Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
S
Auto Cybersecurity Standards, Regulatory and Legislative Practices
SERVICE UX IS MORE THAN DESIGNING AN INTERFACE…
SERVICE UX IS MORE THAN DESIGNING AN INTERFACE…
VEHICLE CYBER SECURITY
CURRENT AND FUTURE VEHICLES
Cyber Security – 2 Major challenges for Auto Industry:
1. Securing future vehicles
2. Securing the fleet of vehicles driving on roads today
• Achieving 1 : Change to Auto industry culture, training, automotive network architecture design, and willingness to cooperate
A range of technical solutions exist and are actively being investigated and developed
• Achieving 2 : Is very difficult and existing “bolt-on” methods will result in less-than-adequate security (e.g. adding intrusion detection/protection software)
November 19, 2019 Source: Infotainment & Telematics Service 4
VEHICLE CYBER SECURITY
‘ATTACK’ SURFACES
• Attack Surfaces: Cellular, Wi-Fi, BT, DSRC, RKE, TPMS, USB, OBD II port, etc.
• Interaction: Each node can be secure in itself but is it secure when connected to the rest of the vehicle? Testing security/integrity is challenging
• Many ECUs: (~50 to 100) ECUs and related processors to secure
• CAN Protocol: Was not designed with security in mind (no message or ECU authentication, low bandwidth, etc.)
• Security testing: Happening too far into production process to be effective
• “Black box” problem: Suppliers won’t share code due to interest in protecting IP
• Security perception issue: Security isn’t perceived as valuable until after a vehicle has been hacked
• Updates: Cannot rely on “always on” connectivity
• Safety: Often requires a vehicle be parked during an update
• Auto industry security training/education: Perceived to be not as sophisticated as in other sectors nor as much of a priority
November 19, 2019 Source: Infotainment & Telematics Service 5
VEHICLE CYBER SECURITY
CHALLENGES AND THREATS
November 19, 2019 Source: Infotainment & Telematics Service 6
Challenges Overview
Autonomous Driving Relies on connectivity and requires significant computing power to sense and perceive all manner of obstacles and driving conditions.
Wireless Connections More attack surfaces from multiple connections such as cellular, Wi-Fi, Bluetooth, and DSRC will grow considerably. They enable security updates, but must be protected.
Brought-in Devices Smartphones, tablets, OBD dongles can be used to connect/tether the car to networks.
Threats Overview
Connected Infrastructure Traffic signals, ramp meters, roadside sensors, and dynamic message signs.
Remote Monitoring & Control Reduces maintenance or operation costs and enables new business models (i.e. car sharing), adds security challenges
Internet Companies Working with the automotive industry for design, R&D and manufacturing. Their competitive advantage of fast iteration and “fix-it later” mentality may cause security issues.
Over-the-Air Updates Enables fast-fixes for bugs and reduces vulnerability by keeping legacy systems up-to-date, also increases the "attack surface“
VEHICLE CYBER SECURITY
ORGANIZATIONS & STANDARDS ACTIVITY
Organizations Recent Activities Links
Auto ISAC The Auto ISAC has released its own set of guidelines. https://www.automotiveisac.com/best-practices/
SAE SAE has formally released its guidebook for securing automotive cyber physical systems. Its cyber physical standard is J3061.
https://www.sae.org/standards/content/j3061_201601/
ISO ISO has developed a number of standards, including ISO 27001, 15408, 21434 (cyber physical). Other standards, such as 12207 apply as well.
https://www.iso.org/isoiec-27001-information-security.html https://www.iso.org/standard/50341.html https://www.iso.org/standard/70918.html (under development)
NIST FIPS 140-2, 199 https://csrc.nist.gov/publications/detail/fips/140/2/final https://csrc.nist.gov/publications/detail/fips/199/final
ENISA
The EU’s ENISA has launched a study on automotive cyber security to develop policies and provide a list of resources. The EU has also released rules for network and information system security.
https://www.enisa.europa.eu/publications/cyber-security-and-resilience-of-smart-cars http://www.hldataprotection.com/2016/07/articles/international-eu-privacy/european-unions-cybersecurity-nis-directive-adopted/
U.S. DOT/NHTSA
The U.S. DOT/NHTSA has released basic guidelines for automotive cyber security.
