Designing Automotive Security For Connected Vehicles

Industry collaboration is essential to protect against a variety of attacks.


The general concept of basic automotive security has been around for a number of years. Nevertheless, its scale and scope is rapidly evolving, with new classes of vulnerabilities brought to the fore as more and more electronic systems go online. Put simply, the automotive industry is connecting systems that weren’t originally designed to be part of the rapidly burgeoning Internet of Things (IoT). Indeed, the salient lack of security in the automotive sector has been illustrated by a series of recent, high profile hacks, including the Chrysler Jeep commandeered by Charlie Miller and Chris Valasek.

Fortunately, there is now a growing realization by many industry heavyweights that vehicular security is an issue that has to be dealt sooner rather than later. This is precisely why automotive and security companies such as Rambus have stepped up collaboration with each other to improve security in the sector. To be sure, the attack surface of a modern vehicle is quite considerable, ranging from standard electrical communications busses that expose unsecured functionality to OTA updates that offer limited functionality and lack personalization features.

In terms of the latter, while secure elements work well for some purposes, they aren’t entirely sufficient for OTA vehicle updates. Without personalization, the same key will likely be used in multiple vehicles. Of course, a specific key can theoretically be specified for each car. However, this would require automakers to implement the secure injection of keys at the manufacturing site itself. This typical lack of personalization means each vehicle is actually lacking a unique key – a critical prerequisite for the secure authentication of software downloads.

A hybrid approach to OTA, or one that combines software with a hardware root-of-trust, can securely provide updates via one-time, single-use keys unique to each vehicle. Essentially, this allows cars to cryptographically authenticate code before execution, while encrypting the payload to protect against attacks and unauthorized access. Although the issue of automotive security is undeniably a complex one, the use of simple, secure methods to download, authenticate and install vehicle updates represents a much-needed first step.

In a broader sense, while cars and trucks have traditionally been thought of as mechanical entities, modern vehicles are actually very sophisticated. They are equipped with a range of embedded communication methods and capabilities, including CAN, WiFi, USB, Bluetooth, OBD II (On-Board Diagnostic System), FlexRay and automotive Ethernet. It is important to understand that layers of security are necessary to protect the above-mentioned systems, preferably starting with a hardware-based root-of-trust and advanced isolation mechanisms that offer uncompromising protection against various forms of attack.

Industry collaboration is absolutely essential because one single company cannot fix automotive security by itself. Security architecture and procurement involve a plethora of components and are therefore already outside the control of any single supplier, chipmaker or automotive company. A more collaborative, comprehensive approach to automotive security is technologically possible and the industry is poised to adopt solutions that bring safety and security to the road.