Automotive Security Best Practices

Automotive Security Best Practices

WHITE PAPER Automotive Security Best Practices Recommendations for security and privacy in the era of the next-generation car 1 Automotive Security Best Practices WHITE PAPER Table of Contents Industry Contributors: David Clare, Automotive Technical Lead, NCC Group Shane Fry, 3 Introduction Security Researcher, Star Lab Corporation 4 Innovation in next-generation cars Helena Handschuh, 5 Automotive Security: Privacy Risks and Vulnerabilities Technical Director, Cryptography 6 Cybersecurity threat agents, models, and motivations Research Division of Rambus 8 Example use cases Harsh Patil, IoT Security Engineer, LG Electronics 9 Data privacy and anonymity Chris Poulin, 10 Designing Secure Automotive Systems Research Strategist, IBM X-Force 11 Distributed security architecture Dr. Armin Wasicek, 12 Hardware security Researcher, 13 Software security University of California at Berkeley 14 Network security Rob Wood, Global Hardware Lead, NCC Group 14 Cloud security services 15 Taking Advantage of Security Standards and Best Practices McAfee Contributors: 15 Security development lifecycle David A Brown 17 Supply chain security Geoffrey Cooper 18 Leveraging standards Ian Gilvarry David Grawrock 20 Operating securely for the full lifecycle Anand Rajan 21 Open Questions Alan Tatourian 22 McAfee Resources Ramnath Venugopalan Claire Vishik David Wheeler Meiyuan Zhao 2 Automotive Security Best Practices WHITE PAPER Automotive Security Best Practices Recommendations for security and privacy in the era of the next-generation car Introduction The ASRB will conduct research and collaborate on “Remember to lock your car” is no longer sufficient ways to improve automotive security products and advice to protect your vehicle. United States Senator technology, bringing together top security industry Edward Markey’s Tracking & Hacking report on talent from around the world. ASRB researchers will gaps in automotive security and privacy, as well as perform security tests and audits intended to codify successful recent attacks on car computer systems best practices and design recommendations for from different manufacturers, are just two reminders advanced cybersecurity solutions and products to of the increased threat to vehicle safety. Computer benefit the automobile industry and drivers. attacks are now a clear and present danger for car McAfee is part of a large and vibrant ecosystem drivers, owners, dealers, manufacturers, and suppliers. delivering components to the automotive industry, Increased automation, vehicle-to-vehicle and vehicle- including hardware, software, and security processes to-infrastructure communications, and advances in from chip to cloud and from design to driveway. A key autonomous driving add computer security and data player in the evolution of Internet security, McAfee is a privacy to reliability and safety as cornerstones for long-established participant in security, standards, and consumer confidence and continued success in the threat mitigation. McAfee considers itself fortunate to be automotive industry. in a unique position to collaborate with the technology, This paper is intended as an informative backgrounder security, and automotive industries to advance the and starting point for continued discussion and analytics, research, standards, and best practices on collaboration. The primary goal is to present the current secure driving experiences. state of automotive security, the main concerns, some Computers have made significant contributions to use cases, and potential solutions. This is by no means vehicle safety, value, and functionality—from stability an exhaustive review. This is the second version, control to electronic fuel injection, navigation, and theft incorporating comments from a variety of automotive prevention. They have also increased connectivity, and security researchers. Further comments are adding many functions common to smartphones, such Connect With Us welcome, and the intent is an ongoing working paper as as cellular data and voice functionality, web browsers, part of the Automotive Security Review Board (ASRB). online games, and entertainment. But increases in use of 3 Automotive Security Best Practices WHITE PAPER shared information and in-vehicle communication have Satellite Communications made cars vulnerable to cyberattacks. Each electronic Mobile Communications control unit (ECU) and the increasing array of sensors they work with must be secured in some shape or form, Security Systems BUS whether it is via cooperating or co-processors, code Schedule Travel and and Passenger verification, protection of data at rest and in transit, or Location Information other capabilities that have become common in Internet security. With vehicles already connecting beyond the Mobile Communications bumper, the