More
    HomeEV NewsModern automotive cybersecurity: Preventing hackers from accessing connected vehicles

    Modern automotive cybersecurity: Preventing hackers from accessing connected vehicles

    Cars are increasingly capable and complex, making time on the road easier and more pleasurable; but with these new features also come new security risks for connected vehicles. Giving our vehicles more navigation control also requires vigilance against cyberattacks, personal data infringement, over-the-air malware, and counterfeit attempts. This article examines automotive cybersecurity concerns and highlights potential solutions to these risks.

    What is automotive cybersecurity?

    Automotive cybersecurity is a blanket term for protecting the communication flow to and from your vehicle. In automotive applications, this information takes several forms:

    1. Network security: Many modern vehicles connect to communication networks between the car, the owner, the manufacturer, systems within the car, and the world around the vehicle. These networks enable functionality like over-the-air updates and the ability to see your tire pressure or engine temperature via smartphone remotely. However, these networks require protection from attacks that may inject or extrapolate information that could compromise the vehicle or its user.
    2. Data security: Today’s vehicles collect environmental data and information about driver behaviour. Protecting this potentially private data may be essential to the manufacturer or the user. For example, if a hacker were to gain access to vehicle camera data, they could track user behaviour and private information such as their home address.
    3. Control algorithms and electronic systems: Automotive electronics systems control vehicle safety systems, the drivetrain, multimedia systems, advanced driver assistance systems, and much more. Malicious cyber-attacks could interfere with these systems and compromise the user’s safety and the vehicle’s operability. For example, if a hacker accessed a vehicle’s lane assist feature, they could inadvertently steer a car into harm.

    Real-world examples of connected car security exploitation

    While many automotive cybersecurity concerns seem hypothetical, hackers already have a history of gaining compromising access to vehicles.

    In 2015, security researchers at the Keen Security Lab remotely hacked into a Jeep Cherokee infotainment system, allowing them to take control of the vehicle’s steering, brakes, and transmission. This wireless hack led to a recall of 1.4 million cars and led to massive vehicle security standardization efforts globally.

    The following year, a group of Chinese researchers took control of a Tesla Model S’s brakes, door locks, and dashboard computer from 12 miles away. Tesla quickly issued a software update to address the vulnerability, but the same functionality that enabled this over-the-air update likely enabled the hack.

    In 2018, the Keen Security Lab team discovered fourteen vulnerabilities in BMW cars that allowed access to a vehicle’s head unit computer, the telematics control unit, and the CAN bus, ultimately leading to control over brakes and steering. This report was responsibly shared with BMW, and many of the technical details in this hack were excluded from the public announcement to avoid potential abuse.

    Connected car cybersecurity is a burgeoning field of research. Competitions simulate real-world attacks to identify potentially unknown vulnerabilities in automotive systems. Pwn2Own (Canada), Cyber Grand Challenge (DARPA sponsored, United States), Car Hacking Village (DEF CON conference, United States), and ESCAR (EU, Asia, NA) are the most famous conferences around the globe, each of which are sponsored by OEMs. Often, these competitions result in OEMs facing previously unknown security challenges that require solving, recall, or future design accommodation.

    Current automotive cybersecurity solutions

    Many hardware and software security solutions are actively used in vehicles sold today. While each automotive system’s design requirements vary, these devices are common across automakers.

    • Secure microcontrollers: These MCUs provide tamper detection, end-to-end encryption, and secure boot. Specialized microcontrollers such as the MAX32510 protect sensitive private information and prevent unauthorized access.
    • Secure Trusted Platform Module (TPM): Specialized crypto-processors like the SLI 9670 provide hardware-based security and a secure environment for storing cryptographic keys, passwords, and other sensitive data. In addition to being used for cryptographic key management, TPMs attest to a system’s integrity by affirming that the system has not been compromised and is generally tamper resistant.
    • Cryptographic Accelerators: When secure network communication and data protection is needed, cryptographic accelerators (such as NCJ38A) can accelerate encryption and decryption algorithms and run digital signature verification. These specialized processors are optimized to run specific cryptographic algorithms much faster than general-purpose processors. Automotive systems often use them to protect sensitive data, provide authentication, and secure communications for over-the-air updates and other applications where data integrity is paramount.
    • Secure Gateways: Automotive IoT networks rely on large amounts of communication that opens them up to network vulnerabilities. Secure gateways control and monitor traffic to prevent unauthorized access within the network. A secure gateway like the S32G-VNP-GLDBOX is a subsystem of an automobile and can be used in various network applications within automotive security.

    The Future of connected vehicle security

    Automotive cybersecurity is paramount in the era of connected cars. New technologies specifically combat unwanted attacks and keep vehicles safe. Automotive security breaches can result in, at minimum, unwanted data sharing and, at worst, behaviour that can be life-threatening to a user. Automotive security devices are optimized to prevent attacks of all kinds and keep modern vehicles and their OEMs safe, secure, and functional.

    Author: 

    Arrow Electronics
    Arrow Electronics

     

    Related Post

    Most Popular

    Best Picks

    STM32WBA, 1st wireless Cortex-M33 for more powerful and more secure Bluetooth applications #STM32InnovationLive

    Author: STMicroelectronics Update, December 21, 2023 The STM32WBA52xx are now available in a QFN32 package measuring only 5 mm x 5 mm as opposed to the...

    2024 Insights: Dr. Abhilasha Gaur on Skilling’s Impact in...

    In an exclusive interview, Dr Abhilasha Gaur, COO of the Electronics Sector Skills Council of India (ESSCI), sheds light on how skilling processes will...

    Simulation Tool Prevents Severe Issues in Various Automotive Scenarios

    Authors: Giusy Gambino, Alessio Brighina, Francesco Giuffre’, Filippo Scrimizzi, STMicroelectronics, Catania, Italy When conceiving and implementing cutting-edge solutions that can thrive in harsh automotive environments a...

    SensorTile.box PRO, a new story about a professional board...

    Author: STMicroelectronics  The SensorTile.box PRO redefines what it means to use professional tools destined for the Internet of Things by making the technology accessible to more than...

    STM32CubeMonitor 1.7, STM32CubeMonitor-UCPD 1.3, and STM32CubeMonitor-RF 2.12, more powerful...

    Author: STMicroelectronics STM32CubeMonitor 1.7 became more flexible thanks to new UI improvements in an effort to adapt to the many use cases it must handle. For...

    Driving the Future: Exploring Innovations in the Automotive Power...

    The global automotive power electronics market is set to achieve a valuation of US$ 6 billion by 2033, advancing at 4.1% CAGR from 2023 to 2033, as...

    Empowering Karnataka’s Electronics Industry: An Insightful Conversation with CLIK...

    Karnataka, a shining star in India's technological landscape, has earned international acclaim for its thriving electronics and IT sectors. Fuelled by a legacy of...

    Aimil Ltd.: Setting the Benchmark for Instrumentation Solutions at...

    Aimil Ltd., an ISO 9001:2015 certified company with a heritage tracing back to 1932, holds a prominent position as a leading provider of cutting-edge...

    Electrify Your Future: A Thriving Career in the E-Mobility...

    In an era where sustainability and innovation reign supreme, the E-Mobility sector has emerged as the driving force behind a transformative shift in the...

    Must Read