However, as with any other device that connects to the internet, there is a potential risk to automotive security from cyber criminals. Security breaches can result in leaked personal data, threats to a vehicle’s essential security and safety mechanisms and, in extreme cases, full remote control of the car. And, as the industry moves towards more autonomous vehicles, these risks are only set to increase due to reliance on applications, connectivity, and more complex and integrated electronic components.
Failure to address these risks could have a catastrophic effect on consumer confidence, privacy and brand reputation. And worse, customer safety.
What are the top 10 security risks for connected cars?
- Theft of personal data. As the number of sensors increase rapidly in vehicles, there is the potential for hackers to steal personally-identifiable information (PII) from the vehicle’s systems, such as personal trip and location data, entertainment preferences, and even financial information.
- Vehicle theft. As digital keys, wireless key fobs and mobile applications replace traditional physical car keys, car thieves can gain unauthorized entry to the vehicle. This can be done by intercepting communication between a smartphone or wireless key fob and the vehicle, using devices that extend the range of the wireless signal and emulate the wireless key to access a vehicle using the owner’s own wireless key fob, if the owner is still near their vehicle. Managing virtual car keys can be as difficult as managing physical keys, if not carried out correctly. Enrolment of a key, validation of an ‘unlock’ attempt and, most importantly, revocation must all be handled securely.
- Connection risks. Cyber criminals can exploit flaws in a vendor’s implementation. Given that security has sometimes been an afterthought in the design phase for connected cars and their components, this creates an easy target for hackers exploiting vulnerabilities using cellular networks, Wi-Fi, and physical connections. Furthermore, connected vehicles need to be able to trust, and be trusted by, the components and service(s) that they connect to.
- Manipulation of safety-critical systems. There is the potential for hackers to take control of safety-critical aspects of a vehicle’s operation; for example, by compromising the cruise control system to manipulate the steering and braking systems.
- Mobile application security vulnerabilities. As more mobile apps are released by manufacturers for communicating with vehicles, the more these become a target for bad actors. For example, in the case of the Nissan Leaf, security testers demonstrated how they could gain unauthorized access to control the heated steering wheel, seats, fans and aircon remotely. In an electric vehicle, this can drain the battery and render it immobile. According to Gartner, 75% of mobile applications fail basic security tests. The number of security vulnerabilities in the Android and iOS mobile operating systems are also a source of concern.
- Lack of “designed-in” security. The automotive industry has little historical experience of dealing with cybersecurity risks and this has become evident from the lack of security built into many of the software and hardware components in the first generations of connected cars. Furthermore, there appears to be a lack of adequate education about secure coding practices. There is also a lack of rigorous security testing, much of this taking place too late in the product development lifecycle. And, to cut component costs, some safety-critical and non-safety-critical functions may share resources (processor cores, physical connectivity or Internet access). Designing from the ground up, from the perspective of a hostile environment, is the only way to build “Secure by Design” systems that will be robust in the long term.
- Security vulnerabilities in the complex supply chain. Automotive manufacturers rely heavily upon third party vendors to supply the systems, software and hardware components for their vehicles. However, unless auto manufacturers impose rigorous cybersecurity requirements on their Tier 1 and Tier 2 suppliers, they run the risk of introducing security vulnerabilities via these components. Counterfeit components can also enter the supply chain, threatening safety by reducing wear ratings, overriding safety limits etc. Any component responsible for primary activities, such as braking, clearly needs to meet the highest standards of security.
- Failure to keep up with the latest security patches and updates. As new threats and attacks are discovered, the only effective solution is to ensure that the platforms can be easily and securely updated once deployed into the field. Many of these updates are delivered through supplied software, components and systems which rely upon wireless communications connected to personal computing devices, with their own inherent security challenges.
- Inadequate key management processes. Although most automotive manufacturers use key management systems for the management of cryptographic keys, many still use a manual process for this, thus limiting their usefulness and hampering security.
