Automotive Network Security
By Sam Abuelsamid, Senior Research Analyst, Navigant Research (Automotive Network Security)
Over the last four decades, the automobile has followed the rest of our lives in transitioning from a place of relative isolation to constant connectedness and that trend is set to accelerate dramatically in the coming years. We’ve gone from zero electronics and at best AM and FM radio signals coming in to be on the verge of cars that are in constant communication with each other, pedestrians and infrastructure and security is becoming a critical component of the transportation ecosystem.
In 2015 a typical car with a selection of driver assist systems such as lane keeping, adaptive cruise control and blind spot warning may have anywhere from 50 to 100 CPUs constantly processing incoming sensor signals and sending out commands to actuation hardware. Approximately 0.5 GB of data per hour is generated in a typical car in order to do everything from delivering fuel to cylinders to applying the brakes to opening the sunroof. In most cases today, most of that data is going through a controller area network (CAN) bus, a technology originally developed by Robert Bosch GmbH in the early-1980s.
As we transition to ever more sophisticated automated driving systems and perhaps completely self-driving vehicles some day, the data load is going to explode so automakers are actively working on moving to the next generation of on-board networking technology including Ethernet that can provide substantially more bandwidth over fewer wires. A typical contemporary car may have over 300 pounds of wiring and automotive Ethernet is expected to reduce that by nearly a third.
However, getting all those bits where they need to be in the car is only part of the problem engineers face today. They also need to keep erroneous bits out. The era of automotive connectivity began in the mid-1990s when General Motors introduced its OnStar telematics system. OnStar used cellular connectivity to provide hands-free calling and services such as remote door unlocking, diagnostics and automatic emergency response in the event of an accident. In the intervening years, OnStar and competing systems have been far more capable with turn-by-turn navigation, remote monitoring of electric vehicle charging and even stolen vehicle recovery and slow-down.
Beginning in 2016 we’ll see the first wave of cars with vehicle-to-vehicle (V2V) communications that uses a Wi-Fi based technology called dedicated short range communications (DSRC). As ever more automated vehicles become increasingly connected to the outside world through DSRC and cellular networks, the possibilities for electronic mischief will ramp up dramatically.
Earlier this year, security researchers working for the United States Defense Advanced Research Projects Agency demonstrated the ability to remotely take control of an OnStar equipped Chevrolet Impala on the 60 Minutes news show. Automakers are aware of the risks of combining automation and connectivity but the potential benefits to both safety and efficiency are also huge. In its notice of proposed rulemaking to mandate V2V in upcoming vehicles, the National Highway Traffic Safety Administration estimated that 70 to 80 percent of accidents could be avoided if most of the vehicle fleet had V2V. But that assumes that no one will find a way to send a message to a vehicle that would trigger automatic emergency braking or lane changes or prevent the driver from controlling the vehicle.
Optimal security would seem to call for isolating communications and control networks in the vehicle. However, to reap the maximum benefits from connectivity and automated driving as well as meeting modern customer feature expectations, those in-vehicle networks cannot be entirely isolated. That means automakers will have to be much more aggressive in their efforts to stay ahead of the bad actors. Companies like Tesla have been publicly recruiting hackers at events such Black Hat and Defcon while other manufacturers have been doing the same more discretely.
If the next generations of vehicles are to be trusted by drivers and be successful in the marketplace, manufacturers need to do more. They need to consider following in the footsteps of tech companies like Microsoft, Facebook and Google and offer rewards for responsible disclosure of vulnerabilities and then they need to correct those flaws quickly. Not only do they need to respond to the issue of security, they need to be seen by the public to be responsive. After mass recalls of GM lock mechanisms and Takata airbags in 2014, automakers and suppliers cannot afford to be perceived as ignoring the network security of their vehicles.