HomeEV NewsModern automotive cybersecurity: Preventing hackers from accessing connected vehicles

    Modern automotive cybersecurity: Preventing hackers from accessing connected vehicles

    Cars are increasingly capable and complex, making time on the road easier and more pleasurable; but with these new features also come new security risks for connected vehicles. Giving our vehicles more navigation control also requires vigilance against cyberattacks, personal data infringement, over-the-air malware, and counterfeit attempts. This article examines automotive cybersecurity concerns and highlights potential solutions to these risks.

    What is automotive cybersecurity?

    Automotive cybersecurity is a blanket term for protecting the communication flow to and from your vehicle. In automotive applications, this information takes several forms:

    1. Network security: Many modern vehicles connect to communication networks between the car, the owner, the manufacturer, systems within the car, and the world around the vehicle. These networks enable functionality like over-the-air updates and the ability to see your tire pressure or engine temperature via smartphone remotely. However, these networks require protection from attacks that may inject or extrapolate information that could compromise the vehicle or its user.
    2. Data security: Today’s vehicles collect environmental data and information about driver behaviour. Protecting this potentially private data may be essential to the manufacturer or the user. For example, if a hacker were to gain access to vehicle camera data, they could track user behaviour and private information such as their home address.
    3. Control algorithms and electronic systems: Automotive electronics systems control vehicle safety systems, the drivetrain, multimedia systems, advanced driver assistance systems, and much more. Malicious cyber-attacks could interfere with these systems and compromise the user’s safety and the vehicle’s operability. For example, if a hacker accessed a vehicle’s lane assist feature, they could inadvertently steer a car into harm.

    Real-world examples of connected car security exploitation

    While many automotive cybersecurity concerns seem hypothetical, hackers already have a history of gaining compromising access to vehicles.

    In 2015, security researchers at the Keen Security Lab remotely hacked into a Jeep Cherokee infotainment system, allowing them to take control of the vehicle’s steering, brakes, and transmission. This wireless hack led to a recall of 1.4 million cars and led to massive vehicle security standardization efforts globally.

    The following year, a group of Chinese researchers took control of a Tesla Model S’s brakes, door locks, and dashboard computer from 12 miles away. Tesla quickly issued a software update to address the vulnerability, but the same functionality that enabled this over-the-air update likely enabled the hack.

    In 2018, the Keen Security Lab team discovered fourteen vulnerabilities in BMW cars that allowed access to a vehicle’s head unit computer, the telematics control unit, and the CAN bus, ultimately leading to control over brakes and steering. This report was responsibly shared with BMW, and many of the technical details in this hack were excluded from the public announcement to avoid potential abuse.

    Connected car cybersecurity is a burgeoning field of research. Competitions simulate real-world attacks to identify potentially unknown vulnerabilities in automotive systems. Pwn2Own (Canada), Cyber Grand Challenge (DARPA sponsored, United States), Car Hacking Village (DEF CON conference, United States), and ESCAR (EU, Asia, NA) are the most famous conferences around the globe, each of which are sponsored by OEMs. Often, these competitions result in OEMs facing previously unknown security challenges that require solving, recall, or future design accommodation.

    Current automotive cybersecurity solutions

    Many hardware and software security solutions are actively used in vehicles sold today. While each automotive system’s design requirements vary, these devices are common across automakers.

    • Secure microcontrollers: These MCUs provide tamper detection, end-to-end encryption, and secure boot. Specialized microcontrollers such as the MAX32510 protect sensitive private information and prevent unauthorized access.
    • Secure Trusted Platform Module (TPM): Specialized crypto-processors like the SLI 9670 provide hardware-based security and a secure environment for storing cryptographic keys, passwords, and other sensitive data. In addition to being used for cryptographic key management, TPMs attest to a system’s integrity by affirming that the system has not been compromised and is generally tamper resistant.
    • Cryptographic Accelerators: When secure network communication and data protection is needed, cryptographic accelerators (such as NCJ38A) can accelerate encryption and decryption algorithms and run digital signature verification. These specialized processors are optimized to run specific cryptographic algorithms much faster than general-purpose processors. Automotive systems often use them to protect sensitive data, provide authentication, and secure communications for over-the-air updates and other applications where data integrity is paramount.
    • Secure Gateways: Automotive IoT networks rely on large amounts of communication that opens them up to network vulnerabilities. Secure gateways control and monitor traffic to prevent unauthorized access within the network. A secure gateway like the S32G-VNP-GLDBOX is a subsystem of an automobile and can be used in various network applications within automotive security.

    The Future of connected vehicle security

    Automotive cybersecurity is paramount in the era of connected cars. New technologies specifically combat unwanted attacks and keep vehicles safe. Automotive security breaches can result in, at minimum, unwanted data sharing and, at worst, behaviour that can be life-threatening to a user. Automotive security devices are optimized to prevent attacks of all kinds and keep modern vehicles and their OEMs safe, secure, and functional.


    Arrow Electronics
    Arrow Electronics


    Related Post

    Most Popular

    Best Picks

    Veridify, Overcoming the challenges of OT security in building automation with an STM32

    Despite popular belief, it is possible to secure legacy embedded systems properly, even if they lack today’s iron-clad cryptographic capabilities, the latest protections, or...

    Tsuyo’s Vision for Future Manufacturing: Incorporating Emerging Technologies and...

    Tsuyo Manufacturing is deeply committed to offering highly reliable, robust, and durable products designed to withstand a wide range of exposure and service conditions...

    Revamp Moto’s Vision for Advanced EV Features and Industry...

    Revamp Moto is a dynamic and forward-thinking electric vehicle (EV) startup, firmly committed to providing sustainable and adaptive E-mobility solutions. Their primary focus centres...

    ST and ZF sign multi-year supply agreement for Silicon...

    Silicon Carbide technology is widely used in semiconductor material which are easy to fabricate and provides good general electrical and mechanical properties. However, it...

    Exploring Electrochemical Properties: Unraveling Battery Performance and Behavior

    Automotive Test Systems stands as a trailblazing company with an extensive and diverse background in Product Validation, Structural Testing, Data Acquisition and Analysis, Vehicle...

    WISE Testing Solutions: Comprehensive Products and Services for Vehicle...

    WISE Testing Solutions Pvt. Ltd., a privately held company registered as a limited company, aims to provide a comprehensive range of products and services...

    Anton Paar: Revolutionizing EV Battery Testing with Standardization Initiatives

    Anton Paar, a distinguished company specializing in the development, production, and distribution of precision laboratory instruments and process measuring systems, alongside delivering customized automation...

    Exploring the Challenges and Testing Methods for Electric Vehicle...

    Aimil Ltd. is an esteemed organization celebrated for its exceptional expertise spanning multiple domains such as electric vehicle battery testing (both electrical and mechanical),...

    “The core idea behind u-blox has always been to...

    u-blox develops some of the world’s leading IoT communication and GNSS modules, chips and services supporting the industrial, automotive and consumer markets. Recently Andreas...

    Must Read