- In Vehicle Infotainment (IVI) vulnerabilities. Innovations in vehicle entertainment systems– everything from sat nav to high-definition streaming media–bring benefits to drivers but these platforms increasingly provide services that make use of sensitive data and are security-critical to vehicles and end-users. Both Android and Apple offer infotainment systems and vehicle-centric app stores, and there are opportunities for combining applications, such as payment and social networking, with more vehicle-centric needs, such as tolls, parking and journey planning. Linking these worlds introduces new possibilities, but it also brings with it the threat that app-centric malware could attack the automotive platform.
Ben Cade, CEO, Trustonic, comments: “The industry’s rapid transformation towards autonomous, connected, electric and shared (ACES) mobility, and the rise of high-bandwidth 5G connectivity, is enabling auto makers to deliver new in-vehicle services and rich content. Increasingly sophisticated digital cockpit systems will bring new, personalized digital experiences for drivers and passengers – but they also create security and content-protection challenges that must be addressed with proven trust. With cars having such long lifecycles compared to other smart devices, innovative OEMs and Tier 1 vendors are building IVI architectures with long-term security at their core.”
Mitigating against automotive cyber security threats
Trustonic is working with leading vehicle manufacturers, including Hyundai and Volkswagen Group and Tier 1 IVI and embedded vehicle systems vendors, to deliver the maximum level of automotive cybersecurity protection available.
Automotive Security, the Trustonic way
Our technology provides the highest level of security available by offering:
- Hardware isolation of sensitive code execution in the protected world of the Trusted Execution Environment (TEE). The TEE minimizes the attack surface, preventing threats such as reverse-engineering, tampering, malware, and trojans.
- Use of the Trusted User Interface (TUI) for smartphone applications that authenticate the user and control the car (for example, digital key apps that can lock and unlock vehicles). During security-sensitive user interactions with the app, the UI is isolated from the normal operating system, so malware in the normal OS cannot spy on, or tamper with, the user interaction.
- Protection of sensitive data. Trustonic’s Trusted Application Protection (TAP) platform combines the power of the most advanced hardware and software protection technologies available, something no other solution can offer. On a smartphone, wearable or IVI system equipped with a TEE, sensitive code is encased in this hardware-isolated world. On iOS and Android devices without an accessible TEE, it’s secured with a “Software TEE” which combines the most advanced white-box cryptography and in-app protection technologies, for securing sensitive information, with code protection measures for defending the code as it runs. Sensitive data can only be encrypted and decrypted inside the TEE, ensuring it always remains protected from malicious applications running in the main operating system.
- Hardware Root of Trust (RoT). Combining RoT with a hardware-protected Trusted Execution Environment (TEE) brings greater trust to connected devices because it’s virtually impossible to attack and steal the cryptographic keys held in the secure world of the TEE.
- Device Authentication. Device legitimacy can be verified to ensure that applications and sensitive data (such as DRM-protected media) are installed or played only on trusted devices.
Built and certified to the highest industry standards, you can be sure Trustonic technology meets the highest security criteria and has been rigorously tested. That’s why we’re trusted by some of the world’s leading institutions, enterprises, governments, auto makers and Tier 1s.
Hyundai’s work with Trustonic
Learn how Hyundai delivered a security-first solution using TAP to store and protect its digital keys and guard against unauthorized use or access. Hyundai chose TAP to provide a flexible way to build its mobile application, without having to consider end-user device capability and compatibility issues. TAP also provides Hyundai with a foundation for delivering and protecting innovative new functionality in the future. For more information about our work with Hyundai, see:
“IDC views the Digital Key mobile application solution developed by Hyundai and secured by Trustonic as an example of an automaker investing to continue diversifying by offering immersive digital services. Hyundai incorporated mobile application security best practices to support a rich feature and capability set available at launch but also to enable a foundation for delivering new and enhanced functionality over time. With Digital Key, Hyundai is embracing the central themes of connected services and the sharing economy to allow its customers the freedom to explore the edges of car ownership including peer-to-peer car sharing”. Matt Arcaro, IDC.
