The fight for cyber security
Today’s vehicles have a huge amount of computer power and future autonomous and connected cars will see this level increase. This means the fight against those trying to hack into them becomes even harder. By John Challen.
As automakers continue to innovate and incorporate new technologies into cars for the ultimate driving experience, new safety and cybersecurity challenges are emerging. Connected and autonomous vehicles will be dictated by software, so it will be critical that this software is safe and secure over the lifetime of the car. Consumer safety, costly recalls and brand reputation are at stake when a vehicle is compromised. On a fleet-wide level, such levels of security are essential to ensuring uptime and efficiency levels are as high as possible and drivers are aware of the fact that they are safe – in every sense – behind the wheel.
Alex Manea is chief security officer at Blackberry, one company that has been focused on developing strategies to strengthen the company’s security posture. As a founding member of BlackBerry Security, Manea has protected mobile, desktop and IoT devices, networks and infrastructure for over a decade. He believes that the IoT is fundamentally changing the way business is done and, in turn, how the entire world operates. “We’re taking pretty much everything there is in the world and connecting it to the Internet. These days we’ve got not just connected cars, computers and phones, but also connected fridges, thermostats, kettles and coffee-makers,” he reasons. “What’s happening is that the IoT is overwhelming our traditional IT environment and also the number of laptops and desktops and even the number of mobile devices we have in the world.” He points to the evidence of this by revealing that in 2017, there were 2.4 billion smartphones in the world, but there were already 6.4 billion connected ‘things’. By 2021, there will be 5.5 billion smartphones and 46 billion connected things, according to Manea. “So when we start thinking about the future of security and the future of hacking – such as what, specifically, are hackers going to target – we need to think about the IoT and also the lead use case for IoT, which is the automotive sector.”
Get connected?
Almost every car made today is, in some way, connected to the Internet. Cars boast more technology than smartphones and computers – on a typical high-end car there are up to 100 million lines of code. “If you compare the amount of code in a car, with the Android operating system, which has about 10 million lines of code, we are talking about an order of magnitude larger in terms of the amount of software on these cars,” says Manea.
“From a consumer standpoint it’s fantastic because there are a lot more features and the ability to drive autonomously,” he adds. “But it’s also good for hackers because having so many lines of code means there are potentially more ways to get into the car and a lot of software vulnerabilities in there.
“One of the trends we’re seeing is an upturn in the amount of hacking – specifically hacking computers and mobile devices. But latterly we’re starting to see hackers get into cars. One example is in 2015, when two security researchers took a Jeep Cherokee and were able to hack into the infotainment system and most importantly of all, jump into the driver’s seat and take control of the accelerator and braking systems. At this point, I’m less worried about someone getting my personal data and information, I’m more worried about personal safety and the safety of those around me.”
Automotive’s supply chain issues
One of the challenges the Manea sees in securing automotive applications is the existence of, what he views, as a “very complicated” supply chain. “In many other industries you have a standard supply chain where there is a single manufacturer and an ecosystem of third-party suppliers. In the automotive space you have so many different OEMs and also Tier 1s and Tier 2s and other suppliers. But security is only as strong as it’s weakest link, so with all the different links in there, all you need is a single one to be insecure and it takes down the entire ecosystem.”
But the Blackberry man is keen to point out that what the automotive industry faces is not just a technological challenge, but a sociological and philosophical challenge too. “We need to get people comfortable with them being able to take their hands off the wheel – literally and figuratively,” says Manea. “There is a very big physiological barrier because when I’m driving my car I feel like I’m in control; whether I am or not is a very different question. But if I’m driving a self-driving car, I don’t know what that coder is feeling, who has built the code for the car, or who certified it or what bugs it has in it. So if we want to get people comfortable with the idea of self-driving cars, they have to have a much higher level of safety and security than conventional cars.”
In response to this, Blackberry has set out a seven-pillar recommendation to try and ensure that cars can be made as safe and secure as possible. These recommendations are what the company believes to be the seven most important things that need to be done in order to achieve the required level of security and the company says they can be adopted for other markets.
The Blackberry seven-pillar recommendation
Behind the scenes, vehicle developers and suppliers will hopefully be doing all the hard work to prevent drivers suffering from cyber attacks when behind the wheel. Here’s Blackberry’s step-by-step suggestion for what they should be doing.
1) Secure the supply chain
Ensure that every chip and ECU in the automobile can be authenticated and loaded with trusted software, irrespective of vendor tier or country of manufacture. Use sophisticated binary static code scanning tools during software development to provide a broad assessment that includes open source code content.
2) Use trusted components
A recommended set of parts that have proper security and safety features – and have been hardened against security checks – is essential. The operating system must be safety certified and must have multi-level security features such as access control policies, encrypted file systems and thread level anomaly detection.
3) In-field health check
Ensure that all ECU software has integrated analytics and diagnostics software that can capture events and log and report to a cloud-based tool for further analysis. Also, ensure that a defined set of metrics can be scanned regularly when the vehicle is in the field.
4) Isolation
Use an electronic architecture for the automobile that isolates safety critical and non-safety critical ECUs and can also ‘run-safe’ when anomalies are detected.
5) Rapid incident response network
Create an enterprise network to share common vulnerabilities and exposures among subscribers. By doing so, teams can learn from each other and provide bulletins and fixes against such threats.
6) Life cycle management system
When an issue is detected using pillar 3, proactively re-flash a vehicle with secure over-the-air software updates to mitigate the issue.
7) Safety and security culture
Ensure that every organisation involved in supplying auto electronics is trained in safety and security with best practices to instil this culture within the organisation. This training should include design and development culture as well as IT system security.