work closely together to ensure a holistic security solution to best secure all the relevant assets.
What has to be done for the industry to stay safe?
With more standards and regulations emphasising the need for cybersecurity, the automotive industry is moving forward in the right direction. There are two main areas that need to be considered. First, organisations need to create a cybersecurity and safety culture, establish and roll out relevant policies, processes, and procedures.
Management systems need to be established in the organisation to handle e.g. requirements management, change management, configuration management, documentation management, tool management, and competency management.
The second area is on the product development. For specific products, a number of security relevant activities need to be performed, according to the processes and procedures specified in the firm. The resulting artifacts from these activities on the product-level can then be used as evidence to create a certain level of assurance for safety and security.
The organisation need to prepare guidelines and template to help product teams create these artifacts in an efficient and effective manner. Specialised teams, e.g., functional safety teams and cybersecurity teams can assist the product teams in these activities.
Is there a gap in the industry that needs to be addressed?
Although the industry is making great strides in closing gaps, one major gap in general that need to be addressed is an overall cybersecurity culture in the organisation, and having the necessary cybersecurity personnel with the appropriate skills assigned in the organisation.
Establishing and deploying the relevant cybersecurity policies, processes and procedures in the organisation as well as building the necessary cybersecurity capabilities is something that typically takes time. Cybersecurity expertise in general is in very high demand already, and with additional cybersecurity activities required by, for example ISO 21434 Cybersecurity Engineering standard, this demand will only increase over time.
It is worth noting that while there are many technical security solutions that can be applied in automotive products, in cases such solutions are not applied due to cost, convenience, pressure to meet deadlines, or lack of security skills or lack of proper risk understanding.
Therefore, firms require a security mindset where cybersecurity is built-in into the processes and the technical security solutions are applied in the developed products.
How can an autonomous car be well implemented?
An autonomous car has several elements that need to function together properly. First, you have perception, i.e., to be able to detect the surroundings using various sensor tech like cameras, lidar, radar, ultrasonic etc. This includes detecting other vehicles and pedestrians.
There are also wireless tech like V2X that can be used to get a view farther than what typical sensors can see. You would also have GPS and HD maps to help determine the exact location of the vehicle. Then you have the decision logic, i.e., the “brain” that is processing the sensor input and making decisions on how the vehicle should behave.
Finally, you have the control systems, i.e., safety-critical systems that control the acceleration, braking, and steering of the vehicle to allow for a safe driving experience.
All of these elements need to function seamlessly together to ensure that an autonomous vehicle is able to detect the surroundings and make the proper decisions on how the vehicle should behave and execute that behavior accordingly (acceleration, braking, steering). All of these components need to be developed and tested to ensure a certain level of assurance for safety and security following best practices and global standards.
Dennis Kengo Oka is the Principal Automotive Security Strategist at Synopsys Software Integrity Group.