More
    HomeEV NewsModern automotive cybersecurity: Preventing hackers from accessing connected vehicles

    Modern automotive cybersecurity: Preventing hackers from accessing connected vehicles

    Cars are increasingly capable and complex, making time on the road easier and more pleasurable; but with these new features also come new security risks for connected vehicles. Giving our vehicles more navigation control also requires vigilance against cyberattacks, personal data infringement, over-the-air malware, and counterfeit attempts. This article examines automotive cybersecurity concerns and highlights potential solutions to these risks.

    What is automotive cybersecurity?

    Automotive cybersecurity is a blanket term for protecting the communication flow to and from your vehicle. In automotive applications, this information takes several forms:

    1. Network security: Many modern vehicles connect to communication networks between the car, the owner, the manufacturer, systems within the car, and the world around the vehicle. These networks enable functionality like over-the-air updates and the ability to see your tire pressure or engine temperature via smartphone remotely. However, these networks require protection from attacks that may inject or extrapolate information that could compromise the vehicle or its user.
    2. Data security: Today’s vehicles collect environmental data and information about driver behaviour. Protecting this potentially private data may be essential to the manufacturer or the user. For example, if a hacker were to gain access to vehicle camera data, they could track user behaviour and private information such as their home address.
    3. Control algorithms and electronic systems: Automotive electronics systems control vehicle safety systems, the drivetrain, multimedia systems, advanced driver assistance systems, and much more. Malicious cyber-attacks could interfere with these systems and compromise the user’s safety and the vehicle’s operability. For example, if a hacker accessed a vehicle’s lane assist feature, they could inadvertently steer a car into harm.

    Real-world examples of connected car security exploitation

    While many automotive cybersecurity concerns seem hypothetical, hackers already have a history of gaining compromising access to vehicles.

    In 2015, security researchers at the Keen Security Lab remotely hacked into a Jeep Cherokee infotainment system, allowing them to take control of the vehicle’s steering, brakes, and transmission. This wireless hack led to a recall of 1.4 million cars and led to massive vehicle security standardization efforts globally.

    The following year, a group of Chinese researchers took control of a Tesla Model S’s brakes, door locks, and dashboard computer from 12 miles away. Tesla quickly issued a software update to address the vulnerability, but the same functionality that enabled this over-the-air update likely enabled the hack.

    In 2018, the Keen Security Lab team discovered fourteen vulnerabilities in BMW cars that allowed access to a vehicle’s head unit computer, the telematics control unit, and the CAN bus, ultimately leading to control over brakes and steering. This report was responsibly shared with BMW, and many of the technical details in this hack were excluded from the public announcement to avoid potential abuse.

    Connected car cybersecurity is a burgeoning field of research. Competitions simulate real-world attacks to identify potentially unknown vulnerabilities in automotive systems. Pwn2Own (Canada), Cyber Grand Challenge (DARPA sponsored, United States), Car Hacking Village (DEF CON conference, United States), and ESCAR (EU, Asia, NA) are the most famous conferences around the globe, each of which are sponsored by OEMs. Often, these competitions result in OEMs facing previously unknown security challenges that require solving, recall, or future design accommodation.

    Current automotive cybersecurity solutions

    Many hardware and software security solutions are actively used in vehicles sold today. While each automotive system’s design requirements vary, these devices are common across automakers.

    • Secure microcontrollers: These MCUs provide tamper detection, end-to-end encryption, and secure boot. Specialized microcontrollers such as the MAX32510 protect sensitive private information and prevent unauthorized access.
    • Secure Trusted Platform Module (TPM): Specialized crypto-processors like the SLI 9670 provide hardware-based security and a secure environment for storing cryptographic keys, passwords, and other sensitive data. In addition to being used for cryptographic key management, TPMs attest to a system’s integrity by affirming that the system has not been compromised and is generally tamper resistant.
    • Cryptographic Accelerators: When secure network communication and data protection is needed, cryptographic accelerators (such as NCJ38A) can accelerate encryption and decryption algorithms and run digital signature verification. These specialized processors are optimized to run specific cryptographic algorithms much faster than general-purpose processors. Automotive systems often use them to protect sensitive data, provide authentication, and secure communications for over-the-air updates and other applications where data integrity is paramount.
    • Secure Gateways: Automotive IoT networks rely on large amounts of communication that opens them up to network vulnerabilities. Secure gateways control and monitor traffic to prevent unauthorized access within the network. A secure gateway like the S32G-VNP-GLDBOX is a subsystem of an automobile and can be used in various network applications within automotive security.

    The Future of connected vehicle security

    Automotive cybersecurity is paramount in the era of connected cars. New technologies specifically combat unwanted attacks and keep vehicles safe. Automotive security breaches can result in, at minimum, unwanted data sharing and, at worst, behaviour that can be life-threatening to a user. Automotive security devices are optimized to prevent attacks of all kinds and keep modern vehicles and their OEMs safe, secure, and functional.

    Author: 

    Arrow Electronics
    Arrow Electronics

     

    Related Post

    Most Popular

    Best Picks

    DEP Meshworks: Pioneering CAE Innovations for EVs and Autonomous Vehicles in a Rapidly Evolving Automotive Industry

    Detroit Engineered Products (DEP) is a global Engineering Solutions and Product Development company with a rich 25-year legacy. Since its inception in 1998 in...

    “India’s Electric Vehicle Revolution: Navigating Challenges and Seizing Opportunities...

    The EV industry of the nation is witnessing a tectonic boom. With the advent of government policies about a clean and green environment, the...

    Wireless Power in the Kitchen

    Authors: Akshat JAIN, STMicroelectronics India, Fabrizio Di FRANCO, STMicroelectronics, Italy, Martin DENDA, Rene WUTTE, STMicroelectronics Austria, Bruno TISSERAND, STMicroelectronics, France Wireless power is going to...

    MWC Shanghai 2024: 3 demos that are about improving...

    Author: STMicroelectronics MWC Shanghai 2024 should be memorable, thanks to more than 30 innovative product showcases and demonstrations, nine applications on display, and more than...

    AEKD-TRUNKL1: one power liftgate demo can transform how engineers...

    Author: STMicroelectronics The power liftgate built on the AEKD-TRUNKL1 is always a highly popular and easily recognizable demo, as its loud beeps alert attendees that the trunk...

    STMicroelectronics offers Cost-Effective, Fastest, and First STM32 MCUs to...

    STMicroelectronics is a global leader in the semiconductor space developing customer-centric and sustainable products. Their STM32 Portfolio is a hugely popular highly reliable and...

    India’s Promising EV Market is Lending Hope for an...

    The world faces serious environmental concerns that require immediate attention and progressive solutions. The human civilization is at a crossroads where every decision will...

    Sustainability is not just a corporate responsibility, but a...

    STMicroelectronics, a global semiconductor leader serving customers across the spectrum of electronics applications is among the early changemakers in the ongoing sustainability issue. The...

    Balancing Currents for Optimal Performance in Automotive Smart Drivers

    Author: Giusy Gambino, Marcello Vecchio, and Filippo Scrimizzi from STMicroelectronics, Catania, Italy When developing distributed intelligence for smart power switches in automotive power management systems, it...

    Must Read