http://www.nhtsa.gov/About-NHTSA/Press-Releases/nhtsa_cybersecurity_best_practices_10242016
November 19, 2019 Source: Infotainment & Telematics Service 7
EXAMPLE HACKS
Hack Date Overview
Tesla passive entry relay attack
Sept., 2018 Criminals used signal booster to boost keyfob signal and enable passive entry. https://electrek.co/2018/07/31/tesla-theft-tips-help-prevent-relay-attacks/
BMW vulnerabilities May, 2018 Tencent’s Keen Security Lab discovered 14 vulnerabilities in BMW i series, X series, 5 series, and 7 series vehicles. One exampe attack involved creating a rogue GSM network and sending valid NGTP messages, via SMS, to the vehicle’s TCU. https://keenlab.tencent.com/en/2018/05/22/New-CarHacking-Research-by-KeenLab-Experimental-Security-Assessment-of-BMW-Cars/
Nissan LEAF mobile app hack
Feb., 2016 Basic insecure password issue. Nissan allowed users to input VIN as password to gain access. https://www.troyhunt.com/controlling-vehicle-features-of-nissan/
Jeep hack July, 2015 Miller/Valisek used various methods to gain access. The Wi-Fi password was the vehicle’s start-up timestamp, the firewall had open ports, etc.
8
CYBER SECURITY
PROGRESS, BUT CHALLENGES PERSIST
Many issues in the auto industry persist:
• Poor coding practices, lack of expertise.
• Too much code from too many vendors (e.g. 100 million LOC).
• Security through obscurity persists. Auto ISAC is gaining members, but information sharing is more limited – competitors are hesitant to share information.
• Lack of software engineers with embedded/automotive security expertise. Talent is hard to find, OEMs don’t want to pay high enough salaries.
• OTA updates limited to select OEMs and vehicle systems, primarily infotainment. The main exception is Tesla. This limits’ OEMs’ ability to deploy security updates to existing software in vehicles.
• Defense in-depth approach limited to future vehicle platforms/architectures.
• Lack of common set of standards for automotive cyber security.
9
But companies are making progress:
• Many OEMs do now have dedicated, internal cyber security groups, either in dedicated teams or experts embedded in specific teams.
• Automakers are deploying HMS and TPMs in more vehicles, providing the foundations for more secure vehicle sofftware and systems.
• Some cyber security solution vendors now have production contracts rather than simply proof-of-concept projects.
• Auto industry has (so far) managed to avoid large-scale hacks of connected vehicles, though this is more due to a fragmented supply chain and the lack of a strong economic incentive for cyber criminals.
• Tier 1s view security as important: Many large Tier 1s (e.g Bosch, Continental, Harman, Panasonic, Visteon, etc.) have acquired smaller cyber security firms, or created internal teams and hired people, to improve their expertise and improve the security of future products. Examples inlcude Continental acquiring Argus, Bosch’s Escrypt subsidiary, Harman acquiring TowerSec, Visteon has hired a dedicated team, and Panasonic now offers a dedicated SIEM solution.
OTA UPDATES
DEPLOYMENTS RAMPING UP
OEMs finally starting to deploy OTA update capabilities, though challenges remain.
Examples:
• Ford, using Wind River OTA update solution
• GM, using Harman and proprietary solutions
• Harman has more than 30 million vehicles on its OTA update platform
• Nissan, working with Harman and Microsoft, previously worked with Airbiquity
• Baidu adopts Excelfore for OTA update solution for Apollo project
• Excelfore has major OEM contract for 5M vehicles over multiple years, starting this year (2019) and 16M vehicles under contract with 10 OEMs
April 2018 Copyright© Strategy Analytics 2018 10
OTA UPDATES
BARRIERS TO IMPLEMENTATION
• Type approval regulations – OEMs can’t change a vehicle’s software without violating type approval laws in many countries • UN and EU have a working group focused on OTA and cyber security
regulations: • https://wiki.unece.org/pages/viewpage.action?pageId=40829521 • Regulators, OEMs, must still develop process for type approval that supports
OTA updates
• Car dealership pushback • Dealers see OTA updates as taking service business away • Concern from OEMs about OTA updates potentially violating dealer franchise
laws
April 2018 Copyright© Strategy Analytics 2018 11
12
Any Questions?
Copyright© Strategy Analytics 2019 November 2019
Ian Riches – VP Global Automotive Practice
@iriches
https://www.linkedin.com/in/iriches