risk has increased, and the core challenges will be establishing and maintaining trust, consumer WiFi Traffic and Vehicle-to-Vehicle confidence, and vehicle safety. Construction Innovation in next-generation cars By advancing network connectivity in cars, the industry Security Systems has enabled innovative functions, some of which are already available. These new functions are often referred Smart to as “cyberphysical” features, since almost all of them Intersection require collecting data from the physical environment Toll System and cybersystems, making automotive operation Fleet City Traffic Management Management decisions, and executing on such decisions with physical consequences. Some of these innovations include: ■ Advanced driver assistant systems (ADAS): Smart lighting control, adaptive cruise control, collision Figure 1. Ecosystem and infrastructure of the next-generation car. avoidance, driver fatigue detection, lane departure warning, and parking assist such as smart intersections, traffic light control, road trains, and traffic management, are key contributors to ■ Advanced fleet management: Usage and behavior monitoring, warranty restrictions by zone, real-time smart city operations. telematics, and package tracking ■ Autonomous driving: The ultimate goal of the next generation of vehicles is that driverless cars become ■ Smart transportation: Traffic congestion, vehicle sharing, and fuel efficiency are influencing existing a reality to achieve zero fatalities and/or collisions, operating modes and creating new ones. Vehicle-to- improved traffic flow, and other benefits, with early infrastructure and vehicle-to-vehicle communications, examples already visible from Daimler, Ford, Google, Tesla, and others. 4 Automotive Security Best Practices WHITE PAPER Automotive innovation is driving the need for built-in Security for complex systems like these is a collaborative security solutions and architectural design to mitigate effort, requiring a holistic approach, with the emerging threats. The goal for automotive security involvement and contribution of the supply chain and products is to ensure that the new vehicle paradigm is the broader ecosystem. Effective security cannot be protected and can operate to its full potential, even in a achieved by dealing with individual components, threats, malicious operating environment. or attack points. Unlike traditional computer systems, initiation and consequences in both the cyberworld Automotive Security: Privacy Risks and and the physical world are possible over vehicle attack Vulnerabilities surfaces, making it more challenging to protect the Whenever something new connects to the Internet, it vehicle’s systems. is exposed to the full force of malicious activity. When Airbag OBD II ECU something as complex as a modern car or truck is Remote USB Bluetooth Link Type connected, assessing the scope of threats is an immense App DSRC-Based Receiver (V2X) job, and an attack surface may be left unprotected Smartphone Passive Keyless unintentionally. Many security risks now extend to Entry vehicles—malware, Trojans, buffer overflow exploits, and privilege escalation. Let’s look at a few use cases to Remote Key illustrate potential threats, describe the attackers, and explore general approaches to mitigation. TPMS ADAS System ECU Vehicle Access With cars incorporating up to 100 ECUs, they are System ECU Engine and Lighting System ECU Steering and approaching the upper boundaries of the wiring Transmission (Interior and Exterior) Braking ECU harness, which is one reason the industry is moving ECU towards greater integration and virtualization, reducing Figure 2. Fifteen of the most hackable and exposed attack surfaces on the total number of ECUs but increasing the number of a next-generation car. functions and complexity of the software. The resulting 1 attack surface is broad, touching most in-vehicle As pointed out by Miller and Valasek, the success of systems and an increasingly wide range of external hacking cars depends on three major categories: remote networks, from Wi-Fi, cellular networks, and the Internet attack surfaces, cyberphysical features, and in-vehicle to service garages, toll roads, drive-through windows, network architectures. They identified more than seven gas stations, and a rapidly growing list of automotive and major categories of remote attack surfaces, based on aftermarket applications. their study of 20 recent models (2014 to 2015) from multiple different car manufacturers. Some, such as the 5 Automotive Security Best Practices WHITE PAPER CAN bus and on-board diagnostics, are designed to be Researchers and hobbyists robust and readily available; you just have to open the Researchers and hobbyists, sometimes funded

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    23 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us