Smarter Security for Smart Cars
Cars are changing. Smart cars, cars that adopted ICT for an easier and safer driving, are now being commercialized. Now, a car becomes a wheeled data center and the car manufacturer becomes a software developer. However, as more and more components of cars become connected to the Internet, risk will greatly widen. Hackers can remotely access and manipulate functions in the car including in-vehicle information systems, automatic braking systems, or even cutting off the engine while the vehicle is in transit.
Networks of Consideration for Connected Car Security
There are different networks that one needs to consider when thinking about car security – not simply within the vehicle in itself.
V2V = Vehicle-to-Vehicle:
Through the Communication Control Unit (CCU), a car can communicate with another car to transfer traffic-related information, including traffic status. Communication between a car and a neighboring car helps to prevent car accidents in advance and allows the car to be driven in a more secure way through a temporary network, including roadside units and cars.
V2I : Vehicle-to-Infrastructure
Through road-side units (RSUs) that communicate with cars, smart cars can configure a comprehensive network and be provided with various services. The RSU communicates with cars on the road to reduce traffic and provides drivers with an agile navigation system. An Information Transportation System (ITS) is configured by integrating the elements of the existing traffic systems such as cars, RSUs, and roads and signaling systems. Through the ITS, the efficiency and safety of traffic can be enhanced dramatically.
V2D : Vehicle-to-Device
A driver can figure out the status of the car and which element should be maintained by using a smart device such as smartphone or tablet. In addition, he or she can even control the car remotely from that device.
The Need For a Solution
Threat to these networks pose a very real threat to human life. As car manufacturers roll out new features and update the code, they need to keep security at the forefront. This presents challenges for developers as the development lifecycle for cars takes long to complete. Vehicle programming also contains some of the most complicated coding in all computer technology.
At Penta Security, we saw the dangers and began work on researching security for exposed areas. Considering all gateways or points of access for the car and developing methods of securing the channels of communication via encryption, we also delved into public key infrastructure (PKI) to authenticate the many different endpoints . This comprehensive connected car security solution resulted in AutoCrypt.
AutoCrypt AFW Advanced Firewall
Firewall Optimized for Vehicle Communication Protocols
Analyzes for malicious packets from external sources or abnormal packets occurring internally.
- Detects modified and suspicious traffic using patent-based technology
- The detection engine uses logical analysis and does not require signature updates.
- Support for various manufacturers internal network protocols including CAN Bus and Ethernet (SOME/IP, DoIP)
- Positive Security Model based protocol and application management
- Uses managed black/white listing to block malicious access and Deep Packet Inspection
- Application layer malicious traffic detection and response
AutoCrypt V2X Vehicle-to-Anything
Secure Communication System For Vehicles and Transport Infrastructure
An authentication/encryption system for vehicle-to-vehicle and vehicle-to-infrastructure communication.
- Development for authentication/encryption communication between vehicles and Road Side Units (RSU) and roads and traffic signals is currently in progress.
- It was designed adhering to vehicle communications standards IEEE 1609.2, CAMP VSC3, USDOT SCMS.
- IEEE1609.2 – Family of Standards for Wireless Access in Vehicular Environments (WAVE)
- CAMP VSC3 (Crash Avoidance Metrics Partnership Vehicle Safety Communications 3)
- USDOT SCMS (United States Department of Transportation Security Credential Management System)
AutoCrypt PKI Public Key Infrastructure
PKI Authentication System For Vehicles
A PKI system based on IEEE 1609.2 standards for certificate (Identified/Pseudonym Certificate) generation, operation, and management.
- System that generates certificates for vehicles and issues based on district roads
- Utilizes anonymity technology to protect driver privacy
- Lightweight technology based on ECC algorithms provides enhanced effectiveness
AutoCrypt KMS Key Management System
Internal Key Management System
A system that manages the life cycle process which includes storage, generation, and revocation not only for keys but certificates as well.
- Manages keys for communication between the internal Electronic Control Unit (ECU) and external sources.
- Secure storage and access control
- Prevents stolen keys and abuse of keys
- Connects with external key management systems
- Support for HSM
Electronic equipment controls all areas of a vehicle, including driving, brakes, steering, and various sensors. The vehicles manufactured these days are mounted with more than 100 Electronic Control Units (ECUs). An automotive company uses information collected from the ECUs to manufacture a safer and more convenient vehicle, and a driver can be provided with automated value-added services based on the vehicle driving information.
However, unencrypted information is transferred to the internal network of the vehicle. The impossibility of ensuring data integrity means that someone other than the driver may manipulate the vehicle remotely. If someone threatens a driver’s life by malfunctioning the steering device or stopping the engine while the driver is driving a car, it may lead to a disaster affecting other vehicles, pedestrians, and surrounding infrastructure.
The security accident of a company is just the loss of information; however, the security accident of a smart car can threaten people’s lives. For vehicle security, security should always come before connectivity.
Download our free infographic to find out more about the different channels vulnerable to hacking, and how AutoCrypt can prevent these attacks.