Safeguarding Automotive Cybersecurity: A Holistic Approach Beyond In-Vehicle and Cloud Systems
By Harsha Archak, ADAS/AD Domain SME, Cyient
With the automotive industry moving into a connected ecosystem, today’s digital landscape sees cybersecurity as a critical concern that extends to the realm of autonomous vehicles and advanced driver assistance systems (ADAS). The potential risks associated with vehicle hacking, including disabling or even crashing a vehicle, pose significant threats to passenger safety and public well-being. Addressing these challenges requires a comprehensive and proactive approach to managing cybersecurity risks throughout the entire automotive ecosystem. Most importantly, knowing these risks helps automotive OEMs and Tier-1 manufacturers stay ahead of the threats.
One of the key vulnerabilities in automotive cybersecurity lies in the Controller Area Network (CAN), an internal network that enables communication between vehicle components. Hackers gaining access to the CAN network can exploit it to take control of the entire vehicle system or disable specific components. By corrupting data from sensors or microcontrollers, attackers can trick the central processor into believing that certain components are damaged, leading to simultaneous shutdowns of ADAS features. To counter such attacks, OEMs must consider segmenting their networks and isolating critical safety components from those vulnerable to hackers. Additionally, incorporating encryption into the CAN protocol can enhance message security and thwart malicious mimicry attempts.
Once hackers infiltrate a vehicle’s network, they can tamper with any computer-controlled aspect, ranging from brakes to steering, deactivating the ability to physically override computer controls. Stealth is their biggest advantage, which makes it difficult to detect attacks from hackers. Hackers can launch self-inflicting attacks by overriding bits in the original message frames, triggering error messages that deceive the component into cutting itself off from communication. To mitigate this, OEMs should implement intrusion detection systems capable of identifying anomalous frames and consider network segmentation to prevent cascading failures.
Cyber Legislation: WP.29 & ISO/SAE 21434: Two crucial cybersecurity regulations, WP.29 and ISO/SAE 21434, will play a pivotal role in shaping the automotive industry’s cybersecurity practices. These standards, set to take effect in 2022, require securing vehicles throughout their entire lifecycle. OEMs and supply chains must adopt multi-layered cybersecurity solutions, encompassing development, production, and customer use phases, to protect against present and future cyber threats.
The culture of digital security acts as the first line of defense against attacks on vehicles. Building a strong defense against cyberattacks necessitates the implementation of strong and effective measures. Consolidating components into a single microcontroller unit (MCU) enhances processing power while simplifying defense mechanisms, however, if compromised, the consequences can be severe. Implementing self-checking mechanisms within the software can detect and interrupt malicious code injections, while fail-safe systems help mitigate intrusion repercussions. Masking components and using tamper-evident tape can limit cascading failures and allow for over-the-air patches. Software-based checks ensure components’ operational status, alerting the system to intrusions and thwarting disabling hacks. Segmentation of systems limits the impact of breaches, preventing hackers from compromising the entire vehicle’s functionality.
Leveraging machine learning offers an effective approach to detect and prevent attacks. By collecting and analyzing data through a platform like Elasticsearch, the vehicle’s internal network can identify malicious activities and alert drivers or mitigate their impact. Machine learning algorithms can detect potential exploits by analyzing logs stored in Elasticsearch databases, enabling proactive cybersecurity measures.
In the long run, network segmentation, regulated OBD2 port access, and encryption play pivotal roles in safeguarding against exploits. Altering the topology or segmenting the CAN network prevents targeted error-flooding from affecting critical systems. Regulated access to the OBD2 port through hardware keys or passwords safeguards against unauthorized devices. Encryption of CAN frame ID fields adds an additional layer of protection by making attack patterns noisier and more detectable.
As the automotive industry continues to embrace autonomous vehicles and ADAS technologies, safeguarding automotive cybersecurity becomes imperative. By adopting a holistic approach that addresses vulnerabilities in CAN networks, implements robust intrusion detection systems, complies with emerging regulations, and leverages advanced technologies like machine learning, the industry can mitigate cybersecurity risks and ensure the safety and integrity of vehicles in the digital era. This truly brings the connected driver experience to the forefront, keeping in mind the best interests and safety of the drivers without being affected by external vulnerabilities.
